North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SPEWS?

  • From: Sandy Harris
  • Date: Thu Jun 20 15:31:20 2002

Andy Johnson wrote:

> > Let me clarify, then.
> >
> > If the offending ISP does not respond, and you have exhausted all avenues
> > available to you to get the ISP to get its customer to stop spamming -
> > whether by TOS'ing the customer, education or whatever -

... and you've waited a reasonable time ...

Then the ISP is obviously either incompetent or deliberately aiding the
spammers. Why should you even consider anything less than blacklisting
every netblock the ISP has? 

> > then escalation may work if the collateral damage caused by escalation
> > is enough to get the spammers' neighbors to complain to the ISP.

The objective isn't just to stop that spammer. If the ISP is clearly
acting irresponsibly and not dealing with a spam problem, getting them
to wake up is more important than the individual spammer.

> > And I don't think this is a potential solution only for spam; it is
> > appropriate (IMESHO) in other abusive situations too.
> >
> 
>     Doesn't anyone see the irony here? Fighting abuse with abuse is somewhat
> counter-productive. ...

Not if its the only way to wake up that ISP.

Of course, this sort of block must be a last desparate measure. At
a minimum, the spammer's been at it for weeks and you've mailed [email protected],
[email protected] and the whois contacts without eliciting a response from
the ISP, before you even consider it. 

Even then, you should likely try phoning the ISP and/or browsing
their website for other contact addresses before taking such a
drastic action.

But if drastic action seems the only way, don't stop at half
measures. Blackhole every netblock they have, and for all
packet types, not just email.