Karl Denninger <karl@Denninger.Net> writes:
The problem with this is that someone, sooner or later, is going to take a run at people trying to set up what amounts to a set of contractual requirements that exceed legal requirements - and then enforce them network wide. The collusive aspect of this is downright scary, especially when coupled with threats of depeering, active denial of service attacks, etc. I happen to be an "anti-spammer", but when you get to the point that you start telling people what they have to put in their contracts as an industry, such that if Person #1 commits an act on a *completely unrelated* system they get their contract voided you're treading on very, very thin ice. That looks an awful lot like an industry-wide blacklist, and those are dangerously close to being per-se illegal.
Let's put two scenarios forwards. Scenario 1: Company A has a web site hosted at ISP Z, and a bunch of throwaway dialup accounts on ISPs P, Q, R, and S. A spams ads for the web site on ISP Z via those throwaway dialups. P, Q, R, and S kill the dialup accounts used; people also complain to Z. If Z fails to close the web site that was spam advertised, someone complains to RBL who blackhole the web site server. Scenario 2: Company B has a set of web sites for various subsidiaries, hosted at ISPs T, U, and V. The marketing department for the group hosted at T spams via a bunch of dialups. People complain and dialups get nuked; people also complain to T, U and V asking that B be nuked. It isn't, so it gets reported to RBL and MAPS do thier thing on the website servers at T, and also on U and V which were not involved in the initial spam but are related to the company. In the first case, there is clearly a connection between the spamming and the website that gets RBLed; it was directly advertised by the spams. That direct link is sufficient under current RBL rules and meets my definition of terminatable customer. In the second case, one of the sites meets the above definition, but the sites at U and V (which may be for completely unrelated subsidiaries or groups within B) don't necessarily. This might begin to approach an illegal blacklist. The question is, are any cases similar to scenario 2 actually happening? As far as I know, no. Companies that have many websites that are having all their ISPs pressed to nuke them generally are spamming to advertise most or all of them, not just one or a few. -george william herbert gherbert@crl.com I speak for myself only, I am not a CRL employee