On Tue, Jun 08, 2010 at 11:14:10PM -0700, Paul Ferguson wrote:
1. Should ISPs be responsible for abuse from within their customer base?
Yes -- if they wish to be considered at least minimally professional. The principle is "if it comes from your host/network on your watch, it's your abuse". Given that many common forms of abuse are easily identified, and in many cases, easily prevented with cursory due diligence upfront, there's really no excuse for what we see on a regular basis. Abusers have learned that they don't have to make the slightest effort at concealment or subtlety; even the most egregious and obvious instances can operate with impunity for extended periods of time. [1] As I've often said, spam (to pick one form out of abuse) does not just magically fall out of the sky. If I can see it arriving on one of my networks, then surely someone else can see it leaving theirs...if only they bother to look. And of course in many cases they need not even do that, because others have already done it for them and generously published the results or furnished them to the RFC2142-designated contact address for abuse issues. ---Rsk [1] One would think, for example, that many ISPs and web hosts would have learned by now that when a new customer fills a /24 with nonsensically named domains or with sequentially numbered domains that the spam will start any minute now. But fresh evidence arrives every day suggesting that this is still well beyond their capabilities.