chris has been answering a lot of complaintage here today. here's my omnibus:
... 2) 701 gets complaints, notifies good customer Exodus who terms the ... 13) return to step 2
This process happens repeatedly, spammers know they can get about a month of time (or more, depending on upstreams and hosting providers in question) ...
so, normal business case or risk analysis would seem to have led uunet to put procedures in place that would try to break this loop. for example, if a complaint indicated that a known spammer was back downstream of as701 but through a different customer of yours, you'd null-route their cidr block BEFORE "notifying good customer who terminates". all you have to do to break this kind of loop is make it less profitable, or more expensive, for the person who is presently benefitting from your lack of procedures. you don't have to stop the spam, merely reverse the shifting of costs. but that presumes it's costing you more than you're making from it, which is probably a very difficult business case to make to upper management. by the lack of ordinary cost control and risk analysis, your management team shows their true colours.
The 'security' or 'safety' of the backbone is not affected by:
1) portscaning by morons for openshares 2) spam mail sending 3) spam mail recieving ... So, the issue of termination for this reason isn't really valid. Hence the off-topic-ness of this thread.
what about 4) using receiver-side blackholes to make up for lack of sender-side policy you can terminate the thread, but the fact that you and sean aren't willing to disco spewing endsystems is leading to intentional internet instability, and that means sooner or later, this thread will be back, just like always. -- Paul Vixie