In a message written on Wed, Sep 24, 2003 at 01:28:19PM -0500, Justin Shore wrote:
True. However I also subsribe those beliefs. When an ISP knowingly allows a spammer to sign up for network service, knowing full well what they are planning to do with it (read: pink contracts), and ignores abuse complaints then what other form of action is there than to use collateral damage at that ISP? Providers more often than not intentionally put
The answer is to take the high road and just list the spammer. If, as you suggest, the ISP knowingly signs up the spammer then they already expect the collateral damage, are probably, in general ok with it, and you're not going to have any effect in getting them to change. However, by listing larger and larger blocks of unrelated customers you piss off random end users, and more importantly the mail admins that use -- and could support your RBL. I know more than a few mail admins who gave up on various RBL's after they "went off the deep end", blocking more legitimate mail under the guise of trying to force ISP's to do something than spam. I suspect a well run RBL that was able to take the high road, and offered good responce time would find mail admins would pay a small subscription fee, they could buy bandwidth from a provider, and more importantly since they were a paying customer and not a kook they would get excellent support from ISP's in tracking DDOS attacks. That said, I don't think the RBL users often understand the complexity of the issue, which further annoys ISP's. I know I've been involved in several issues where a reputable e-commerce site buys service quite above board. They then have an affiliate program, where people can sign up online and get goods. A number of spammers then sign up, joe-job the e-commerce company and make off with a few hundred dollars in goods. In the cases I've been involved with the e-commerce company immediately terminates them for violating the terms of the affiliates agreement, but it only takes two or three of these instances for the RBL's to start blocking the company, screaming "pink contracts" and blocking the ISP's other users. So, while the RBL's hurt the ISP's, and the ISP's tie up the RBL's time with an issue they aren't going to be able to solve the real spammer gets away scott free, and the ISP has to deal with other customers who have been caught in the collateral damage of the RBL. Just once I'd like to see an RBL come to my employer saying "we've found this spam we think transited your servers and would like to work with you to find the real source and block it". Insted they all seem to send an e-mail to the effect of "You pathetic worthless $*&@&@#&$#$. Stop sending this crap and terminate your customer in the next 10 minutes, or else" and then proceed 10 minutes later to list every IP ever affiliate with the ISP. No wonder the same abuse people aren't eager to help when the RBL comes back and asks for help. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org