nanog mailing list archives
Re: IP spoofing and spamming
From: Dalvenjah FoxFire <dalvenjah () dal net>
Date: Tue, 28 Oct 1997 18:38:09 -0800 (PST)
I'm no lawyer, but i'd do the following: * Have an AUP that has something akin to the following paragraph: If you spam, either through us or through another ISP, then your account with us will be terminated with extreme prejudice. You will also be charged <some exorbitant sum of money> for our work in tracking your spam down and repairing our reputation. Then, you can talk to the other ISP, explain the situation, request that they forward 10 or so of the complaints to you, and boot the idiot. Granted, I don't know how this would work as far as contract law goes, but it seems to make some amount of sense. -dalvenjah Hank Nussbacher put this into my mailbox:
Please no religionics. Part of the below is true - part is what will happen in the near future: I have a spammer I am trying to block. He is multihomed to me and ISP X. He has address a.b.c.d from me and address a.b.c.e from ISP X. Users started seeing spams from a.b.c.e and complained to ISP X. He shut off SMTP to the customer but the spamming continued. Turns out the user defaults out to me no matter what, so his address was a.b.c.e when coming out of me. For me that is a spoofed address. I then go to block his spoofed address. User then says, it is a valid address and I have no business blocking his IP addresses, whether he has them from me or ISP X. I then say I'll block SMTP and the user says, "show me one letter from a user on the Internet complaining to you that I am spamming". Since his dns is located elsewhere and since the IP addresses are not mine, the users aren't complaining to me - but to ISP X and perhaps ISP Y (providing him secondary DNS service). All the ISP X & Y attempts to shut out the spam aren't affective due to the multihoming. What do we do in these cases?
-- Dalvenjah FoxFire (aka Sven Nielsen) "Sir, your wit ambles well; Founder, the DALnet IRC Network it goes easily." e-mail: dalvenjah () dal net WWW: http://www.dal.net/~dalvenjah/ whois: SN90 Try DALnet! http://www.dal.net/
Current thread:
- IP spoofing and spamming Hank Nussbacher (Oct 28)
- Re: IP spoofing and spamming Karl Denninger (Oct 28)
- Re: IP spoofing and spamming J.D. Falk (Oct 28)
- Re: IP spoofing and spamming Dalvenjah FoxFire (Oct 28)
- Re: IP spoofing and spamming Stephen Dolloff (Oct 28)
- Re: IP spoofing and spamming Dale Drew (Oct 28)
- Re: IP spoofing and spamming Jon Lewis (Oct 28)
- <Possible follow-ups>
- Re: IP spoofing and spamming Hank Nussbacher (Oct 28)
- Re: IP spoofing and spamming Karl Denninger (Oct 28)
- Re: IP spoofing and spamming Steve Mansfield (Oct 28)
- Re: IP spoofing and spamming Alan Hannan (Oct 29)
- Re: IP spoofing and spamming Jeremy Porter (Oct 29)
- Re: IP spoofing and spamming Hank Nussbacher (Oct 28)
- Re: IP spoofing and spamming Sean Donelan (Oct 29)