Over the last few months, I've been trying (without success) to find a provider for our second T1 to the net. Basically, all we want is a full-bandwidth T1 w/bgp4, to an upstream I am comortable with the quality of service of, and who can provide this to us (in montana) at a reasonable monthly rate. Finding a suitable provider hasn't been too hard, but the difficulty comes in when it's time to sign a contract. So far, we have accepted a proposal pending contract approval for TWO different potential upstreams. Both quoted a price of around 2500 per month including local loop. However, the contract terms include what I'm terming an anti-spam clause which generally states that if us or any of our clients or their clients decide to "prevent others from enjoying the internet" (paraphrasing) they can terminate us immediately and make us pay for the remainder of the year term. Each (or maybe better said one or more) of the contracts also included other terms which I felt were totally unreasonable. Such as not being able to mention the name of your upstream. Makes it kinda hard to tell potential clients who you are connected to. Another required us to upgrade our equipment based on whatever specifications they felt was necessary at that point. And there were more. Now, I understand the need to be able to terminate spam havens. I also understand the need to require your customers to use compatible and reliable equipment. Let me explain my problem -- Lets assume that customer "a" decides to purchase an account on our system to send out spam. We don't know he's planning to do this, but he does succeed in sending out 10,000 messages before we find out. Under both agreements, we can be immediately terminated without notice and be required to pay for the remaining time on the 12 month agreement. Regardless if we terminate the offending user as soon as we find out or not. Another example. Lets assume that someone in our upstream decided that we MUST have a $250,000 router to connect to their system. If we can't provide such a beast, we are immediately terminated and required to pay for the remaining year term. Both of the potential upstreams have been wholly unwilling to negotiate a contract in good faith to resolve these issues. I know that nanog is probably not the best forum for this, but I figured it might be a good place to start to look for a provider which can: a) Sell us a T1 line, with BGP4, with local loop to NPA NXX 406 443 for about $2500/month, on a year term or less. b) Not have such rediculous contract language. I'd also like to hear what types of contracts are actually signed by providers and if they are actually read before they are signed. You can reply to me directly, instead of on the list, if you'd like. -forrestc@imach.com
So far, we have accepted a proposal pending contract approval for TWO different potential upstreams. Both quoted a price of around 2500 per month including local loop. However, the contract terms include what I'm terming an anti-spam clause which generally states that if us or any of our clients or their clients decide to "prevent others from enjoying the internet" (paraphrasing) they can terminate us immediately and make us pay for the remainder of the year term.
Unless you're just new to the Internet, you know that spam is a very pervasive problem. I'm very glad to see at least some hint that some backbone providers are starting to clamp down.
Each (or maybe better said one or more) of the contracts also included other terms which I felt were totally unreasonable. Such as not being able to mention the name of your upstream. Makes it kinda hard to tell potential clients who you are connected to. Another required us to upgrade our equipment based on whatever specifications they felt was necessary at that point. And there were more.
You must convert to BGP5 if/when such an animal comes out, for example. As for not mentioning the name, I do find that kind of quirky, especially since it's easy to figure out (well at least for the net savvy among us).
Now, I understand the need to be able to terminate spam havens. I also understand the need to require your customers to use compatible and reliable equipment.
So do I. So is the strange clause about hiding the backbone name the one you are worried most about?
Let me explain my problem -- Lets assume that customer "a" decides to purchase an account on our system to send out spam. We don't know he's planning to do this, but he does succeed in sending out 10,000 messages before we find out. Under both agreements, we can be immediately terminated without notice and be required to pay for the remaining time on the 12 month agreement. Regardless if we terminate the offending user as soon as we find out or not.
You make contract clauses all your customers have to sign that requires them to pay all costs and overhead for any problems they cause.
Another example. Lets assume that someone in our upstream decided that we MUST have a $250,000 router to connect to their system. If we can't provide such a beast, we are immediately terminated and required to pay for the remaining year term.
On a T1? Not likely. I can't see them requiring any kind of upgrade that isn't required of all other like customers. More likely this clause is there to make sure that you don't run some buggy version of software and not do something about it.
Both of the potential upstreams have been wholly unwilling to negotiate a contract in good faith to resolve these issues.
If they perceive you as a "mom and pop" outfit, they are likely to do this. What is your relationship to The Montana Internet Cooperative?
I know that nanog is probably not the best forum for this, but I figured it might be a good place to start to look for a provider which can:
a) Sell us a T1 line, with BGP4, with local loop to NPA NXX 406 443 for about $2500/month, on a year term or less.
b) Not have such rediculous contract language.
Given the remoteness of Montana, local investment by the backbones does not generally give good returns. I can't give you a T1+loop at that price because hauling the line in is too expensive. There has to be a market there to make it worth while. If you had ALL of Helena signed up as a customer, could you afford the cost of hauling your own T1 all the way to Denver or Seattle or Minneapolis to connect up to a major backbone there? Would a T1 be enough for the town?
I'd also like to hear what types of contracts are actually signed by providers and if they are actually read before they are signed.
In my previous job, contract terms were negotiated. But it is a lucrative and competitive market here in Dallas Texas. It was a non-ISP business and a backbone eager to get lots signed up. What providers have come to Montana? Where are you willing to haul your own line to? You might need to expect to pay more. -- Phil Howard | no7spam3@no9place.com no87ads9@lame4ads.com end5ads0@s1p5a2m7.net phil | stop9it3@nowhere7.com stop3ads@spammer2.org ads1suck@no9where.org at | ads8suck@nowhere0.com no85ads9@s2p3a2m7.com stop5006@no0place.edu milepost | no6spam1@spam2mer.com ads6suck@no12ads9.net stop8it2@no0where.com dot | no9spam1@no3where.com w0x5y9z5@lame2ads.edu die0spam@spammer5.com com | stop1068@anyplace.edu a8b2c2d1@dumb1ads.edu end2it60@s8p0a9m2.net
On Sat, 29 Nov 1997, Phil Howard wrote:
month including local loop. However, the contract terms include what I'm terming an anti-spam clause which generally states that if us or any of our clients or their clients decide to "prevent others from enjoying the internet" (paraphrasing) they can terminate us immediately and make us pay
Unless you're just new to the Internet, you know that spam is a very pervasive problem. I'm very glad to see at least some hint that some backbone providers are starting to clamp down.
I don't think anyone disagrees that spam is a major problem and not an acceptable thing to have customers doing. What Forrest was complaining about was much too harsh an anti-spam policy. I doubt Forrest would have a problem with "If your network is repeatadly used to distribute spam and no effort is made to stop this, service may be terminated." What he was complaining about was that they were basically saying "If your network is ever used to distribute spam, we have the right to terminate service immediately and levy severe financial penalties." This would mean that if they ever have a customer spam, even if they nuke the account as soon as they know about the spam, they might lose that T1 and a lot of money. Whoever wrote those clauses was either way too naive, militant, or just entirely without clue.
You make contract clauses all your customers have to sign that requires them to pay all costs and overhead for any problems they cause.
Good luck collecting on that when some 12 year old sends out make money fast. Are you willing to bet your connection to the net on that?
You might need to expect to pay more.
Especially considering his remoteness. $2500/month for port and loop sounds pretty good to me. Many of the "bigger" backbone providers charge that just for the port fee. ------------------------------------------------------------------ Jon Lewis <jlewis@fdt.net> | Unsolicited commercial e-mail will Network Administrator | be proof-read for $199/message. Florida Digital Turnpike | ______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
Jon Lewis writes...
I don't think anyone disagrees that spam is a major problem and not an acceptable thing to have customers doing. What Forrest was complaining about was much too harsh an anti-spam policy. I doubt Forrest would have a problem with "If your network is repeatadly used to distribute spam and no effort is made to stop this, service may be terminated." What he was complaining about was that they were basically saying "If your network is ever used to distribute spam, we have the right to terminate service immediately and levy severe financial penalties." This would mean that if they ever have a customer spam, even if they nuke the account as soon as they know about the spam, they might lose that T1 and a lot of money. Whoever wrote those clauses was either way too naive, militant, or just entirely without clue.
But it is very common for lawyers to write the terms that way for many contracts. It gives them leverage. They don't usually exercise it, but should there be some extremely severe case, they want to make sure they have the power to do so without having to balance it against the losses relative to their financial planning. I don't like it, but that's the way it works. If you are in a position to be able to bargain terms, most businesses generally do so. It sounds like Forrest's problem is that he is not in such a position.
You make contract clauses all your customers have to sign that requires them to pay all costs and overhead for any problems they cause.
Good luck collecting on that when some 12 year old sends out make money fast. Are you willing to bet your connection to the net on that?
I didn't agree with it. I just pointed it out as a fact of life. You'll find lots of lousy contracts in business when you look at them in terms of what _might_ happen. The pendulum certainly has swung the other way as providers have discovered that they are getting stung bad with regard to spam. Even AGIS has discovered they are sinking in the quicksand and are trying to get out. Maybe we should take an assessment on just what terms are in NEW connection contracts being let these days.
Especially considering his remoteness. $2500/month for port and loop sounds pretty good to me. Many of the "bigger" backbone providers charge that just for the port fee.
I'd let him have a T1 port into my two T1 ports for just $1000/mo if he would haul his own line here to Texas. But he'd be the fool to do that. Given that price, it might well be a near loss for the backbone. He needs to find the price level that will get his sales rep dialing up the legal department. -- Phil Howard | stop6it7@anywhere.org w2x4y3z9@s5p1a1m8.edu stop6886@dumb4ads.net phil | crash727@lame7ads.edu die2spam@no0where.edu no1spam1@dumbads2.com at | die1spam@spam2mer.org suck0it5@no08ads3.edu stop1ads@spam1mer.net milepost | stop5640@lame4ads.net end7it05@no5place.edu stop3it2@spammer0.net dot | w0x3y3z9@lame6ads.edu ads9suck@lame3ads.net w7x5y6z7@anywhere.net com | die8spam@no9place.net eat87me6@nowhere5.net stop1it9@dumb3ads.edu
Another example. Lets assume that someone in our upstream decided that we MUST have a $250,000 router to connect to their system. If we can't provide such a beast, we are immediately terminated and required to pay for the remaining year term.
On a T1? Not likely. I can't see them requiring any kind of upgrade that isn't required of all other like customers. More likely this clause is there to make sure that you don't run some buggy version of software and not do something about it.
Likelyhood of the potential upgrade doesn't matter. If the contract says that you have to upgrade whenever and to whatever the upstream says you do, then it's perfectly OK for the upstream to say "You have to use <xxxx> brand equipment", or something more ludicrous, like "You must upgrade your router to be able to speak XAGP, the Xterious Autonomous-system Gateway Protocol, which is proprietary to me [upstream], and will cost you $x,xxx,xxx.xx to run. Have a nice day!" I think the proper way to execute contracts like this is to extend some form of trust on both sides. It's hard to do, given the litigous society we're in nowadays, but that's really the right way to do it. That's how I do it with my customers. Now, I'm not going to bid for the T1 business (Massachusetts to Montana local loop is a lot more than $2500), but that's how I work. The official legalese is something pretty harsh, but the actual policy is "Don't do anything bad more than once."* I've had several customers decide that they wanted to tell every single newsgroup about their product, and I took the heat for it. I then went to my customer, explained that if they did it again I could reposess everything they owned, including their eternal soul, and charge them an arm and a leg doing it. They stopped. :) Point is, business is still best done on a handshake. Now, maybe in the 90s it's a handshake with a nasty contract to fall back on, but the handshake should suffice for most things. Contract language vs. actual behavior is a really tricky subject. It's also not really a NANOG thing, so I'll stop here.... eric *if you're a spammer looking for a home, don't even waste my time.... ObNanog: Anybody have a handle on what the policies are for various backbones (big four as well as others like Digex, AGIS, etc...) WRT customers acting as transit ASs? I work for a mid-sized MA-area provider, and we're starting to get customers who want to multihome and run their own AS. Who allows this (without a peering agreement!), who doesn't, and how much red tape trouble is it?
On Sun, Nov 30, 1997 at 01:13:06AM -0500, Eric Osborne wrote:
or something more ludicrous, like "You must upgrade your router to be able to speak XAGP, the Xterious Autonomous-system Gateway Protocol, which is
Wow... How do I configure my router for _that_? :-) Cheers, -- jra -- Jay R. Ashworth jra@baylink.com Member of the Technical Staff Unsolicited Commercial Emailers Sued The Suncoast Freenet "Two words: Darth Doogie." -- Jason Colby, Tampa Bay, Florida on alt.fan.heinlein +1 813 790 7592
On Sat, 29 Nov 1997, Phil Howard wrote:
Now, I understand the need to be able to terminate spam havens. I also understand the need to require your customers to use compatible and reliable equipment.
So do I.
So is the strange clause about hiding the backbone name the one you are worried most about?
Actually, no. What I'm worried about is that under both contracts we've seen so far (From two different providers) if a single customer sends spam (or even flames another user, the way they're written) and our upstream finds out, then they have the right to terminate immediately without notice to us AND then require us to pay for the remaining service. Sprint's policy is much better which basically states: "Complaints about customers or end-users of a Sprint IP customer will be forwarded to the Sprint IP customer's hostmaster for action. If irresponsible or illegal activity continues, then the Sprint IP customer's Products and Services may be subject to termination or other action as Sprint deems appropriate without notice."
Another example. Lets assume that someone in our upstream decided that we MUST have a $250,000 router to connect to their system. If we can't provide such a beast, we are immediately terminated and required to pay for the remaining year term.
On a T1? Not likely. I can't see them requiring any kind of upgrade that isn't required of all other like customers. More likely this clause is there to make sure that you don't run some buggy version of software and not do something about it.
I have no problem with that. We'd just like to be able to get out of a contract under the (unlikely) circumstance that we are either unable or unwilling to comply with their requirements - Without paying up to $20,000.
Both of the potential upstreams have been wholly unwilling to negotiate a contract in good faith to resolve these issues.
If they perceive you as a "mom and pop" outfit, they are likely to do this. What is your relationship to The Montana Internet Cooperative?
This is for the Montana Internet Corporation. (Haven't changed the names on the internic records yet.) I'm on the board of directors and one of the system administrators.
Given the remoteness of Montana, local investment by the backbones does not generally give good returns. I can't give you a T1+loop at that price because hauling the line in is too expensive.
There has to be a market there to make it worth while.
If you had ALL of Helena signed up as a customer, could you afford the cost of hauling your own T1 all the way to Denver or Seattle or Minneapolis to connect up to a major backbone there? Would a T1 be enough for the town?
We could "afford" to drag a T1, although it would put a fairly deep strain on our resources. That isn't the issue. Basically, if we stick with MCI, AT&T, etc. (I.E telcos) we can easily get T1 service + loop for under $3k. I'm just leery of getting 30 days further down the road with ISP #3 just to find that they have the same terms in their contract which they won't let us see until we agree to a proposal which takes them 30 days to produce. -forrestc@imach.com
On Sat, 29 Nov 1997, Phil Howard wrote:
Now, I understand the need to be able to terminate spam havens. I also understand the need to require your customers to use compatible and reliable equipment.
So do I.
So is the strange clause about hiding the backbone name the one you are worried most about?
Actually, no. What I'm worried about is that under both contracts we've seen so far (From two different providers) if a single customer sends spam (or even flames another user, the way they're written) and our upstream finds out, then they have the right to terminate immediately without notice to us AND then require us to pay for the remaining service.
Sprint's policy is much better which basically states:
"Complaints about customers or end-users of a Sprint IP customer will be forwarded to the Sprint IP customer's hostmaster for action. If irresponsible or illegal activity continues, then the Sprint IP customer's Products and Services may be subject to termination or other action as Sprint deems appropriate without notice."
It does seems to be a better set of terms. But you need to remember that the whole SPAM thing has gotten so big that the providers are knee-jerking to get it solved. Every major and minor backbone provider has been hit with SPAM related problems in one way or another. They do what you to take pre-emptive measures, from like terms for your own customers, to hardening all your servers, routers, and whatever else, to limit SPAM as much as is possible. What you want are terms that defer any termination should you have an uncontrolled incedent. But they may want terms in return that require you to pay all their losses from it. And that can be extensive, too.
I have no problem with that. We'd just like to be able to get out of a contract under the (unlikely) circumstance that we are either unable or unwilling to comply with their requirements - Without paying up to $20,000.
Then you need to make yourself attractive. Unfortunately it is a sellers market, especially in remote locations that want discount prices.
This is for the Montana Internet Corporation. (Haven't changed the names on the internic records yet.) I'm on the board of directors and one of the system administrators.
That sure makes it sound small. So how big is it? Big enough to cover the whole state? Soon? How about hauling your own lines right up to MAE-WEST and CHI-NAP or something? Something comes to mind about beggars can't be... It's business out there. What does your own lawyer (legal department) say about it?
We could "afford" to drag a T1, although it would put a fairly deep strain on our resources. That isn't the issue. Basically, if we stick with MCI, AT&T, etc. (I.E telcos) we can easily get T1 service + loop for under $3k. I'm just leery of getting 30 days further down the road with ISP #3 just to find that they have the same terms in their contract which they won't let us see until we agree to a proposal which takes them 30 days to produce.
So you aren't attractive enough to them to get them to bring in the contract and proposal at the same time? Can't you tell the sales people that bring in the proposals to bring the contract with them, too? Or are they not even making the visit to Montana? It all sounds to me like lawyers who better understand how other lawyers think, might need to be in on this. And there aren't many on NANOG. In a market like Dallas, Texas, there is a lot more willingness to negotiate the deal. But then, they are typically getting the same $2500/mo with the loop that often only needs to run down the street a ways. Well, the big boys are getting that because they know they are good. The smaller ones are discounting and you get what you pay for, too. -- Phil Howard | a5b7c6d2@dumbads8.com stop5ads@s8p4a0m7.net crash277@no5where.net phil | end9it13@spammer7.org stop1504@no9where.net stop1ads@no4place.net at | stop5it5@dumb5ads.net no37ads1@spam4mer.com blow4me4@s0p2a0m0.net milepost | crash375@lame7ads.com eat66me6@anywhere.org suck4it4@no98ads5.org dot | suck1it8@nowhere2.org ads1suck@spammer9.edu end4it87@no40ads6.com com | eat2this@no95ads5.net end2ads5@noplace6.org end5it84@dumbads1.net
I wasn't going to post to this, but I can't resist. Forrest, do you have an AUP? If you have an AUP, have you submitted it to the laywers for the people you are looking at dealing with? It may be that with a well written anti-spam AUP and a specific response procedure, they may say that you have done enough to avoid the carrier exercising these terms. I understand the fear of contracts like this, but often they can be managed by finding proactive stances that the other side agrees will protect you from the contract clauses. As for the equipment issue, I feel little sympathy. I have had to go in and clean up swamp pits of archaic hardware and software. I am not saying that's what you are, but I am saying that the service providers are quite reasonable in setting minimum hardware standards for BGP customers. Remember that as a BGP speaker, you can cause them great trouble. They aren't doing this to stick it to you, they have learned to cover their a** from people who refuse to run current hardware/software. If you're still totally wrapped up in this, see if you can change the contract release terms in this case. And finally. Life's too short to obsess about these kinds of issue. If you run your ISP right, these won't be a problem. If you don't run your ISP right, these won't be your real problem. In the time you have been upset about this, you could have a well written AUP with procedures in place that would make any transit provider happy. If you understand the implications of BGP and do your part well, no one's ever going to bother you. jerry
The contract probably includes a clause that if a clause is found to be unenforceable, then that clause will be deleted, and the remaining clauses will continue in effect. However, do not let yourself be cornered into paying different rates for different traffic content. I would cross out those clauses. Otherwise, they will be able to charge you more for a "spam line" later. If its truly unacceptable, then walk away. I suspect legally, things will go the same way for spam as they did for telemarketing, bulk postal mail, commercial tv and radio. Money talks. Which is why investors built these commercial networks anyway. I suspect that much spam can't be stopped, without a constitutional amendment. MCI can't disconnect phone service from telemarketing companies, MailBoxes Etc can't refuse to deliver bulk mail, and I doubt a major company can disconnect major spammers who send legal messages. Indeed, someone might even suggest some actively target and solicit such companies for service for the tremendous revenue they produce. Eventually, someone will sue over spam, and the issue will be settled. Furthermore, I suspect the "concern" is mostly smoke too. Despite all the claims of spammer problems, I have not seen any significant change in the amount spam I receive over the last 6 months, and I seem to get a lot from the same sources. They don't get shut off, and then pop up somewhere else, as one would expect if anyone was actually doing anything about spam. Complaints about AGIS spewed on this group, but no else has done anything measurable, either. How many ISP's are really going to disconnect spammers? Has anyone actually disconnected a spam customer? How come cyberpromo and savoynet are still connected? They must connect to someone who connects to someone... who has an AUP that is being violated. Why isn't their provider disconnected? I think its pretty clear that it doesn't matter to the network service providers what the contents of your packets are. You will have paid for them no matter what they contain. The customer is paying for, and is therefore entitled to, some amount of bandwidth of whatever garbage they choose to send and receive. Likewise, it doesn't (shouldn't) matter to the phone company whether your leased T1 is carrying internet traffic or voice traffic to a PBX somewhere. It should be the same rate regardless of the content of the traffic. Schemes which change rates depending on the content are not in the interest of the customer. So when you are in the role of customer of your uplink, don't accept them. --Dean ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Dean Anderson wrote:
I suspect that much spam can't be stopped, without a constitutional amendment.
Wow! What a heavy-handed way to fix a problem which has a purely technological solution. Cryptography can be used to produce non-transferrable keys allowing some party to send message to a particular recipient. Messages can include "right to respond" keys. The problem with authenticated messaging is how to send a message to a person who was not in any kind of contact with you before. Fortunately, this is not much of a problem, with adequate key distribution scheme, because there's always some kind of community both parties belong to before they exchange messages (obviously, since the sending party got to obtain address from somewhere). Such community message board can provide its members with keys allowing them to communicate to each other directly. Now, communities will have to perform some kind of authentication of its members to exclude abuse. Which means that USENET cannot be covered by this scheme; but isn't it already nearly dead? I was always saying that Internet is quite a step forward in promoting a right to speak. Unfortunately as-is it is very bad at promoting the right not to listen. --vadim
At 4:32 PM -0500 12/1/97, Vadim Antonov wrote:
Cryptography can be used to produce non-transferrable keys allowing some party to send message to a particular recipient. Messages can include "right to respond" keys.
The problem with authenticated messaging is how to send a message
Wow! What a heavy-handed technological alternative to the delete key.
I was always saying that Internet is quite a step forward in promoting a right to speak. Unfortunately as-is it is very bad at promoting the right not to listen.
I disagree. The right not to listen is appropriately exercised by the delete key. What has been discussed are means to suppress speech by others. The right to respond? And some people don't have such a right? Sounds like some communist countries that don't exist anymore. Didn't that cause riots, wars, insurrection, mass killing, and other bad things? Usenet perfected the solution to this problem many years ago: kill files, and personal filters. Of course, that is my point: we have already been through these problems years ago, and found acceptable technical solutions for them. But people insist on getting their underwear in a bunch regarding spam, and inventing new solutions to old problems. This may be too political for continued discussion on nanog. If people want to continue, will the next respondent add the relevant parties to the cc list and remove nanog? Also, I'm very interested in hard numbers on: T1, or T3 spam disconnects made (not just complaints made) Revenue forfeited due to these disconnects Information on how many spam factories there were, and what they are doing now. Did they quit, go somewhere else? They must have netly employees who were known and can be located again. Have any *custoemrs* disconnected from you due to spam? This thread started over the provision in a contract to disconnect the customer. Has this been used in reverse to get out of a contract with a provider? Also, is anyone even considering breaking peering agreements with uplink spam sources. (AGIS comes to mind, sorry AGIS). Please email me privately. Thanks --Dean ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Plain Aviation, Inc dean@av8.com LAN/WAN/UNIX/NT/TCPIP http://www.av8.com ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Wow! What a heavy-handed way to fix a problem which has a purely technological solution.
I can set up a closed e-mail system now. We all agree that's technically straightforward. The problem is that it is of great value to me that any of the 100 million legitimate users on the net can easily send me e-mail and I can respond to them equally easily, and a "solution" that cuts them out to get rid of the spammers is cutting off your nose, both ears, and about nine fingers, to spite your face.
Now, communities will have to perform some kind of authentication of its members to exclude abuse. Which means that USENET cannot be covered by this scheme; but isn't it already nearly dead?
Neither can the existing SMTP mail network, unless you want to overlay a crypto system on that. But you could do that with usenet as well if you wanted to. Besides, as soon as the communities got large enough to be interesting, you'd find spam leaking in via providers who value short term profit over long term interests, same as now. Spam is a social problem, not a technical one, which is why technical solutions will never be more than a stopgap. There's lots of other places to discuss spam, anyone who doesn't already know what they are is welcome to e-mail me for a list, or visit http://spam.abuse.net. Regards, John Levine, postmaster@abuse.net, http://www.abuse.net, Trumansburg NY abuse.net postmaster
John R. Levine wrote:
The problem is that it is of great value to me that any of the 100 million legitimate users on the net can easily send me e-mail and I can respond to them equally easily, and a "solution" that cuts them out to get rid of the spammers is cutting off your nose, both ears, and about nine fingers, to spite your face.
That's one big mistake. Before anybody will easily send you e-mail he has to get your address from somewhere and determine somehow that the person is interested in hearing from you. That process can just as well include obtaining personal or community authorization.
Neither can the existing SMTP mail network, unless you want to overlay a crypto system on that.
That's what i'm calling for, instead of asking politicans and lawyers to come and save us from ourselves.
But you could do that with usenet as well if you wanted to.
Yes, but it is dying for other reasons, too. For one, it doesn't scale. There's no particular reason to perpetuate that silliness.
Besides, as soon as the communities got large enough to be interesting, you'd find spam leaking in via providers who value short term profit over long term interests, same as now.
My point is: provides should deliver bytes, not play police. The communities should have tools for self-policing. If you want to participate in an "open" community where everyone can join, you're welcome; most of us would want to participate in a bit more closed communities.
Spam is a social problem, not a technical one, which is why technical solutions will never be more than a stopgap.
Goodbye, clue. The lack of freedom of press for those who don't own the press also was a social problem. As well as lack of clean water. Are you're going to tell that political methods solved those problems? To solve them the societies needed the technology first. Spam has no political solution, as long as there's no technology to enforce it. The good news is, with the appropriate technology there's no need for legistlation or anti-spam activism.
There's lots of other places to discuss spam, anyone who doesn't already know what they are is welcome to e-mail me for a list, or visit http://spam.abuse.net.
Thank you for playing a search engine. I'm subscribed to NANOG and talk about things which are discussed here. If I wanted to participate in pointless discussions, I would join the socially-bent antispam lists. As of now, I consider spam an operational problem which calls for technological solution. As such it is quite relevant in NANOG. Regards, --vadim
That's one big mistake. Before anybody will easily send you e-mail he has to get your address from somewhere and determine somehow that the person is interested in hearing from you. That process can just as well include obtaining personal or community authorization.
My address is printed in about two million copies of books that I've written because I want my readers, most of whom are not technically sophisticated, to write to me. That's an extreme case, but lots of people put their e-mail addresses on their business cards and in their newspaper ads because they view e-mail as a way to contact people, not as a way to throw up walls. Much though we wish it were otherwise, spammers can read as well as anyone else and can use those addresses the same as legitimate users. If you put up technical blocks against spammers, you also put up blocks against lots and lots of legitimate e-mail users.
The lack of freedom of press for those who don't own the press also was a social problem. As well as lack of clean water.
Are you're going to tell that political methods solved those problems? To solve them the societies needed the technology first.
They needed both. (I can tell you a fair amount about clean water, being a municipal water commissioner*.) But that doesn't have much to do with spam other than that there are economic externalities in spamming that technical approaches are unlikely to change anytime soon. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner Finger for PGP key, f'print = 3A 5B D0 3F D9 A0 6A A4 2D AC 1E 9E A6 36 A3 47 * - Yes, my signature says Sewer Commissioner. It's a small town, I do both.
On Mon, 1 Dec 1997, John R Levine wrote:
The lack of freedom of press for those who don't own the press also was a social problem. As well as lack of clean water.
Are you're going to tell that political methods solved those problems? To solve them the societies needed the technology first.
But it was laws that curbed junk-faxing, not technology. Nobody modified their fax machines to stop people from UCF - fear of prosecution did the trick. If laws are written right you could at least (1) hold any U.S. business responsible for spam promoting their business (2) protect backbone providers from suit for blackholing spamhaus and (3) provide for prosecution of providers such as AGIS, ACIS, Bell Atlantic etc. who refuse to act against these electronic-resource thiefs. If a provider is given notice to shutdown a spammer within x number of days or be penalized for not complying it could quickly become very difficult to keep a link. For the rest without web sites/email start levying heavy taxes and fines against them and sick the IRS on them to collect. In fact if there was a $10 advertisement tax fee for each spam it would probably be the end of a lot of it. Or we could come up with a combination of law and technology somewhere in the middle with the same results and less government. But the providers who knowingly continue to allow spam to spew from their networks need to be held accountable. (The "habitual spamhaus", not the providers who act upon reports of UCE.) How difficult would it be technically to have a filter at your gateway that would shut down or throttle this kind of emailing without killing performance? Could it be done in a future flavor of BGP? Statistically by AS perhaps? - James Wilson
On Mon, 1 Dec 1997, Vadim Antonov wrote:
John R. Levine wrote:
The problem is that it is of great value to me that any of the 100 million legitimate users on the net can easily send me e-mail and I can respond to them equally easily, and a "solution" that cuts them out to get rid of the spammers is cutting off your nose, both ears, and about nine fingers, to spite your face.
That's one big mistake. Before anybody will easily send you e-mail he has to get your address from somewhere and determine somehow that the person is interested in hearing from you. That process can just as well include obtaining personal or community authorization.
Erm, say you put your address on a webpage. Now, whats the difference between someone clicking it and sending you some 'signed' email (the key being on the page or embedded in the mailto: tag or some crap), and an email-address-grabbing-webcrawler grabbing your email address AND the signing information too? Whoops, that idea goes out the window. No matter how you put it on the page, I'm sure someone will write a program that is intelligent enough to extract the info. Adrian
On Mon, Dec 01, 1997 at 02:04:48PM -0500, Dean Anderson wrote:
Furthermore, I suspect the "concern" is mostly smoke too. Despite all the claims of spammer problems, I have not seen any significant change in the amount spam I receive over the last 6 months, and I seem to get a lot from the same sources. They don't get shut off, and then pop up somewhere else,
How many ISP's are really going to disconnect spammers?
We have, and a lot of other ISP's of varying size have.
actually disconnected a spam customer? How come cyberpromo and savoynet are still connected? They must connect to someone who connects to someone...
CP is down. Savoynet is supposed to be down, though that's under debate. -- Steve Sobol, Tech Support, New Age Consulting Service, Inc. 216 619-2000 sjsobol @ nacs.net http://www.nacs.net/support (Under Construction) Need to get in touch? Use AOL Instant Messenger! My screen name: SJSobol
participants (13)
-
Adrian Chadd
-
Dean Anderson
-
Eric Osborne
-
Forrest W. Christian
-
Jay R. Ashworth
-
Jerry Scharf
-
John R Levine
-
johnl@iecc.com
-
Jon Lewis
-
Phil Howard
-
Root
-
Steve Sobol
-
Vadim Antonov