Unless you like playing whack-a-mole, you need a smarter hammer, not a bigger one.
Email peering *IS* a smarter hammer. If all the cluefull email administrators would set up peering agreements with each other and exchange contact information, there would be fewer of these situations. Part of the problem is that there are no agreed rules of engagement for email abuse issues. By setting up email peering agreements in advance, we could put those rules of engagement in place and we could ensure that our email peers have the *RIGHT* contact information. Domain registry whois listings and INOC-DBA are not the right contact information because they are too general. Now, an email peering agreement could very well specify that certain whois contact listings should be used as a second resort and that agreement would make them the right contact info. Also, the email peering agreement could specify that INOC-DBA phone number ASNUM*999 is the number one choice of contact method and then it would become the right way to contact email peers. The fundamental problem is not that there isn't technology in place to solve these problems; it is that there aren't *AGREEMENTS* in place to solve these problems. Organizations like CAUCE are happy to just bitch and moan instead of working to bring all email operators together to set up working agreements for *MANAGING* the email abuse problems instead of always letting the abusers take the first steps and drive the whole issue. Anyone for a joint NANOG/CAUCE meeting? http://www.cauce.org In fact, given the past experience with two joint ARIN/NANOG meetings could the best way forward be to have more joint meetings that combine a NANOG meeting with some other non-BGP/routing operational forum? Perhaps something jointly with a security organization like CIS? http://www.cisecurity.org/ Suggestions? --Michael Dillon