Re: Monitoring, Flow Stats (Re: spam whore, norcal-systems)

[Christopher Neill <chris () verio net>]

On Wed, Feb 03, 1999 at 03:25:46PM -0500, Dean Anderson wrote:
> They did legislate; a number of times in fact. It was called the Electronic
> Communications Privacy Act. First created in 1968, then modified a number
> of times, most recently in 1996 to specifically to make it broad enough to
> protect email.  You can see it in 18 USC 25xx (in-transit communications)
> and 18 USC 27xx (stored communications).  One doesn't lose privacy
> protections merely because they are or might be doing something you don't
> approve of.
>
> But since they have already covered this territory, I'll refer you to the
> archives.

Okay, one last time.. (for those of you playing at home).

There's an ISP, let's call it GenerNET. GenerNET has an abuse department, and one day it notices that instead of the 
usual dozen or so spam complaints, it has received over 200. GenerNET looks that the messages that users from all over 
the Internet has forwarded to it and sees that it has one common denominator--the majority of the complaints seems to 
be originating from SpamCreep (192.168.192.0/23).

SpamCreep is a customer of WebHoster (192.168.0.0/16), colocated off Ethernet in their Buffolo, NY POP. A call to 
WebHoster is placed to let them know the situation and WebHoster is well aware of the situation--in fact, they are in 
the process of terming SpamCreep for violating their AUP. 

After Engineer 1 and Engineer 2 at GenerNET talk it over, and after discussing what to do with WebHoster at length, all 
parties verbally agree that the best course of action would be that GenerNET would not allow 192.168.192.0/23 to make 
outgoing connections on tcp 25 (which, incidentally, they have gotten around somehow and the only thing stopping me 
from routing the whole /23 to null0 is the arbitration process that I spoke of earlier which doesnt give me the 
authority to act on my own).

At the end of a short period of time GenerNET's engineering department saw that there were a hell of a lot of matches 
to the access-list on their border router in Buffolo, NY on that Ethernet. So they felt that as a curteosy to our 
fellow operators they would let them know that SpamCreep (*NOT* WebHoster) had given them a large amount of grief, and 
furthermore that they don't support the kind of grief they were getting from pissed off Internet users, and that they 
were handling the situation and *HOW* they were handling it.

Then came along the "Digital Bill of Rights" wackos that appearantly don't have the misfortune of being a network 
operator and don't understand about the reprocussions their pipe-dream musings about what should and shouldnt be would 
have on the already delicate art of running a network on the Internet. Clearly you dont know what you are talking about 
in this regard. I can't run a network contemplating my navel, and if I did, I would expect to be fired. I run a network 
based on policy, our policy is to not provide transit for spammers. BOOM! And there you have it, end of discussion..

Check this out:

:0
* nanog.*@merit\.edu
* dean@.*av8\.com
/dev/null