Re: Lawsuit threat against RBL users
At 11:39 PM 11/18/98 -0800, Roeland M.J. Meyer wrote:
That's right. It stops the practice of using a sacrificial account, from AOL or netcom, to spam for a web-site that is otherwise protected. Does it make a difference that they didn't spam from their own ISP?
Please allow me a moment to ask: Does it make any difference whether your customer actually originated the offending msgs? Couldn't such a spamset come from one of their competitor? Or a chat room hacker that got pissed off? I understand AUP regarding what actually happens on an account. Unless the "throwaway" account can be tied to your customer, then I don't understand the justification for compromising service. (I personally don't find "it's generally true", or "it's too much trouble", or "the end justifies the means" to be especially convincing arguments.)
At 08:26 AM 11/19/98 -0800, Sean Finn wrote:
At 11:39 PM 11/18/98 -0800, Roeland M.J. Meyer wrote:
That's right. It stops the practice of using a sacrificial account, from AOL or netcom, to spam for a web-site that is otherwise protected. Does it make a difference that they didn't spam from their own ISP?
Please allow me a moment to ask:
Does it make any difference whether your customer actually originated the offending msgs?
Couldn't such a spamset come from one of their competitor?
Or a chat room hacker that got pissed off?
I understand AUP regarding what actually happens on an account.
Unless the "throwaway" account can be tied to your customer, then I don't understand the justification for compromising service.
Ah, but there's the problem and Karl D. is right. The *real* answer is to do away with throw-away accounts. Yes, the provider of the throw-away account knows exactly who the spammer is (I won't go any deeper than that), they have a CC number. If that data matches our customer, that customer becomes $1500US poorer and stops being our customer. Tracing a spam to a particular dail-in port is not easy, but it's do-able. You then know who the provider is/was.
(I personally don't find "it's generally true", or "it's too much trouble", or "the end justifies the means" to be especially convincing arguments.)
I don't either. ___________________________________________________ Roeland M.J. Meyer, ISOC (InterNIC RM993) e-mail: <mailto:rmeyer@mhsc.com>rmeyer@mhsc.com Internet phone: hawk.mhsc.com Personal web pages: <http://www.mhsc.com/~rmeyer>www.mhsc.com/~rmeyer Company web-site: <http://www.mhsc.com/>www.mhsc.com/ ___________________________________________ Who is John Galt? "Atlas Shrugged" - Ayn Rand
On Thu, Nov 19, 1998 at 03:25:25PM -0800, Roeland M.J. Meyer wrote:
Ah, but there's the problem and Karl D. is right. The *real* answer is to do away with throw-away accounts. Yes, the provider of the throw-away account knows exactly who the spammer is (I won't go any deeper than that), they have a CC number. If that data matches our customer, that customer becomes $1500US poorer and stops being our customer. Tracing a spam to a particular dail-in port is not easy, but it's do-able. You then know who the provider is/was.
It's actually not that hard for a smallish provider like NACS. I imagine the big dialup wholesale outifts would have quite a bit more work to do, though. -- Steve Sobol [sjsobol@nacs.net] Part-time Support Droid [support@nacs.net] NACS Spaminator [abuse@nacs.net] Spotted on a bumper sticker: "Possum. The other white meat."
At 10:59 PM 11/19/98 -0500, Steven J. Sobol wrote:
On Thu, Nov 19, 1998 at 03:25:25PM -0800, Roeland M.J. Meyer wrote:
Ah, but there's the problem and Karl D. is right. The *real* answer is to do away with throw-away accounts. Yes, the provider of the throw-away account knows exactly who the spammer is (I won't go any deeper than that), they have a CC number. If that data matches our customer, that customer becomes $1500US poorer and stops being our customer. Tracing a spam to a particular dail-in port is not easy, but it's do-able. You then know who the provider is/was.
It's actually not that hard for a smallish provider like NACS. I imagine the big dialup wholesale outifts would have quite a bit more work to do, though.
Actually, it is somewhat easier for them. I have it on good authority that the mail admin at AOL gets regular detailed traces from SPAM-L and other private sources. Many of the SPAM complaints not only come with detailed headers, but traceroutes as well. NetCom also benefits from their users in this way. All that is required is to verify the analysis as being valid, check the logs, and move on from there. ___________________________________________________ Roeland M.J. Meyer, ISOC (InterNIC RM993) e-mail: <mailto:rmeyer@mhsc.com>rmeyer@mhsc.com Internet phone: hawk.mhsc.com Personal web pages: <http://www.mhsc.com/~rmeyer>www.mhsc.com/~rmeyer Company web-site: <http://www.mhsc.com/>www.mhsc.com/ ___________________________________________ Who is John Galt? "Atlas Shrugged" - Ayn Rand
On 11/19/98, "Roeland M.J. Meyer" <rmeyer@mhsc.com> wrote:
Actually, it is somewhat easier for them. I have it on good authority that the mail admin at AOL gets regular detailed traces from SPAM-L and other private sources. Many of the SPAM complaints not only come with detailed headers, but traceroutes as well. NetCom also benefits from their users in this way. All that is required is to verify the analysis as being valid, check the logs, and move on from there.
Since the abuse folks have to verify that the analysis is valid, why even include the analysis? Personally, when dealing with complaints, I tend to ignore all "analysis" and other text except the forwarded message itself unless I'm at a loss as to figure out why it was sent to my abuse department. I've spoken to a number of other abuse leads who feel the same way. -- J.D. Falk <jdfalk@cp.net> "Nathan says hi." Special Agent In Charge (Abuse Issues) Critical Path, Inc.
participants (4)
-
J.D. Falk
-
Roeland M.J. Meyer
-
Sean Finn
-
Steven J. Sobol