Well, this discussion is sliding into paranoia and fear rapidly enough. Let me start out by stating that, while I have started recommending direct action of an appropriate sort against AGIS as they are harboring a significant abuser of the net as a whole, illegal acts of any sort are inappropriate and I condemn them. My idea of appropriate is termination of BGP connectivity, AGIS customers leaving for more responsible providers, cutting off news feeds and access, firewalling their networks, etc. This is based on AGIS cheerfully providing enough bandwidth to Cyberpromo (and now, Nancynet) for each and every Internet user to get on the order of 5-10 email spams each and every day from Cyberpromo alone, who appear ready and willing to do so as they improve their mail sending software. However, if I find any information indicating that anti-spammers attacked AGIS in violation of applicable laws, I will turn them in. Bad guys on my side isn't something I approve of. Some providers on this list are complaining that they don't feel it's fair to get blamed if they provide, say, web service to someone who's spamming via another provider. Let's look at the situation from two viewpoints. Viewpoint one is a strictly interpreted AUP: if you abuse the net from my site or via my site, you get shut down. Viewpoint two is that of many end users, which is that an abuser should be disconnected from the net everywhere and stop abusing end users, rather than strictly looking just at which AUP got violated in the abuse. Viewpoint one is the minimal one for friendly cooperation as a responsible internet provider these days. But a lot of people feel that spam is rapidly becoming enough of a problem that it's irresponsible for anyone anywhere to knowingly provide spammers with any sorts of services on the net. If a hypothetical Spammer is sending a zillion messages a day via various accounts at dialup providers (which are getting turned off regularly), but all point to a web site you run, if you let them keep the site forever you are effectively saying that spamming is ok as long as it's done somewhere else. Which is, in my opinion, not a great attitude. Even if you do have that attitude, you must understand that a large number of upset spam victims will not agree with you and will hold you responsible. Fears of government regulation are probably wise, but there are ways to approach this problem that don't cause unnecessary headaches. One is to explicitly extend 47 USC 227 (the anti-junk-fax law) to cover email, without adding any extraneous language. There is an effort underway right now to actually write the language to do so and present it to Congress and try and get the Internet Caucus members to sponsor the legislation. This extension will impose a $500 fine on spammers per mail, but won't hold providers responsible or open the door to further unreasonable regulation. In a way, it's sort of the Sanford Wallace Memorial USC... the junk fax law came about because he was junk faxing right and left. Now, the extension to cover email is being proposed because he's doing email spamming right and left. Telcos can live with 47 USC 227 (it doesn't affect them at all). So can ISPs with the extension we're talking about. -george william herbert gherbert@crl.com