On Fri, 27 Dec 1996, Paul A Vixie wrote:
Wow, a network discussion on NANOG that is actually north american in nature.
Basically, but not entirely; issues such as junk email, blocking networks in routers, silently deleting/dropping email, and/or launching "attacks" against other sites seem to always start in the U.S., then slowly migrate across the Internet (which is, of course, global in nature). As you will recall, this thread started because of someone in the ".ro" domain. Something a lot of people forget, is that these issues are not as simple as "contact your local law enforcement office" - the Internet knows no boundaries, so it becomes quite common for problems to spread across jurisdictions (which in the "real world", leads to slower response from multiple law enforcement agencies due to required "due process" - after all, who was killed, what millions were lost?). For example, many people in Australia (".au") are hit with junk email from the U.S. (mostly ".com", it seems); in cases where the subject of the junk email relates to pornographic material for sale, the matter becomes one of breaching the laws in Australia relating to censorship/labelling of such material (and indeed, commercial advertising without the required company identifying information). What can Australian law enforcement agencies do? Not much. Do they really expect to achieve anything by extraditing someone from the U.S. to face charges of breaching numerous Commonwealth statutes? Not really. This "reality" (nothing to gain from "small fry", so nothing done) actually works in the Internet's favour, because it means law-makers and law enforcement generally stays out of the way, leaving the Internet "community" to deal with the matters themselves. Problem? Many people in the Internet "community" refuse to do anything (for whatever reason), be they small-time ISPs, or large national/international backbone providers. Sure, some people walk the walk and talk the talk - some even actually follow-through .. but by-and-large, these problems are growing, and with less and less co-operation within the "community", the calls for law-makers and law enforcement agencies to get involved grows louder and stronger. Is that really what everyone wants? (Serious question.) The Internet was once a *co-operative* network; whilst the Internet of today is clearly more commercial in nature compared to its academic and research origins, is it really all that much *less* co-operative? Questions were raised about "blacklists" and "cartels", and all manner of mechanisms whereby individuals and groups could be made to "toe the line" of co-operation; it was also mentioned that allowing everyone to be their own judge, jury and executioner can lead to seemingly unjust labelling of sites as "rogue", without any attempt to verify this with the sites in question. I submit that the reason a lot of this is happening is frustration - frustration that there is not enough co-operation to have stopped the problems before they got this far (let alone any further). I know that I've reached the stage whereby I don't care if I add a whole domain to an email "blacklist" (don't receive any messages from said domain) due to only a few miscreants - it's become far easier to do that, than hit my head against the proverbial brick wall, trying to get ISPs in the U.S. to do something (despite providing all evidence available). Do you realise that these sorts of lists are now becoming akin to trophy cabinets? "I have 200 entries in my list." "Oh yeah? Mine has over 500!" "Wow, gimme a copy!" This is *not* a good evolution of the Internet, surely! :-( If groups insist on adopting a passive stance in the face all this rubbish, then it's no wonder that "blacklists" and "cartels" develop, taking matters into their own hands. If many people blocking traffic from the same site help to wake that site up to its own lack of co-operation, then maybe the end justifies the means? (Rhetorical.) It was suggested that using the populist media can aid in raising awareness in the "real world", to shake an ISP into action; with the ever-increasing number of incidents, and their global nature, how many people here have the time (or indeed, the money) to keep putting into this sort of activity? I know I sure as hell don't. Read that some site is not co-operating to deal with troublemakers at the site? No messing about, straight into the email blacklist. It's not always possible for an organisation to provider 100% protection, either for its users or from its users, but at least *co-operating* to do *something* is a sign of willingness - and that has to be good for everyone. Think about it - we have nothing to lose, and everything to gain by solving the problem ourselves as members of the one global community. Cheers.. David J. N. Begley Network Analyst, UWS Nepean, Australia [ Suspected "respectable" clearinghouse: http://www.vix.com/spam/ :-) ]