nanog mailing list archives

Re: surge in spam email (fwd)

From: John Fraizer <nanog () EnterZone Net>
Date: Thu, 10 Aug 2000 01:14:08 -0400 (EDT)



On Wed, 9 Aug 2000, Brad wrote:


On Wed, 9 Aug 2000, David Charlap wrote:

With a proper set of laws on the books, law enforcement could simply
read the content of the spam to get a phone number, address or PO box,
and prosecute whoever owns it.  The fact that they abused a foreign
server in the process shouldn't change anything.


The only problem with that is the simple fact that geting
innocent people in trouble is more likely.  For example:
"Dumb Person A" sends a million SPAMs to anyone who will
complain about it.  In the message, they put a note telling
the recipiant to send $5 to "Innocent Victim B"'s Home/PO
BOX address.  Then person B gets all kinds of complaints,
and if the law read the email message, then they would pay
the price too.

-Brad


This is precisely the problem with some providers current policy.  Case in
point: Someone SPAMvertized a website hosted by one of our customers.  The
SPAM was injected from a UUNet dialup port by one of THEIR
customers.  What was their response?  They threatened to blackhole the /20
that contained the IP address of the website that was SPAMvertized.  We
try to make our BGP announcements responsibly but, actions like this will
force us to announce specific /24's, especially when further investigation
showed that the individual who SPAMvertized the site had no affiliation
with it what-so-ever and had done so in attempt to get the site shut
down.  In the conference call with one of our upstreams and UUNet, I asked
them if this was their firm policy -- no exceptions -- they blackholed ANY
site that was SPAMvertized.  I was told yes -- UNTIL I asked what they
would do if someone SPAMvertized _THEIR_ site to 10,000,000 newsgroups as a test of
their policy.

For what it's worth, we, along with the customer in question have a ZERO
TOLERANCE policy on SPAM.  The site in question _was_ shut down during our
investigation.

Punishing someone without proof that they indeed have done something that
is unacceptable is just opening ourselfs up for the newest, _EASIEST_ DoS
attack ever.  Now, a single 14.4 modem connect SPAM injector site can shut
down a site sitting on OC192.  Tons of bang for the buck to the DoS
kiddies, Huh?   Want to hurt the IPO of the latest .com to go
public?  Just SPAMvertize about it.

---
John Fraizer
EnterZone, Inc

Current thread:

RE: surge in spam email (fwd), (continued)
- - - RE: surge in spam email (fwd) Roeland M.J. Meyer (Aug 09)
    - Re: surge in spam email (fwd) Ben Beuchler (Aug 09)
    - Re: surge in spam email (fwd) Joe Abley (Aug 09)
    - Re: surge in spam email (fwd) Ben Beuchler (Aug 09)
    - Re: surge in spam email (fwd) Tim Salo (Aug 09)
    - Re: surge in spam email (fwd) Greg A. Woods (Aug 09)
    - Re: surge in spam email (fwd) Barry Shein (Aug 09)
    - Re: surge in spam email (fwd) Derek J. Balling (Aug 09)
    - Re: surge in spam email (fwd) David Charlap (Aug 09)
    - Re: surge in spam email (fwd) Brad (Aug 09)
    - Re: surge in spam email (fwd) John Fraizer (Aug 09)
    - RE: surge in spam email (fwd) Marc Van Hoof (Aug 18)
    - Re: surge in spam email (fwd) Greg A. Woods (Aug 09)
    - Re: surge in spam email (fwd) J Bacher (Aug 10)
    - Re: surge in spam email (fwd) Barry Shein (Aug 10)
    - Re: surge in spam email (fwd) Greg A. Woods (Aug 10)
    - RE: surge in spam email (fwd) Roeland M.J. Meyer (Aug 10)
    - Re: surge in spam email (fwd) Shawn McMahon (Aug 11)
    - Re: surge in spam email (fwd) J.D. Falk (Aug 11)
    - Message not available
    - Re: surge in spam email (fwd) J.D. Falk (Aug 11)
    - Re: surge in spam email (fwd) Andrew McNamara (Aug 09)

(Thread continues...)