Actually postal and freight services require you to label dangerous goods and may not accept some types of dangerous goods to start with. If they believe you've sent dangerous goods that has not been labeled as such they have the right to return the packege to sender or conduct their own investigation and delay the shipment.
Yes, you must label dangerous goods. However, if I send a sealed plastic bag of powdered sugar to somoene, the post office has no reason to automatically assume that my package contains dangerous goods. In fact, arguably, if I have packed it correctly, they have no legitimate means to know that it is a white powder. So, unless you can tell me some way that you believe that package (assuming it is properly packaged, not leaking, doesn't have traces of white powder on the outside, etc.) would be returned, I think we can both acknowledge that this comes closer to what most worm traffic looks like.
So in a sense if you send somebody an envelope and specify that it contains "dangerous white powder" and they actually accepted the shipment, they should deliver it. But if they see that it contains this powder and its labeled "love letter", then they should in fact open the envelope and test it or return it to sender to get more clarification about what it is.
Right... See above.
Now that's great in theory, obviously in practie this does not work and viruses do not get labeled as such. However my feeling is that most users don't at all object to ISP checking their received email for viruses, eventhough it maybe invasion of their private mailbox. Similarly I don't think its outside the scope of ISP on the origin side of email to do similar checks on behalf of the sender.
Well, users that don't object are welcome to ask their ISP and subscribe to that service. I don't want my ISP doing anything other than sending the appropriate packets to port 25 on my mail server. If the ISP is hosting the users mailbox on their system, that's a different issue. However, if my ISP tries to block my mailserver from talking to other mailservers, or, starts inspecting SMTP packets coming towards me for viruses, I am indeed, going to be initiating legal proceedings against them under ECPA. If an ISP is hosting a users mailbox, that is a separate value added service from "internet" service. I don't expect the ISP to tamper with email on the internet service. What they do in the mailbox service is a matter of that contract. It's not a service I want to subscribe to, so, I'm not as worried about what it does or doesn't do. The customer and ISP can agree on that contract, and, as far as I'm concerned, it's outside the scope of this discussion. We are, after all, talking about internet service, not mailbox hosting service.
Most residential ISPs get paid the same whether the customer spews abuse or not. Their costs go up some when they get abuse complaints and when abuse starts using more bandwidth, so, for the most part, most residential ISPs have no incentive to support abuse, but, not enough incentive to pay to staff an abuse department sufficiently to be truly responsive. Further, most abuse departments don't get enough support from management when the sales and marketing departments come whining about how much revenue that abusing customer produces each month.
Its not like a big spamhaus that orders gigabit line, we're talking about individual dsl users most interested in cheapest kind of inet connection. There is not much revenue in that and cost of dealing with spam reports when their insecure system becomes zombie is much greater.
Right, and, there isn't enough revenue in it to cover protecting the user from himself. That's why most major dialup ISPs have a really lousy abuse process. Now, if they'd start billing their end-users to cover the cost of a good abuse department, then things might change. Making non-abusive customers subsidize the abusive customers isn't the solution. Owen