[In the message entitled "Re: Stealth Blocking" on May 24, 15:12, Mitch Halmu writes:]
On Thu, 24 May 2001, Dave Rand wrote:
That's why I think that port 25 blocking is the only way. That, and closing open relays, of course.
No, that is NOT the only way. We presume that the spammer had 8 dial-up accounts. Who is this professional spammer, and how come he/she/it can still find a provider? That is the question. Perhaps also who is the merchant that ordered the promotion?
Many of these spammers are using phished accounts, or credit cards. Or they use stored-value cards, if they are even a little bit legit. And, he likely only needed one account, with 8 machines signing into that one account (most ISP's don't have the ability to restrict multiple logins). Dialup providers make it easy to become a customer. This is good, because Mom & Pop can sign up. This is bad, because a spammer willing to lie can open an account with a minimum of information. Most providers are unwilling to make the sign-up proceedure tougher.
The identity of such individual or company belongs on a black list. Yet the spammer is able to subscribe again tomorrow, next week, next year... and nothing happens to them. That is the point where control should be exercised.
As mentioned earlier, even with court orders against it, spammers still sign up, and send out spam. They do not operate by the same rules, or even care about potential liability. As an analogy to the real world, I was speaking with the head of a 911 call center recently. It used to be that crooks would go to some trouble to conceal their identity. With the recent rise in the use of crank, there is now *no* attempt to hide. They will steal blank cheques, then go to the bank and forge them in front of tellers, regardless of the cameras, and the ability for the teller to identify them. Spammers might not be doing crank, but *they just don't care* if we id them. --