Re: Lawsuit threat against RBL users

[George Herbert <gherbert () crl com>]

Karl Denninger <karl () Denninger Net> writes:
> The problem with this is that someone, sooner or later, is going to 
> take a run at people trying to set up what amounts to a set of contractual
> requirements that exceed legal requirements - and then enforce them network
> wide.
> The collusive aspect of this is downright scary, especially when coupled
> with threats of depeering, active denial of service attacks, etc.
> I happen to be an "anti-spammer", but when you get to the point that you
> start telling people what they have to put in their contracts as an industry,
> such that if Person #1 commits an act on a *completely unrelated* system
> they get their contract voided you're treading on very, very thin ice.
> That looks an awful lot like an industry-wide blacklist, and those are
> dangerously close to being per-se illegal.

Let's put two scenarios forwards.

Scenario 1:
Company A has a web site hosted at ISP Z, and a bunch of throwaway
dialup accounts on ISPs P, Q, R, and S.  A spams ads for the web site
on ISP Z via those throwaway dialups.  P, Q, R, and S kill the dialup
accounts used; people also complain to Z.  If Z fails to close the
web site that was spam advertised, someone complains to RBL who 
blackhole the web site server.

Scenario 2:
Company B has a set of web sites for various subsidiaries,
hosted at ISPs T, U, and V.  The marketing department for the
group hosted at T spams via a bunch of dialups.  People complain
and dialups get nuked; people also complain to T, U and V asking that
B be nuked.  It isn't, so it gets reported to RBL and MAPS do thier
thing on the website servers at T, and also on U and V which were not
involved in the initial spam but are related to the company.

In the first case, there is clearly a connection between the
spamming and the website that gets RBLed; it was directly advertised
by the spams.  That direct link is sufficient under current RBL rules
and meets my definition of terminatable customer.

In the second case, one of the sites meets the above definition, 
but the sites at U and V (which may be for completely unrelated
subsidiaries or groups within B) don't necessarily.  This might
begin to approach an illegal blacklist.

The question is, are any cases similar to scenario 2 actually happening?
As far as I know, no.  Companies that have many websites that are having
all their ISPs pressed to nuke them generally are spamming to advertise
most or all of them, not just one or a few.  


-george william herbert
gherbert () crl com   I speak for myself only, I am not a CRL employee