<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: Opt-out ? we do know the "bounce" command...

  • From: Anders Andersson < >
  • Date: Tue, 24 Jul 2001 19:49:03 +0200 (MET DST)

Gunnar Lindberg lindberg@localhost wrote:
>Every spammer and every open Mail Relay has some relation to an ISP,
>it may not be formal and on paper but it still exist. Have every ISP
>make a clear statement/contract with its custommers saying spamming
>and open Mail Relays is/are prohibited (probably with wording like
>"custommer will only use opt-in for advertising"). Have every ISP
>act accordingly. Then we can start refusning mail from those whose
>ISPs doesn't agree and act. If "we" are more then "they" "we" might
>win; if not - sigh again, and we're still on square one.

Selectively refusing mail from noncooperative ISPs will require a
shared database similar to MAPS and ORBS, with the main difference
being another set of listing criteria.  Someone will have to run
that database server in a manner that allows us to rely on it for
speedy SMTP client identification.  I agree that it must be better
protected from outside attacks than ORBS was, but fee-based access
(MAPS-style) is hardly the way to go for an experimental service.

Blacklisting an ISP for failing to sign a contract is not a lot less
controversial than blacklisting it for providing spam support, and
I don't think we can prevent the baby from being thrown out with the
bathwater simply by dressing it up in a black suit and tie.  Maybe
operating the service from a carefully chosen jurisdiction will help
somewhat, but above all we do need to consult a competent lawyer.

As for choice of jurisdiction, how about a country where information
held by the government must be provided without delay upon request
by a member of the public, unless a specific secrecy rule applies to
that particular piece of information (hint, hint)? :-)

Just remember to maintain database granularity so that users can
pick and mix listing criteria according to their preferences.  One
size won't fit them all.

>I know this will be bashed and I already hear "impossible" comments.
>Fine with me; square one is waiting. But since everything else seems
>to fail, maybe this has to be at least considered.

I'm all for it; I'm fed up with blocking one IP address after another
with no end of the spam in sight.  We need to make the ISPs do the
hard work for us by keeping their own networks in line; we can't
possibly do that for them.

After having detected a number of open relays on Telstra's networks
(Australia), I figured it would be easier for me to ask them to run
a systematic test of their own hosts than to submit each relay to
the MAPS RSS and bother a lot more people about it.  The answer from
Geoff Huston, 139.130.0.0/16 coordinator, to my inquiry:

	Telstra uses 139.130 as a provider IP address block,
	and many clients of the service use this prefix for
	their own services. If you believe that there are problems
	with the configuration of any of these customers' mailk
	servers it would be quite okay if you contacted them
	directly and informed them of the problem you are seeing.

It would be quite okay for me to do Telstra's job for them?  Sure.
I ended up sending the relays to MAPS RSS instead; that was quite
okay with me as the RSS didn't insist on having an argument each
time.  Imagine a beekeeper _allowing_ his neighbour to go chasing
individual bees when they bother him...  How much is 64K bees?

For a MAPS RBL nomination, I have to do all the hard work of
trying to talk to the ISP _before_ I can submit him to MAPS, and
risk duplicating or interfering with the work of others in the
process.  This is not how the task of negotiating a contract with
every major ISP should be distributed.  Someone will have to keep
track of who takes on which part of the IP address space on behalf
of everybody else.  And, the same ISP shouldn't be negotiated with
twice just because they own more than one address range.  Seems
like a pretty big coordination task, but better an impossible task
that can be accomplished within finite time than one that can not.

--
Anders Andersson, Dept. of Computer Systems, Uppsala University
Paper Mail: Box 325, S-751 05 UPPSALA, Sweden
Phone: +46 18 4713170   EMail: andersa@localhost





  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>