----------
From: ALAN DORN HETZEL JR <dorn@atlanta.net> To: NANOG@merit.edu Cc: dorn@atlanta.net Subject: random thoughts on how I can prevent spammers from using my net Date: Monday, January 20, 1997 2:55 PM
I have been trying to figure out ways to prevent spammers from using my net as a sending location (even once). If most spam is sent from throwaway dialup accounts, how would a daily limit of #arbitrary-number of emails sent, with a charge of $0.05 (or other number) per excess e-mail...? The arbitrary-number might be 1000 or so, plenty for most legitimate uses. Since we get credit card numbers from our dialuo customers, if we do get a spammer, and they send, say 100,000 emails in a month, we subtract their allowance of 30K or so and bill them $3,500 (70K * $0.05) for excess....
One of the simplest steps that can be taken is to throw a couple simple filters in the router handling the dialup server, permitting TCP 25 only to your "approved" mailhost. This step, combined with some rudimentary procmail work, would put all but the most determined spammer out of business. As for zapping their credit card, all they have to do is dispute the charge. The trick then is convincing your corporate legal department that some unemployable snotbag from Staten Island is worth the trouble of slapping with a $25k default judgement.
If we make the terms and conditions obvious, and get a signature before activating the account, it won't take very many occurrences before word would get around that SPAM can ocst as much as paper junk mail to send
One thing I've considered, (get your rotten vegetables ready, people, this is a stinker!) would be to set up a "post office"-ish authority, which would be the only place that you would "accept" mail from. Persons wishing to have a message "forwarded" by the post office would have to establish credit, in advance, for some small sum - perhaps a couple of pennies. Granted, this leaves all kinds of problems, such as mailing lists and the like, but it's a thought. There are hundreds of small ISP's around the country, and the odds of every one of them implementing junk-mail filters is somewhere between slim and none. I think the only possible source for a true solution comes in limiting, to a very high degree, who you will accept mail from.