cogent spamming directly from ARIN records?
This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE. I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI. -mel beckman
Mel, I will reply to you off list. Thanks. On 10/2/23, 11:28 AM, "NANOG on behalf of Mel Beckman" <nanog-bounces+jsweeting=arin.net@nanog.org <mailto:arin.net@nanog.org> on behalf of mel@beckman.org <mailto:mel@beckman.org>> wrote: This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE. I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI. -mel beckman
John, Thank you for your guidance! -mel
On Oct 2, 2023, at 8:33 AM, John Sweeting <jsweeting@arin.net> wrote:
Mel, I will reply to you off list. Thanks.
On 10/2/23, 11:28 AM, "NANOG on behalf of Mel Beckman" <nanog-bounces+jsweeting=arin.net@nanog.org <mailto:arin.net@nanog.org> on behalf of mel@beckman.org <mailto:mel@beckman.org>> wrote:
This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE.
I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI.
-mel beckman
<blush> dang auto correct! I should’ve caught that bad change. what I meant to say, was: LAWKIWBO. -mel
On Oct 2, 2023, at 9:15 AM, Mel Beckman <mel@beckman.org> wrote:
John,
Thank you for your guidance!
-mel
On Oct 2, 2023, at 8:33 AM, John Sweeting <jsweeting@arin.net> wrote:
Mel, I will reply to you off list. Thanks.
On 10/2/23, 11:28 AM, "NANOG on behalf of Mel Beckman" <nanog-bounces+jsweeting=arin.net@nanog.org <mailto:arin.net@nanog.org> on behalf of mel@beckman.org <mailto:mel@beckman.org>> wrote:
This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE.
I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI.
-mel beckman
compliance@arin.net Refer back to an email John Curran sent to this list on Jan 6 2020 , "Suspension of Cogent access to ARIN Whois" On Mon, Oct 2, 2023 at 11:29 AM Mel Beckman <mel@beckman.org> wrote:
This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE.
I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI.
-mel beckman
Tom, Thanks for that pointer! apparently cogent has a history of abuse. -mel On Oct 2, 2023, at 8:34 AM, Tom Beecher <beecher@beecher.cc> wrote: compliance@arin.net<mailto:compliance@arin.net> Refer back to an email John Curran sent to this list on Jan 6 2020 , "Suspension of Cogent access to ARIN Whois" On Mon, Oct 2, 2023 at 11:29 AM Mel Beckman <mel@beckman.org<mailto:mel@beckman.org>> wrote: This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE. I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI. -mel beckman
On 10/2/23 09:16, Mel Beckman wrote:
Tom,
Thanks for that pointer! apparently cogent has a history of abuse.
Apparently? In other news, apparently bears have been using our National Forests as their personal toilets for decades. -- Jay Hennigan - jay@west.net Network Engineering - CCIE #7880 503 897-8550 - WB6RDV
Jay, Apparently my sarcasm was too subtle :) -mel
On Oct 2, 2023, at 10:01 AM, Jay Hennigan <jay@west.net> wrote:
On 10/2/23 09:16, Mel Beckman wrote:
Tom, Thanks for that pointer! apparently cogent has a history of abuse.
Apparently?
In other news, apparently bears have been using our National Forests as their personal toilets for decades.
-- Jay Hennigan - jay@west.net Network Engineering - CCIE #7880 503 897-8550 - WB6RDV
Hurricane has been doing the same thing lately... but their schtick is to say that "we are seeing a significant amount of hops in your AS path and wanted to know if you are open to resolve this issue". compliance@arin.net is about all that can be done, other than public shaming! Other outfits have been spamming using the nanog attendees list, but I guess that’s not as bad as the continued scraping of ARIN records, so I won't call them out... yet, at least. 😊 -----Original Message----- From: NANOG <nanog-bounces+tim=mid.net@nanog.org> On Behalf Of Mel Beckman Sent: Monday, October 2, 2023 10:28 AM To: nanog list <nanog@nanog.org> Subject: cogent spamming directly from ARIN records? This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE. I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI. -mel beckman
On 10/2/23 20:58, Tim Burke wrote:
Hurricane has been doing the same thing lately... but their schtick is to say that "we are seeing a significant amount of hops in your AS path and wanted to know if you are open to resolve this issue".
I get what HE are trying to do here, as I am sure all of us do. The potential fallout is a declining relationship with their existing customers that bring other downstream ISP's behind them. Contacting those downstream ISP's to "resolve this issue" puts them at odds with their existing customers who bring those customers in already. There is a chance they dilute their income because, well, smaller ISP's will not be keen to pay the higher transit fees their upstreams pay to HE. Which means that HE are more willing to be closer to eyeballs than they are maximizing margins. Is the loss of customer trust worth the transit-free glory? Mark.
On Mon, Oct 2, 2023, 12:14 Mark Tinka <mark@tinka.africa> wrote:
On 10/2/23 20:58, Tim Burke wrote:
Hurricane has been doing the same thing lately... but their schtick is to say that "we are seeing a significant amount of hops in your AS path and wanted to know if you are open to resolve this issue".
I get what HE are trying to do here, as I am sure all of us do.
The potential fallout is a declining relationship with their existing customers that bring other downstream ISP's behind them. Contacting those downstream ISP's to "resolve this issue" puts them at odds with their existing customers who bring those customers in already.
There is a chance they dilute their income because, well, smaller ISP's will not be keen to pay the higher transit fees their upstreams pay to HE. Which means that HE are more willing to be closer to eyeballs than they are maximizing margins.
Huh? In all my decades of time in the network industry, I have never seen a case where a smaller transit contract had lower per mbit cost than a larger volume contract. I would expect that HE would make *more* money off 10 smaller customer transit contracts than one big tier 3 wholesaler transit contract. It seems like a win-win for HE: more customer revenue *and* shorter hop-count paths they can advertise to the rest of the world. Is the loss of customer trust worth the transit-free glory?
When it's offset by more revenue? Sure seems like it. ;)
Mark.
Matt
On 10/2/23 22:59, Matthew Petach wrote:
Huh?
In all my decades of time in the network industry, I have never seen a case where a smaller transit contract had lower per mbit cost than a larger volume contract.
I would expect that HE would make *more* money off 10 smaller customer transit contracts than one big tier 3 wholesaler transit contract.
That's my point. Smaller ISP's will get better per-Mbps rates from their direct upstreams than they would from HE/Cogent. The rates they'd get from HE/Cogent would be to HE's/Cogen's favour, and not to the ISP's favour. So if the goal is transit-free glory vanity, HE/Cogent would have to take a bit of a haircut which they "could" make up in contract length. Just another way to skin the cat. Mark.
Has anyone replied? If this is a peering request, not sure that is a bad use of the AS contact info. If it is a sales pitch, then yeah, that’s a problem. -- TTFN, patrick
On Oct 2, 2023, at 14:58, Tim Burke <tim@mid.net> wrote:
Hurricane has been doing the same thing lately... but their schtick is to say that "we are seeing a significant amount of hops in your AS path and wanted to know if you are open to resolve this issue".
compliance@arin.net is about all that can be done, other than public shaming!
Other outfits have been spamming using the nanog attendees list, but I guess that’s not as bad as the continued scraping of ARIN records, so I won't call them out... yet, at least. 😊
-----Original Message----- From: NANOG <nanog-bounces+tim=mid.net@nanog.org> On Behalf Of Mel Beckman Sent: Monday, October 2, 2023 10:28 AM To: nanog list <nanog@nanog.org> Subject: cogent spamming directly from ARIN records?
This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE.
I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI.
-mel beckman
Patrick, It’s a sales pitch, and ARIN acknowledges it violates their terms and has taken action. -mel
On Oct 2, 2023, at 2:47 PM, Patrick W. Gilmore <patrick@ianai.net> wrote:
Has anyone replied?
If this is a peering request, not sure that is a bad use of the AS contact info.
If it is a sales pitch, then yeah, that’s a problem.
-- TTFN, patrick
On Oct 2, 2023, at 14:58, Tim Burke <tim@mid.net> wrote:
Hurricane has been doing the same thing lately... but their schtick is to say that "we are seeing a significant amount of hops in your AS path and wanted to know if you are open to resolve this issue".
compliance@arin.net is about all that can be done, other than public shaming!
Other outfits have been spamming using the nanog attendees list, but I guess that’s not as bad as the continued scraping of ARIN records, so I won't call them out... yet, at least. 😊
-----Original Message----- From: NANOG <nanog-bounces+tim=mid.net@nanog.org> On Behalf Of Mel Beckman Sent: Monday, October 2, 2023 10:28 AM To: nanog list <nanog@nanog.org> Subject: cogent spamming directly from ARIN records?
This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE.
I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI.
-mel beckman
In this case, it came from a person with the title of “Global Account Manager”. Unless sales people are handling peering requests all of a sudden, it’s definitely a sales pitch.
On Oct 2, 2023, at 16:47, Patrick W. Gilmore <patrick@ianai.net> wrote:
Has anyone replied?
If this is a peering request, not sure that is a bad use of the AS contact info.
If it is a sales pitch, then yeah, that’s a problem.
-- TTFN, patrick
On Oct 2, 2023, at 14:58, Tim Burke <tim@mid.net> wrote:
Hurricane has been doing the same thing lately... but their schtick is to say that "we are seeing a significant amount of hops in your AS path and wanted to know if you are open to resolve this issue".
compliance@arin.net is about all that can be done, other than public shaming!
Other outfits have been spamming using the nanog attendees list, but I guess that’s not as bad as the continued scraping of ARIN records, so I won't call them out... yet, at least. 😊
-----Original Message----- From: NANOG <nanog-bounces+tim=mid.net@nanog.org> On Behalf Of Mel Beckman Sent: Monday, October 2, 2023 10:28 AM To: nanog list <nanog@nanog.org> Subject: cogent spamming directly from ARIN records?
This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE.
I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI.
-mel beckman
Congrats! LIOAWKI is a hapax legomenon in DuckDuckGo's search results! Could you please tell me & the list what it means? Le 2 octobre 2023 15:28:03 UTC, Mel Beckman <mel@beckman.org> a écrit :
This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE.
I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI.
-mel beckman -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
So is LAWKIWBO, which is the correct acronym mentioned downthread. Le 3 octobre 2023 00:29:08 UTC, Collider <large.hadron.collider@gmx.com> a écrit :
Congrats! LIOAWKI is a hapax legomenon in DuckDuckGo's search results! Could you please tell me & the list what it means?
Le 2 octobre 2023 15:28:03 UTC, Mel Beckman <mel@beckman.org> a écrit :
This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE.
I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI.
-mel beckman -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
My best guess is “Life As We Know It Will Be Over”, but that’s just a guess. Owen
On Oct 2, 2023, at 17:32, Collider <large.hadron.collider@gmx.com> wrote:
So is LAWKIWBO, which is the correct acronym mentioned downthread.
Le 3 octobre 2023 00:29:08 UTC, Collider <large.hadron.collider@gmx.com> a écrit :
Congrats! LIOAWKI is a hapax legomenon in DuckDuckGo's search results! Could you please tell me & the list what it means?
Le 2 octobre 2023 15:28:03 UTC, Mel Beckman <mel@beckman.org> a écrit :
This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE.
I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI.
-mel beckman
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
On Mon, Oct 2, 2023 at 7:27 PM Collider <large.hadron.collider@gmx.com> wrote:
Congrats! LIOAWKI is a hapax legomenon in DuckDuckGo's search results! Could you please tell me & the list what it means?
Large Internet Outages Are What Kills Income! It's a phrase that is uttered by members of the finance organization every time they see Network Engineers planning a "routine maintenance on the core backbone routers". Matt
On 10/2/23 11:28 AM, Mel Beckman wrote:
I believe they got the contact information from ARIN
I'd suggest everyone use an alias unique to ARIN for your POC and/or public email. Makes it super simple to verify where it was sourced from. (and yes I've got the same spam) -- Bryan Fields 727-409-1194 - Voice http://bryanfields.net
this sort of thing (provider X scrapes Y and mails Z for sales leads) every ~18 months. the same outrage and conversation happens every time. the same protection mechanisms are noted every time. Is there a reason that: "killfileand move on" is not the answer everytime for this? (why do we need to keep rediscussing it) On Tue, Oct 3, 2023 at 11:54 AM Bryan Fields <Bryan@bryanfields.net> wrote:
On 10/2/23 11:28 AM, Mel Beckman wrote:
I believe they got the contact information from ARIN
I'd suggest everyone use an alias unique to ARIN for your POC and/or public email. Makes it super simple to verify where it was sourced from.
(and yes I've got the same spam) -- Bryan Fields
727-409-1194 - Voice http://bryanfields.net
* morrowc.lists@gmail.com (Christopher Morrow) [Tue 03 Oct 2023, 18:29 CEST]:
this sort of thing (provider X scrapes Y and mails Z for sales leads) every ~18 months. the same outrage and conversation happens every time. the same protection mechanisms are noted every time.
Is there a reason that: "killfileand move on" is not the answer everytime for this? (why do we need to keep rediscussing it)
It's a vicious circle: provider scrapes operational addresses and spams them, providers stop putting useful addresses in public databases to avoid spam, everybody who needs to find operational contacts in a variety of situations loses in the end. We keep discussing it because we care about keeping the internet running. It's similar to why we keep looking for new security holes in existing software: we don't stop because inevitably we'll find more so it's a lost cause, we keep looking because inevitably we'll find more so the product becomes more secure. -- Niels.
On Tue, Oct 3, 2023 at 12:54 PM <niels=nanog@bakker.net> wrote:
* morrowc.lists@gmail.com (Christopher Morrow) [Tue 03 Oct 2023, 18:29 CEST]:
this sort of thing (provider X scrapes Y and mails Z for sales leads) every ~18 months. the same outrage and conversation happens every time. the same protection mechanisms are noted every time.
Is there a reason that: "killfileand move on" is not the answer everytime for this? (why do we need to keep rediscussing it)
It's a vicious circle: provider scrapes operational addresses and spams them, providers stop putting useful addresses in public databases to avoid spam, everybody who needs to find operational contacts in a variety of situations loses in the end.
i agree this is a sad outcome of the internet ecosystem.
We keep discussing it because we care about keeping the internet running. It's similar to why we keep looking for new security holes in existing software: we don't stop because inevitably we'll find more so it's a lost cause, we keep looking because inevitably we'll find more so the product becomes more secure.
those are a bit of a false equivalence... but... ok. I think: "Oh look, more spam, delete" is basically how this sort of problem (email from randos trying to sell me ED pills or 10Gs) should be treated. I don't know that it's helpful to keep re-litigating that end state :( I'm sure telling dave shaeffer: "Hey, your sales droids are being rude" is going to end as well as sending him ED pill emails.
On 10/3/2023 3:48 PM, Christopher Morrow wrote:
those are a bit of a false equivalence... but... ok. I think: "Oh look, more spam, delete" is basically how this sort of problem (email from randos trying to sell me ED pills or 10Gs) should be treated. I don't know that it's helpful to keep re-litigating that end state :(
I'm sure telling dave shaeffer: "Hey, your sales droids are being rude" is going to end as well as sending him ED pill emails.
On the other hand, it's actually nice knowing Cogent are up to their same old tricks, so that when they try to end-around me to get a sale done, I have plenty of ammunition at my disposal to shoot them down. Much like your ED pill E-Mail analogy above (and I think you might have been able to pick a less explicit example, but hey, edgy humor amirite?) it should be pretty trivial for you to nuke this thread so it doesn't keep appearing at the top of your inbox.
* morrowc.lists@gmail.com (Christopher Morrow) [Tue 03 Oct 2023, 21:50 CEST]:
I'm sure telling dave shaeffer: "Hey, your sales droids are being rude" is going to end as well as sending him ED pill emails.
Such outreach to technical contacts is counterproductive anyway. Which is more likely, that noc@ leads to a person with purchasing power, or that it leads to one who happens to be rabidly anti-spam who may then help get you thrown off the PeeringDB island for a few seasons? -- Niels.
This is not the outcome of internet ecosystem, this is outcome of commercialization, where money is what is all cared, not good product, ethical behavior, etc. This is also because good guys do NOT fight back strong enough. Cogent start to give you hard time? Start to filter they whole prefixes? Maybe depeer them? I know this sound extreme, but.. everything else seems to fail.. ---------- Original message ---------- From: Christopher Morrow <morrowc.lists@gmail.com> To: nanog@nanog.org Subject: Re: ARIN email address (was cogent spamming directly from ARIN records?) Date: Tue, 3 Oct 2023 15:48:11 -0400 i agree this is a sad outcome of the internet ecosystem.
We keep discussing it because we care about keeping the internet running. It's similar to why we keep looking for new security holes in existing software: we don't stop because inevitably we'll find more so it's a lost cause, we keep looking because inevitably we'll find more so the product becomes more secure.
those are a bit of a false equivalence... but... ok. I think: "Oh look, more spam, delete" is basically how this sort of problem (email from randos trying to sell me ED pills or 10Gs) should be treated. I don't know that it's helpful to keep re-litigating that end state :( I'm sure telling dave shaeffer: "Hey, your sales droids are being rude" is going to end as well as sending him ED pill emails.
Problem with that theory is the ratio of collateral damage to pain inflicted. Filter or deeper cogent and they don’t feel anything themselves. Their customers _might_ miss being able to reach your customers (or you), but then it is Cogent’s customers that feel the pain the most and Cogent to a much lesser degree and only as a second order effect. You will definitely miss connecting to some of Cogent’s customers, so you have also directly inflicted pain upon your self (and likely your customers). Personally, I would support any of my providers teaching Cogent a lesson this way, but most customers aren’t so understanding or even aware of the situation and they don’t care even if it is explained to them. They expect their packets to get delivered. That’s why they pay you. It would be nice if there were a way to get Cogent fined or to sue Cogent for these acts and raise their costs directly without harming their customers, but so far nobody has figured out a way to do it. (Perhaps the layer 9 types in the list can put their brains to work on this problem). Owen
On Oct 4, 2023, at 04:30, borg@uu3.net wrote:
This is not the outcome of internet ecosystem, this is outcome of commercialization, where money is what is all cared, not good product, ethical behavior, etc.
This is also because good guys do NOT fight back strong enough. Cogent start to give you hard time? Start to filter they whole prefixes? Maybe depeer them?
I know this sound extreme, but.. everything else seems to fail..
---------- Original message ----------
From: Christopher Morrow <morrowc.lists@gmail.com> To: nanog@nanog.org Subject: Re: ARIN email address (was cogent spamming directly from ARIN records?) Date: Tue, 3 Oct 2023 15:48:11 -0400
i agree this is a sad outcome of the internet ecosystem.
We keep discussing it because we care about keeping the internet running. It's similar to why we keep looking for new security holes in existing software: we don't stop because inevitably we'll find more so it's a lost cause, we keep looking because inevitably we'll find more so the product becomes more secure.
those are a bit of a false equivalence... but... ok. I think: "Oh look, more spam, delete" is basically how this sort of problem (email from randos trying to sell me ED pills or 10Gs) should be treated. I don't know that it's helpful to keep re-litigating that end state :(
I'm sure telling dave shaeffer: "Hey, your sales droids are being rude" is going to end as well as sending him ED pill emails.
But I seem to have finally gotten Cogent trained not to spam this one, so I think I’ll leave it as is. YMMV Owen
On Oct 3, 2023, at 08:52, Bryan Fields <Bryan@bryanfields.net> wrote:
On 10/2/23 11:28 AM, Mel Beckman wrote:
I believe they got the contact information from ARIN
I'd suggest everyone use an alias unique to ARIN for your POC and/or public email. Makes it super simple to verify where it was sourced from.
(and yes I've got the same spam) -- Bryan Fields
727-409-1194 - Voice http://bryanfields.net
Give it time :) -Mike
On Oct 3, 2023, at 18:06, Owen DeLong via NANOG <nanog@nanog.org> wrote:
But I seem to have finally gotten Cogent trained not to spam this one, so I think I’ll leave it as is.
YMMV
Owen
On Oct 3, 2023, at 08:52, Bryan Fields <Bryan@bryanfields.net> wrote:
On 10/2/23 11:28 AM, Mel Beckman wrote: I believe they got the contact information from ARIN
I'd suggest everyone use an alias unique to ARIN for your POC and/or public email. Makes it super simple to verify where it was sourced from.
(and yes I've got the same spam) -- Bryan Fields
727-409-1194 - Voice http://bryanfields.net
I was one of the main people behind their suspension from ARIN whois for 6 months. They have not spammed me since. They’re probably afraid of another cake. Owen
On Oct 3, 2023, at 18:18, Mike Lyon <mike.lyon@gmail.com> wrote:
Give it time :)
-Mike
On Oct 3, 2023, at 18:06, Owen DeLong via NANOG <nanog@nanog.org> wrote:
But I seem to have finally gotten Cogent trained not to spam this one, so I think I’ll leave it as is.
YMMV
Owen
On Oct 3, 2023, at 08:52, Bryan Fields <Bryan@bryanfields.net> wrote:
On 10/2/23 11:28 AM, Mel Beckman wrote: I believe they got the contact information from ARIN
I'd suggest everyone use an alias unique to ARIN for your POC and/or public email. Makes it super simple to verify where it was sourced from.
(and yes I've got the same spam) -- Bryan Fields
727-409-1194 - Voice http://bryanfields.net
Heh. (: Le 4 octobre 2023 01:23:13 UTC, Owen DeLong via NANOG <nanog@nanog.org> a écrit :
I was one of the main people behind their suspension from ARIN whois for 6 months.
They have not spammed me since.
They’re probably afraid of another cake.
Owen
On Oct 3, 2023, at 18:18, Mike Lyon <mike.lyon@gmail.com> wrote:
Give it time :)
-Mike
On Oct 3, 2023, at 18:06, Owen DeLong via NANOG <nanog@nanog.org> wrote:
But I seem to have finally gotten Cogent trained not to spam this one, so I think I’ll leave it as is.
YMMV
Owen
On Oct 3, 2023, at 08:52, Bryan Fields <Bryan@bryanfields.net> wrote:
On 10/2/23 11:28 AM, Mel Beckman wrote: I believe they got the contact information from ARIN
I'd suggest everyone use an alias unique to ARIN for your POC and/or public email. Makes it super simple to verify where it was sourced from.
(and yes I've got the same spam) -- Bryan Fields
727-409-1194 - Voice http://bryanfields.net
-- Sent from my Android device with K-9 Mail. Please excuse my brevity.
On Oct 3, 2023, at 11:52 AM, Bryan Fields <Bryan@bryanfields.net> wrote:
On 10/2/23 11:28 AM, Mel Beckman wrote:
I believe they got the contact information from ARIN
I'd suggest everyone use an alias unique to ARIN for your POC and/or public email. Makes it super simple to verify where it was sourced from.
(and yes I've got the same spam)
Bryan - You are absolutely correct - it is wise to use a unique email address if at all possible, and please report misuse to compliance@arin.net <mailto:compliance@arin.net>. It does make a difference, as abuse reports result in discussions with organizations regarding appropriate reeducation regimes for violating staff – and further implications if the pattern of abuse appears systemic as opposed to incidental. (It is not a perfect system, as it often needs periodically refreshment in some orgs due to inevitable turnover and miscreant creativity, but it does tamp down the worst of the abuse that would occur otherwise…) Thanks! /John John Curran President and CEO American Registry for Internet Numbers
On Oct 3, 2023, at 11:52 AM, Bryan Fields <Bryan@bryanfields.net> wrote: On 10/2/23 11:28 AM, Mel Beckman wrote: I believe they got the contact information from ARIN I'd suggest everyone use an alias unique to ARIN for your POC and/or public email. Makes it super simple to verify where it was sourced from. (and yes I've got the same spam) Bryan - You are absolutely correct - it is wise to use a unique email address if at all possible, and please report misuse to compliance@arin.net<mailto:compliance@arin.net>. It does make a difference, as abuse reports result in discussions with organizations regarding appropriate reeducation regimes for violating staff – and further implications if the pattern of abuse appears systemic as opposed to incidental. (It is not a perfect system, as it often needs periodically refreshment in some orgs due to inevitable turnover and miscreant creativity, but it does tamp down the worst of the abuse that would occur otherwise…) Thanks! /John John Curran President and CEO American Registry for Internet Numbers
Based on my personal experience of getting onto the contact list of an extremely persistent Cogent sales person, mostly, I am morbidly curious what their CRM system looks like for cold and stale leads, and how often these sets of non-responsive leads get passed on to new junior salespeople. And exactly how many of those sales people there are and what policies/management structure they work under. It took a fair amount of effort and many strongly worded responses on my part to eventually get my personal cellular phone number removed from their CRM system (or at least marked as a do-not-contact). On Mon, Oct 2, 2023 at 6:52 PM Mel Beckman <mel@beckman.org> wrote:
This morning I received an email from someone at Cogent asking about an ASN I administer. They didn’t give any details, but I assumed it might be related to some kind of network transport issue. I replied cordially, asking them what they needed. The person then replied with a blatant spam, advertising Cogent IP services, in violation of the U.S. CAN-SPAM Act’s prohibition against deceptive UCE.
I believe they got the contact information from ARIN, because the ARIN technical POC is the only place where my name and the ASN are connected. I believe this is a violation of Cogent’s contract with ARIN. Does anybody know how I can effectively report this to ARIN? If we can’t even police infrastructure providers for spamming, LIOAWKI.
-mel beckman
participants (20)
-
borg@uu3.net
-
Bryan Fields
-
Christopher Morrow
-
Collider
-
Daniel Corbe
-
Delong.com
-
Eric Kuhnke
-
Jay Hennigan
-
John Curran
-
John Curran
-
John Sweeting
-
Mark Tinka
-
Matthew Petach
-
Mel Beckman
-
Mike Lyon
-
niels=nanog@bakker.net
-
Owen DeLong
-
Patrick W. Gilmore
-
Tim Burke
-
Tom Beecher