Insecure mail relays are identifiable, send to their postmaster and
then report to MAPS if they dont fix it.
Mailservers at a fixed IP that are originating SPAM are also
identifiable.
The case I am talking about is when a spammer on a dynamic IP (possibly
from a national ISP's modem banks) connects directly to your server to
either send junk to your users, or to try and use YOU as a relay.
You arent going to get anywhere billing the national ISP, and they
arent going to tell you anythink about the spammer, so who are you
going to send your bill to?
On Mon, 25 Sep 2000, Jason Robertson wrote:
> It's often work, and sometimes they do.
>
> But In California, it is the upstream provider, and any Mail server in the loop
> responsible, so for all those insecure relays they are just as liable for this.
>
> On 25 Sep 2000, at 15:31, Dave C. wrote:
>
> >
> >
> > Yes, but who do you send the bill to? Especially in the case of a
> > spammer residing at a dynamically-assigned IP address? The upstream ISP
> > will investigate, and maybe turn off their account, and will send your
> > bill back with "ROTFL" stamped on on (Assuming they don't just throw it
> > out)
> >
> > On Mon, 25 Sep 2000, Jason Robertson wrote:
> >
> > >
> > > I have a simpler method of this, add to the SMTP Banner that unlawful use of
> > > the server will be prosecuted, and that uses for such things as spam will be
> > > billed.
> > >
> > > Second time hosts that spam our domain receive bills from me at $100/email
> > > (hrm thinking back I should change that to $100/second since I have it
> > > scripted and most spams take me about 5 minute to track down now) That
> > > includes parsing headers, checking for relays, whois on all hosts, checking
> > > for valid email addresses, and checking for websites. And then proceeding to
> > > write up the complaint. My only job after this is to verify the e- mail and
> > > to send it out.
> > >
> > > This has reduced some of our spam level because it does get costly for
> > > some spammers.
> > >
> > >
> > > On 25 Sep 2000, at 11:48, Paul Robinson wrote:
> > >
> > > > On Fri, 22 Sep 2000, Dave C. wrote:
> > > >
> > > > > I have put in reports to the appropriate ISP's, along with requests
> > > > > that they provide me with identification and contact information of the
> > > > > responsible idiot. I really want to call this schmuck and ask him if he
> > > > > can come up with any pittance of a reason I shouldn't sue him into the
> > > > > ground or file criminal trespass charges. I'm not very hopeful that they
> > > > > will do so, 'user privacy' and all.
> > > >
> > > > Well, in the UK at least there is this really handy law called the Data
> > > > Protection Act which means that would be just plain illegal. In fact, the
> > > > fact you want to phone him up is just plain stupid. If you plan to take it
> > > > further within the bounds of the law, you phoning him is not going to look
> > > > good in court. In fact, you'll probably do some time yourself for harrassing
> > > > the guy. I would strongly advise you to contact the police. In the UK, you
> > > > want the Computer Crime Unit at Scotland Yard.
> > > >
> > > > > While I can understand their position (I work for an ISP too), I'm
> > > > > curious why spammers deserve to have their identity protected? Couldn't
> > > >
> > > > Because everybody has the right to privacy. If I say I don't agree with you
> > > > posting to this mailing list, and I am the accounts manager for your
> > > > upstream provider, am I entitled to post your full name, home address, 24
> > > > hour contact number and credit card details to this list?
> > > >
> > > > > ISP's include language in their TOS/AUP which said that users agreed
> > > > > that if they were caught in the act of gross network abuse, that their ID
> > > > > and contact info would be shared with their victims? Wouldnt this help cut
> > > > > way down on spam?
> > > >
> > > > No. It would increase it dramatically in the short term, and would keep it
> > > > level in the medium to long term. This would be because the victims would
> > > > spam the spammer back, the spammer would throw a few thousand mails into the
> > > > ISP admin's accounts as a complaint, the ISP admin would send copious
> > > > amounts of mail to the spammer's new ISP to get him to shut up, and Usenet
> > > > would be flooded with people arguing as to wtf was going on. In short, to be
> > > > honest, it's a pretty terrible idea. Technical solutions are better than
> > > > political ones in this context, and your solution is 100% political with no
> > > > consideration towards the technical or even legal aspects of such a
> > > > solution.
> > > >
> > > > > I'm all in favor of the right to anonymity and privacy on the Internet -
> > > > > but I am not in favor of the right to anonymously abuse servers and
> > > > > networks.
> > > >
> > > > Once you say anonymity is OK in all areas but *one* people quickly increase
> > > > that to two areas, then four, then ten, and so on. I hate the cliche, but
> > > > it's the thin end of the wedge. People either have the right to anonymity,
> > > > or they don't. You can't have your cake and eat it.
> > > >
> > > > > (Eg, to take this case as an example, if you fail a HELO syntax check,
> > > > > say, 5 times, within a 5 minute period, I refuse connections from you for
> > > > > an hour)
> > > >
> > > > That would be rather difficult to do if you think about it, because you are
> > > > then having to create a sense of state over a period of time. In effect, you
> > > > would have to be aware of every host that said HELO in the previous five
> > > > minutes, and how many times. If you're a large ISP this performance hit is
> > > > going to be too big, and if you have more than a few thousand accounts
> > > > locally then you can expect that amount of traffic from sites like freeserve
> > > > in the UK, AOL, Demon, et al quite easily.
> > > >
> > > > --
> > > > Paul Robinson - Internet Services @ Akita - http://www.akita.co.uk
> > > > ------------------------------------------------------------------
> > > > Sales:- T: 01869 337088 F: 01869 337488 E: sales@???
> > > > Techs:- T: 0161 228 6388 F: 0161 228 6389 E: root@???
> > > > ------------------------------------------------------------------
> > > >
> > > >
> > > >
> > > >
> > >
> > >
> > >
> > > ---
> > > Jason Robertson
> > > Network Analyst
> > > jason@???
> > > http://www.astroadvice.com
> > >
> > > --
> > > ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
> > > ## details at http://www.exim.org/ ##
> > >
> >
> > --
> >
> >
> >
>
>
>
> ---
> Jason Robertson
> Network Analyst
> jason@???
> http://www.astroadvice.com
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
--