|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: open relays at Earthlink
On Sat, 22 Aug 1998, Steve Davies wrote: > ISPs sell customers a TCP/IP connection to the Internet. To me that means > taking my IP datagrams and delivering them to where I address them. I > don't see that filtering of outbound traffic is part of such a product, Fair enough. > On the other hand, I would fully support anyone's right to filter > connections from my dialin user pool addresses if they felt that they > needed to do that. I would, in my personal opinion, be happy to provide > such a person with my IP pool address ranges, or info on the domain names > we use for that (which are easy to deduce, anyway?). This is what we do here. Our MTA returns "We dont' accept mail from dialup ports" to the senders. As long as uunet maps their dialups into subdomains, it's no problem. > (Of course, I'd rather persuade this person than my organization deals > responsibly with spammers - but no doubt I'd be unable to persuade some) This is the heart of the problem in the US. The practice of renting dialup to other providers is not a problem as long as the people who OWN the equipment do not disclaim responsibility for it's use. What is happening in the US is that a spammer (typically) will get on some service which uses UUnet equipment and start spamming on a Friday night. You send a complaint to UUnet and get a robotic response, but the spammer will continue on until Monday at least, when UUnet's customer shuts him off. This is unacceptable. UUnet's US abuse department has claimed that such spammers are not their customers, so they are not responsible for what the spammer does while using their equipment, and so UUnet is violating it's own AUP. This leads to a bad, bad, place. What if the abuser were a smurfer or a ping-flooder instead of a spammer? Right now, UUnet in the US is the main source of spam on the internet, and this is due to UUnet's irresponsible policy. US spammers have found that it is cost-effective to get an account from an access reseller which uses UUnet hardware, and spam for up to a week before action is taken against them. You can send a million spams for the cost of one entry-level dialup account. They do this repeatedly, as evidenced by a single spammer using an NYC uunet pop for at least two months now. This has to be fixed to make spamming more expensive. Shut off the spammer as soon as complaints come in, and then forward the whole mess -- Spams, complaints, logs -- To the reseller and let them sort it out AFTER the spammer's access is removed. Bill <[email protected]>
|