RIPE 31

Draft minutes from RIPE 31


RIPE31
Anti-Spam Working Group
DRAFT MINUTES
1. ADMIN STUFF
Chair: James Aldridge, EUnet
Scribe: Petra Zeidler, Xlink
2. GENERAL WG INPUT
2.1 Current problems,major incident reports, etc
"Reverse Spam" - Forged mail headers implicate innocent third party;
the innocent party gets all complaints, delivery reports, etc.
"Spam Relaying" - main problem in Germany as spam sending is
considered fraudulant.
Problems with unresponsive spam originating provider.
2.2 Means of dealing with spam
ISP Relaying
Customer Relaying
SMTP port blocking for incoming/outgoing
Blocking known spammers (blacklists)
2.3 Roaming Customers
- setting e.g. local mail smarthost transferred in PPP negotiation
- tunnelling back to home ISP
- authenticated SMTP
- limited amount relaying (when connecting to home server from remote
address)
2.4 Implications of blocking/restricting SMTP to force use of ISP's relay
Some people want to be able to send end-to-end
3. CODE OF CONDUCT FOR ISPs
===========================
- Ask customers not to spam
- responsive to spam reports
- coordination of open relay removal (taking advantage of
provider/customer relationship)
- have an abuse@ email address (reference RFCXXXXX standard email
addresses)
- educate people to see where to look
- get complaints fast to block ongoing abuse
- abuse.net to make abuse reporting easy
- blacklist known spam users:
= wouldn't work with online registation ISPs
= may be illegal
- IP address use limits (assignment of IP addresses to customers has
additional limitations above existing Regional Registry rules)
Discussion:

- US: "good" spam (has correct "From" field)
- Belgium: "database entry" spam (not really a legally
required act)
- gathering addresses from public databases (RIPE, InterNIC,
etc). All databases copyright; proof of abuse leads to
legal action.
- NSI CD-ROM seems to have been withdrawn
- White pages
- "tar pit" - abuse triggers delay in all SMTP actions
limiting rate at which spam can be transmitted.
- restrict number of recipients in a single SMTP
transaction/message
- Get "typical" spammer's profile so new ISPs can avoid taking
them on.
- get together a common set of terms and conditions -
different laws across Europe - how does this affect us?
- what existing laws relate to spam?
- what about non-EU countries?
- terminate contract if abuse
- bill for abuse cleanup
- have marketing people write "netiquette" document
- EU-wide, every ISP netiquette and maybe even have country
spec netiquette
- put pressure on software vendors to not deliver SMTP servers
which are open to third-party relaying in default
configuration.
- technical measures won't last for ever: legal standards are
necessary
- have an RFC say "thou shalt not relay 3rd party mail"
- "Good netkeeping" /"RIPE approved" sticker for software with
good defaults
4. CENAR
abuse.net exists
last resort will become first
duplication of efforts to be avoided
5. AOB
LINX is hosting a "spam conference" in London in October
Check maps.vix.com for relaying checker and hints to fix is open and a
lot of other useful information.