On Thu, 20 Jun 2002, Andy Johnson wrote:
Doesn't anyone see the irony here? Fighting abuse with abuse is somewhat counter-productive.
*Spamming* or launching a DoS attack in response to spam is definitely abusive. I understand your point here. I don't think it's an invalid one. I do believe that whether escalations are abusive is a question that is open to debate. Indeed, I believe the question *should* be debated.
This all boils down to more or less the user missing/not receiving an important email. So by blacklisting a netblock which originated SPAM, and more importantly, its neighbors (or in SPEWS case, the entire AS and netblocks announced from it), you are preventing valid emails from being delivered. So SPEWS is just as guilty of depriving people of their mail as spammers are IMO.
Which is more important? The right to express yourself or the right for a property owner to protect his property? I've always claimed that property rights trump free-speech rights, and where spam is concerned, the courts have agreed with me (e.g. the AOL case and the CompuServe case against Sanford Wallace back in the mid-1990's). Now, the big question with blocking is whether or not your users are aware of the blocking happening. In a service-provider environment, a good network admin will make his customers aware of the blockage and either have them agree to it or allow them to turn it off. But that is not a moral or ethical issue. That's a contractual issue. If the provider is arbitraily blocking stuff without telling his customers, yes, that can be said to be a moral or ethical issue, but I make the assumption, for the sake of this particular thread, that the customers know what's going on. As to whether it's counter-productive, again, whether or not it is is based in large part on whether or not the customers have agreed to it. My opinion is that the end-users *must* always have final say over what is blocked or not blocked.
Regarding your last comment, when tracking down and filtering a DoS, do you filter just the offending IP space, or ALL netblocks announced by that AS?
Neither; I don't run any devices that need to speak BGP. If I did, I'd start by filtering the offending IPs only. If I still saw attacks coming from elsewhere in the ISP's netspace I would broaden the range of the blocks. -- Steve Sobol, CTO JustThe.net LLC, Mentor On The Lake, OH 888.480.4NET - I do my best work with one of my cockatiels sitting on each shoulder - 6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance stance towards abusive priests. The fact that 20% didn't, scares me...