At 05:40 AM 11/10/97 -1000, you wrote:

For all their protesting to the contrary, it appears that AGIS is signing up more new spammers and taking no apparent action upon reports sent to them (incl. Lawler) about spamming activity. So much for Lawler's rhetoric.

-James D. Wilson netsurf@pixi.com

I am sorry if someone else from AGIS has already responded on this, but I will take a moment to clear his up. This is completely incorrect. AGIS' AUP can be found at www.agis.net. We are vigorously enforcing our AUP. AGIS will not sell connectivity to UCE businesses, and have not for some time. We investigate all complaints about AGIS' customers that are sent to abuse@agis.net. Spammers have been terminated, and will continue to be as long as I run this company. Thank you, Phil Lawlor President AGIS Voice - 313-730-1130 Fax - 313-563-6119

At 04:28 PM 11/14/97 -0500, you wrote:

I don't know if they still do, but AGIS used to just setup sendmail.cf filters to block mail from sites or individuals complaining about spam houses hooked up to AGIS.

To the best of my knowledge, we only blocked mailbombers. Someone here from AGIS can correct me if I am wrong. Phil Lawlor President AGIS Voice - 313-730-1130 Fax - 313-563-6119

On Fri, 14 Nov 1997, Phil Lawlor wrote:

To the best of my knowledge, we only blocked mailbombers. Someone here from AGIS can correct me if I am wrong.

You lie. You blocked me. I have never in my life sent a mailbomb. Oh, I sent lots of complaints to AGIS, but every complaint was in response to spam that somebody associated with AGIS had sent me, every complaint required me to do a significant amount of research, and no incoming spam resulted in more than one complaint. Such complaints are not mailbombs. --apb (Alan Barrett)

On Mon, 17 Nov 1997, Karl Denninger wrote:

Heh, a few legitimate customers might have been inconvenienced, but when abuse@[owner-of-network] bounces with a "access denied", that's all you have left.

-- -- Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin

I'd like to ask an operations question that deals with SPAM that hopefully will be on topic. Here goes: If you decide to start filtering out SPAM by blocking it from the source, do you end up becoming a content provider because you're controlling what your customers have access to? If that is the case, what legal implications arise from allowing certain news groups on your server that contain material that is illegal (the alt.binaries.warez.* and some of the alt.binaries.pictures.erotica.* groups come to mind)? Are we now responsible for those groups, and everything else that comes into your network because you've taken the effort to start controlling what your customers can see and do? A lot of us have gotten by on the premise that we are not content providers, but service providers who can't control what our customers see or do, and that there is illegal material out there that we are not liable for. I think that once we start making decisions about what content we allow, then we are setting ourselves up to be liable for what gets through. Just think, responsibility for porn, warez, hatespeech, harassment, etc. Could this actually be used in a court of law? Although this is on the fringe of Network Operations as a whole, I think it is a valid issue to be discussed on a Network Operators list because blocking SPAM/UCE is an operational decision which might carry some interesting legal dilemas with it. Joe Shaw - jshaw@insync.net NetAdmin - Insync Internet Services

Or try "alt.binaries.pictures.teen-fuck". Tell me THAT's not obvious on its face.

Our routers haven't a clue whether or not a packet belongs to an email message or a USENET article let alone whether it is tagged with the above-mentioned newsgroup identifier or whether its content has been correctly tagged by that identifier. And our news server doesn't have much more of a clue regarding content. It essentially acts as a router for traffic on TCP port 119 attached to a sizeable buffer cache. We are in the business of transporting bits without regard to the semantics encoded in those bits. Off topic opinion: IMHO it is not possible and never will be possible to have automated systems filter content. Filtering content is the job of human beings with job titles like "editor", and "reviewer". Automated systems will make it much simpler to apply the opinions of editors and reviewers but the human element will always be an essential element in any system for filtering content and such systems will always work best when they focus on selecting the best content rather than on banning the worst content. ******************************************************** Michael Dillon voice: +1-650-482-2840 Senior Systems Architect fax: +1-650-482-2844 PRIORI NETWORKS, INC. http://www.priori.net "The People You Know. The People You Trust." ********************************************************

On Mon, Nov 17, 1997 at 03:23:43PM -0800, Vadim Antonov wrote:

Karl Denninger wrote:

...

HOWEVER, the "alt.binaries.warez" groups, and more particularly, the groups used *primarily* to distribute kiddie porn are another matter. Nobody with half a neuron firing in their head is going to be able to make an argument in a courtroom that the group "alt.binaries.warez.ibm-pc.windows" isn't a group designed and operated for the purpose of distributing stolen software.

Or try "alt.binaries.pictures.teen-fuck". Tell me THAT's not obvious on its face.

That was beaten to death many years ago. Nobody with a half neuron will argue for filtering or removal of those newsgroups on a large scale (now, i contend that a teeny weeny ISP can get away with it, but for large ISPs it just doesn't work). The reason is very simple: the objectionable content will simply move to "legitimate" newsgroups. There is no way to prevent it. Which would make it much harder for those who don't want to see it to filter it out. How about _encouraging_ such self-regulation instead?

Now, can we get out of the kiddie porn sandbox?

--vadim

There is no way to prevent bank robbery. Therefore, since we cannot prevent it, it should be perfectly legal for me to sell you a firearm with the full knowledge that you intend to use it for the purpose of robbing a bank, or that you have previously robbed a bank (and been convicted of same) and are therefore inclined to do so again. The problem with your argument, Vadim, is that it doesn't wash under the legal code of the United States. It also doesn't wash under the ethical codes of a whole bunch of people, including me. You can argue that it is impossible to prevent kiddie porn. You might even be right about that. But arguing whether you are right or wrong about whether we can prevent kiddie porn from being produced, and children from being exploited by any measure short of 24x7 camera monitoring of every individual in the country is immaterial to THIS issue. The issue here is simple - what is the *right thing* to do? Whether you can save the world by doing the right thing isn't the point, nor should it be. I can't save the planet by myself, and perhaps none of us can save the planet. But that does not mean that I should toss my can out the car window, simply because others have before me and individually, my can is immaterial to the problem of roadside waste. It is, quite simply, WRONG for people to exploit children. Its wrong to knowingly give people a medium by which they can easily congregate to do this. Yes, I know darn well that I can't stop every person who uses our IRC server, for example, from sending out kiddie porn through it. I *KNOW* this, because to do anything else requires that I have the ability to filter through every piece of content that touches that IP number and port, looking for the evil material. Its just not possible. But if someone comes to me and tells me of a set of people who are using our system for this purpose, I *ALSO* can't stick my head in the sand in relation to the issue. Anyone who thinks that these binary groups are just spam-hauses for 1-900-GET-LAID is incredibly naive. Those ads don't require 40% of the feed. The *reality* is that trading of stolen and illegal material is rampant in these *particular* groups. Its a simple matter of volume; that is ALL you have to look at in order to figure it out. We STILL count the number of postings we are asked to file in these groups. Here's the listing from the last TWO HOURS off the top of those logs: 228 newsgroup alt.binaries.pictures.erotica 193 newsgroup alt.binaries.warez.ibm-pc 189 newsgroup alt.binaries.pictures.erotica.oral 175 newsgroup alt.binaries.pictures.erotica.cartoons 151 newsgroup alt.binaries.pictures.erotica.orientals 150 newsgroup alt.binaries.pictures.erotica.breasts 148 newsgroup alt.binaries.pictures.erotica.amateur 146 newsgroup alt.binaries.pictures.boys 134 newsgroup alt.binaries.pictures.erotica.amateur.female 132 newsgroup alt.binaries.erotica 129 newsgroup alt.binaries.pictures.erotica.female 116 newsgroup alt.binaries.pictures.erotica.panties 115 newsgroup alt.binaries.pictures.erotica.blondes 112 newsgroup alt.binaries.games 108 newsgroup alt.binaries.pictures.erotica.redheads 108 newsgroup alt.binaries.pictures.erotica.female.anal 108 newsgroup alt.binaries.pictures.bisexuals 107 newsgroup alt.binaries.pictures.erotica.pornstar 105 newsgroup alt.binaries.pictures.erotica.pornstars 105 newsgroup alt.binaries.pictures.black.erotic.females 104 newsgroup alt.test.testing 103 newsgroup alt.sex.pictures 102 newsgroup alt.sex.erotica Any questions? This is getting off-topic for NANOG - I've said my last on the issue here. -- -- Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin http://www.mcs.net/~karl | T1's from $600 monthly to FULL DS-3 Service | NEW! K56Flex modem support is now available Voice: [+1 312 803-MCS1 x219]| 56kbps DIGITAL ISDN DOV on analog lines! Fax: [+1 312 803-4929] | 2 FULL DS-3 Internet links; 400Mbps B/W Internal

That was beaten to death many years ago. Nobody with a half neuron will argue for filtering or removal of those newsgroups on a large scale (now, i contend that a teeny weeny ISP can get away with it, but for large ISPs it just doesn't work). The reason is very simple: the objectionable content will simply move to "legitimate" newsgroups. There is no way to prevent it.

Vadim, This may be true in the US, but if you are in Canada, you must prune these groups, particularly the kiddie porn, regardless of migration of content or any other technical issue. And if customers complain, you must act on them, instead of claiming some non-publisher status. I have been in way more legal briefings than I care to admit on this issue, and its a done deal here in Canada. If you do not act, as some smaller ISPs have not, you are law enforcement cannon fodder. Kiddie porn busts make the major networks' national news here, particularly when the Internet is involved. Eric Carroll eric.carroll@acm.org Tekton Internet Associates

...

If you decide to start filtering out SPAM by blocking it from the source, do you end up becoming a content provider because you're controlling what your customers have access to? If that is the case, what legal implications arise ...

I was wondering if anyone was going to trip to this... Full credit, Mr. Shaw!

A recent ruling would seem to be in the ISPs favor: http://www.yahoo.com/headlines/971114/wired/stories/cda_1.html To sum it up: part of the CDA indicates that "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider" This woulds seem to indicate that an ISP can not be LEGALLY held accountable for the content published by a customer. (although in the case of UBE, I think the means, more so than the message, is the issue.) I don't think the issue of filtering comes into this at all. Perhaps if there was some way to filter based on usage instead of content, the legal issues would be a little clearer, as one could block off 'offenders' based on thier abuse of your usage policy. Comments? Paul Flores Williams Communication Group

Oh. mercy me, I tried to stay out of this. As an internet user I have been the party forgotten here. I do not like spams on worthless products and make money fast schemes, offshore business ventures, offshore credit cards and A host of other lame products by people who at best have no moral or ethical regard for depriving others of money by any means necessary. I would hope that the backbone providers can refuse to service businesses that harm their best customer interests and annoy and harrass their customers with material content not solicited by the paying customer. I hope that this perspective will aid in the formulation of A sound policy. Henry R. Linneweh Paul Flores wrote:

...

...

If you decide to start filtering out SPAM by blocking it from the source, do you end up becoming a content provider because you're controlling what your customers have access to? If that is the case, what legal implications arise ...

I was wondering if anyone was going to trip to this... Full credit, Mr. Shaw!

A recent ruling would seem to be in the ISPs favor: http://www.yahoo.com/headlines/971114/wired/stories/cda_1.html

To sum it up: part of the CDA indicates that "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider"

This woulds seem to indicate that an ISP can not be LEGALLY held accountable for the content published by a customer. (although in the case of UBE, I think the means, more so than the message, is the issue.) I don't think the issue of filtering comes into this at all.

Perhaps if there was some way to filter based on usage instead of content, the legal issues would be a little clearer, as one could block off 'offenders' based on thier abuse of your usage policy.

Comments?

Paul Flores Williams Communication Group

-- ™
¢4i1å

At 08:05 AM 17-11-97 -0600, Karl Denninger wrote:

On Mon, Nov 17, 1997 at 01:42:08PM +0201, Alan Barrett wrote:

...

On Fri, 14 Nov 1997, Phil Lawlor wrote:

...

To the best of my knowledge, we only blocked mailbombers. Someone here from AGIS can correct me if I am wrong.

[ snip ]

That's all right. They blocked me too, for the same thing (one complaint per spam).

Me too..

From where I sit that's nothing new, but its also ok - we reciprocated, and blocked a huge number of AGIS-distributed networks (basically anything that a spammer was connected to). Guess what? Spam volume went WAY down.

Yes, me as well, but I fat fingered it and announced a slew of AGIS netblocks to null0 via Sprint. Got a personal phone call from Thpamford Wallace claiming he lost thousands and thousands of dollars, frivolous lawsuit threats, etc. etc. [ Disclaimer: It *really* was a stupid accident - 2AM, tired not thinking straight etc. etc. ]. Trying to stay on operational issues, I think it's bad for a provider to block another provider unless they are being harassed and one email isn't harassment. I guess the same argument could be used in reverse i.e. AGIS allowed Thpamford to harass us. Regards, -- Martin Hannigan hannigan@xcom.net Director of Data Networks V:617.500.0108 XCOM Technologies F:617.500.0002 Cambridge, MA http://www.xcom.net

On Fri, 14 Nov 1997, James K. Hood wrote:

server. However, since the termination of our larger bulk emailers, we have less anti-spam coming in and fewer complaints overall concerning our remaining bulk emailers. (Plus, we do still get complaints about some

Didn't Phil just say you guys were cutting off all the bulk mailers, or are there ways to spam through AGIS leased lines without violating the AUP (which I've not yet read)? ------------------------------------------------------------------ Jon Lewis <jlewis@fdt.net> | Unsolicited commercial e-mail will Network Administrator | be proof-read for $199/message. Florida Digital Turnpike | ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____

On Fri, Nov 14, 1997 at 06:28:35PM -0500, Phil Lawlor wrote:

At 05:36 PM 11/14/97 -0500, Jon Lewis wrote:

...

Didn't Phil just say you guys were cutting off all the bulk mailers, or are there ways to spam through AGIS leased lines without violating the AUP (which I've not yet read)?

AGIS has not knowingly signed up any new spammers. Our sales people now qualify new sales as *not* being spammers. We only have to worry about existing customers becoming spammers, and new customers lying about there business before we hook them up. If somebody is somehow able to send bulk

That's what strict contracts are for. -- Steve Sobol, Tech Support, New Age Consulting Service, Inc. 216 619-2000 sjsobol @ nacs.net http://www.nacs.net "The problem with the gene pool is that there's no lifeguard." - A friend of mine on #romance

On Nov 14, Phil Lawlor <phil@agis.net> wrote:

This is completely incorrect. AGIS' AUP can be found at www.agis.net. We are vigorously enforcing our AUP. AGIS will not sell connectivity to UCE businesses, and have not for some time. We investigate all complaints about AGIS' customers that are sent to abuse@agis.net. Spammers have been terminated, and will continue to be as long as I run this company.

It might help your case if y'all were to make this information public somewhere, perhaps on a web page. A possible format would be 'Customer name | Type of abuse | Date first complaint received | # of complaints | Termination date.' ********************************************************* J.D. Falk voice: +1-650-482-2840 Supervisor, Network Operations fax: +1-650-482-2844 PRIORI NETWORKS, INC. http://www.priori.net "The People You Know. The People You Trust." *********************************************************

At 3:34 PM -0500 11/14/97, Phil Lawlor wrote:

This is completely incorrect. AGIS' AUP can be found at www.agis.net. We are vigorously enforcing our AUP. AGIS will not sell connectivity to UCE businesses, and have not for some time. We investigate all complaints about AGIS' customers that are sent to abuse@agis.net. Spammers have been terminated, and will continue to be as long as I run this company.

Thank you,

Phil Lawlor President AGIS Voice - 313-730-1130 Fax - 313-563-6119

Dear Mr. Lawlor, Please see below. Wayne D. Correia DomainNET ps: I would show you the traceroute going into your network, but one of our transit providers, Above.net, has already blackholed them. :-) -------------------------- Return-Path: info@infowatch.net Received: from infomail.infowatch.net (infomail.infowatch.net [206.42.240.10]) by domain.net (8.8.6/8.6.12) with ESMTP id EAA08154 for <wayne@club.net>; Fri, 14 Nov 1997 04:05:53 -0800 (PST) Received: from infowatch.net ([206.42.240.10]) by infomail.infowatch.net (Post.Office MTA v3.1 release PO205e ID# 0-0U10L2S100) with SMTP id AAB313; Thu, 13 Nov 1997 19:08:48 -0500 To: rusty@hodge.com CC: wayne@club.net From: info@infowatch.net (Info Desk) Date: Thu, 13 Nov 97 19:08:49 -0500 Subject: Advertisement: Website Hosting X-Mailer: WM - infowatch.net Message-ID: <19971114000655061.AAB313@infowatch.net> X-UIDL: 4af8ada6498e49d0fa1e579201748890 ------------------------------------------------------------------------ The following material may be of interest to you. If it isn't, we apologize for any inconvenience. -------------------------------------------------------------------------- http://www.infowatch.net InfoWatch would like to introduce our complete Hosting and Promotional service. FOR ONLY $29.95 PER MONTH ! * 30 MB (megabytes) of disk space * 1000 MB = 1 GB (gigabyte) of data transfer per month * 8 E-mail accounts INTERNATIONAL Hosting * Access to your account anytime via the Web Control Panel * MS Front Page * Unlimited FTP updates * Personal CGI directory for your own scripts (or use ours) * Advanced web statistics analyzer program * E-mail forwarding, auto responders, and vacation reply * Domain name registration (www.yourname.com) * Register your domain with over 250 search engines - FREE! * Friendly customer support If for any reason you are not satisfied with InfoWatch's service after 30 days, we will transfer you back to your original host and pay any transfer fees. http://www.infowatch.net info@infowatch.net -------------------------- Whois: 206.42.240.0 AGIS/Net99 (NETBLK-NET99-BLK5) 3601 Pelham Dearborn, MI 48124 Netname: NET99-BLK5 Netblock: 206.42.0.0 - 206.43.255.0 Maintainer: AGIS Coordinator: AGIS DNS Administration (ADA2-ORG) dns-admin@AGIS.NET (313)-730-5151 Alternate Contact: AGIS DNS Administration (AGIS-NOC) noc@agis.net (313)-730-5151 fax- (313)-359-4108 Domain System inverse mapping provided by: NS3.AGIS.NET205.137.48.7 NS1.AGIS.NET205.137.48.5 NS2.AGIS.NET205.137.63.2 Addresses Within This Block Are Non-Portable Record last updated on 23-Jan-97. Database last updated on 13-Nov-97 05:49:56 EDT.