Re: [anti-spam-wg] Any suggestions about how to deal with non co-operative ISP's and RIR's ?
To: oca@localhost, anti-spam-wg@localhost
From: "tp" ripe@localhost
Date: Tue, 3 Apr 2007 18:13:27 +0200
Reply-to: "tp" ripe@localhost
----- Original Message -----
Sent: Tuesday, April 03, 2007 10:06 AM
Subject: Re: [anti-spam-wg] Any suggestions about how to deal with non
co-operative ISP's and RIR's ?
> Blocking the ISP, in one or another way, is ofcourse a way to deal with spam
> from a given ISP ...
> But this is only a short-term ( selfish ) solution and dosn't solve the root
> for my frustrations - namely that the ISP and the RIR dosn't seem willing to
> Besides this - technically - blocking isn't possible for me ... I'm sitting
> behind a mail relay belonging to my ISP..
> Anyway - I appreciate that I'm not the only one feeling p... off by this
> I do believe that only if every responsible organisation on the net
> cooperate on hacking, spam and other abuse issues - we will be able to do
> anything about - otherwise ....
I agree with you to some extent.
- arguments about the precise definition of spam are specious
- ISPs generally do not care since it does not cost them, in fact spam makes
them money whereever they charge by volume (eg on dial-up lines charged by time)
- RIPE has an interesting mission which is largely set by ISP and LIR
So I suggest forgetting about reporting abuse to ISP or xIR unless and until our
national or supra-national governments enact and enforce legislation. You
could, on the other hand, report it to organisations who maintain Black/Block
Lists of addresses/domains that emit spam whose output is in turn used in a way
that could draw the attention of ISPs. Quite why these should be the good guys
in this I have yet to comprehend but that is what they seem to be.
> ----- Original Message -----
> From: "peter h" peter@localhost
> Sent: Tuesday, April 03, 2007 7:37 AM
> Subject: Re: [anti-spam-wg] Any suggestions about how to deal with non
> co-operative ISP's and RIR's ?
> On Monday 02 April 2007 08.50, oca@localhost wrote:
> > Any suggestions about how to deal with non co-operative ISP's and RIR's ?
> > When I receive a spam mail, I normally send a spam repport to the "abuse
> > mail account" of the ISP being responsible for the IP address using the
> > whois databases of the RIR's.
> > Normally this works very fine ... or rather ... I'm often able to deliver
> > the repport somewhere without any problems.
> > But in some cases the given account dosn't exist or is hidden behind a
> > spamfilter..
> > In these cases I have tried to contact the RIR of the ISP but with very
> > different outcome ...
> > Some RIR's consider this as a problem they can deal with and some dosn't
> > !!!
> > Last week I received a third spam mail from an ip address belonging to
> > charter.net...
> > According to the whois of arin, and to the homepage of the ISP, I should
> > repport abuse to abuse@localhost...
> > This I have tried several times getting an "unable to deliver" repport
> > every
> > time ...
> > Trying to raise this as an issue for ARIN gives this repply:
> > > ARIN is an IP registry whose primary function is the registration and
> > > distribution of IP number resources (IP addresses and Autonomous System
> > > Numbers) in North America.
> > >
> > > IP number resource registration information can be found in the
> > > public ARIN WHOIS database found at:
> > >
> > > http://www.arin.net/whois/
> > >
> > > Please understand that ARIN does not operate any of the networks
> > > contained
> > > in the WHOIS database nor is ARIN responsible for supplying and
> > > maintaining the registration data in the WHOIS database. That
> > > responsibility lies soley with the registrant of the data.
> > How do we fight spam, and other kind of abuse, as long as some of the
> > ISP's
> > and the RIR's has this kind of attitudes ?
> > Ole
> The solution is - block them. Either subscribe on a blocklist that fills the
> need or block the offending ISP's yourself. IP ranges is easily
> available by "whois"
> The downside is that _if_ someone is within that ISP's net they are
> not able to mail you, but a proper "bounce-message" ( "Use gmail or any
> serious mailprovider" ) or punch a hole in you block when needed.
> The only real pressure that can be applied to unserious ISP is to
> threat their income. Make their customers complain and eventually
> abandom them.
> Peter Håkanson
> There's never money to do it right, but always money to do it
> again ... and again ... and again ... and again.
> ( Det är billigare att göra rätt. Det är dyrt att laga fel. )