You’re viewing an archived page. It is no longer being updated.
RIPE Anti-Spam Working Group Minutes from RIPE 31

Draft minutes from RIPE 31

Anti-Spam Working Group
Chair: James Aldridge, EUnet
Scribe: Petra Zeidler, Xlink
2.1 Current problems,major incident reports, etc
"Reverse Spam" - Forged mail headers implicate innocent third party;
the innocent party gets all complaints, delivery reports, etc.
"Spam Relaying" - main problem in Germany as spam sending is
considered fraudulant.
Problems with unresponsive spam originating provider.
2.2 Means of dealing with spam
ISP Relaying
Customer Relaying
SMTP port blocking for incoming/outgoing
Blocking known spammers (blacklists)
2.3 Roaming Customers
- setting e.g. local mail smarthost transferred in PPP negotiation
- tunnelling back to home ISP
- authenticated SMTP
- limited amount relaying (when connecting to home server from remote
2.4 Implications of blocking/restricting SMTP to force use of ISP's relay
Some people want to be able to send end-to-end
- Ask customers not to spam
- responsive to spam reports
- coordination of open relay removal (taking advantage of
provider/customer relationship)
- have an [email protected] email address (reference RFCXXXXX standard email
- educate people to see where to look
- get complaints fast to block ongoing abuse
- to make abuse reporting easy
- blacklist known spam users:
= wouldn't work with online registation ISPs
= may be illegal
- IP address use limits (assignment of IP addresses to customers has
additional limitations above existing Regional Registry rules)

- US: "good" spam (has correct "From" field)
- Belgium: "database entry" spam (not really a legally
required act)
- gathering addresses from public databases (RIPE, InterNIC,
etc). All databases copyright; proof of abuse leads to
legal action.
- NSI CD-ROM seems to have been withdrawn
- White pages
- "tar pit" - abuse triggers delay in all SMTP actions
limiting rate at which spam can be transmitted.
- restrict number of recipients in a single SMTP
- Get "typical" spammer's profile so new ISPs can avoid taking
them on.
- get together a common set of terms and conditions -
different laws across Europe - how does this affect us?
- what existing laws relate to spam?
- what about non-EU countries?
- terminate contract if abuse
- bill for abuse cleanup
- have marketing people write "netiquette" document
- EU-wide, every ISP netiquette and maybe even have country
spec netiquette
- put pressure on software vendors to not deliver SMTP servers
which are open to third-party relaying in default
- technical measures won't last for ever: legal standards are
- have an RFC say "thou shalt not relay 3rd party mail"
- "Good netkeeping" /"RIPE approved" sticker for software with
good defaults
4. CENAR exists
last resort will become first
duplication of efforts to be avoided
5. AOB
LINX is hosting a "spam conference" in London in October
Check for relaying checker and hints to fix is open and a
lot of other useful information.

RIPE Forum

The RIPE Forum is an additional way to participate in RIPE community mailing list discussions using a web-based interface rather than an email client.

Check out the forum