Re: [anti-spam-wg] Any suggestions about how to deal with non co-operative ISP's and RIR's ?
From: peter h peter@localhost
Date: Tue, 3 Apr 2007 07:37:03 +0200
On Monday 02 April 2007 08.50, oca@localhost wrote:
> Any suggestions about how to deal with non co-operative ISP's and RIR's ?
> When I receive a spam mail, I normally send a spam repport to the "abuse
> mail account" of the ISP being responsible for the IP address using the
> whois databases of the RIR's.
> Normally this works very fine ... or rather ... I'm often able to deliver
> the repport somewhere without any problems.
> But in some cases the given account dosn't exist or is hidden behind a
> In these cases I have tried to contact the RIR of the ISP but with very
> different outcome ...
> Some RIR's consider this as a problem they can deal with and some dosn't !!!
> Last week I received a third spam mail from an ip address belonging to
> According to the whois of arin, and to the homepage of the ISP, I should
> repport abuse to abuse@localhost...
> This I have tried several times getting an "unable to deliver" repport every
> time ...
> Trying to raise this as an issue for ARIN gives this repply:
> > ARIN is an IP registry whose primary function is the registration and
> > distribution of IP number resources (IP addresses and Autonomous System
> > Numbers) in North America.
> > IP number resource registration information can be found in the
> > public ARIN WHOIS database found at:
> > http://www.arin.net/whois/
> > Please understand that ARIN does not operate any of the networks contained
> > in the WHOIS database nor is ARIN responsible for supplying and
> > maintaining the registration data in the WHOIS database. That
> > responsibility lies soley with the registrant of the data.
> How do we fight spam, and other kind of abuse, as long as some of the ISP's
> and the RIR's has this kind of attitudes ?
The solution is - block them. Either subscribe on a blocklist that fills the
need or block the offending ISP's yourself. IP ranges is easily
available by "whois"
The downside is that _if_ someone is within that ISP's net they are
not able to mail you, but a proper "bounce-message" ( "Use gmail or any other
serious mailprovider" ) or punch a hole in you block when needed.
The only real pressure that can be applied to unserious ISP is to
threat their income. Make their customers complain and eventually
There's never money to do it right, but always money to do it
again ... and again ... and again ... and again.
( Det är billigare att göra rätt. Det är dyrt att laga fel. )