[119091] in North American Network Operators' Group
Re: Congress may require ISPs to block fraud sites H.R.3817
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Fri Nov 6 10:59:48 2009
In-Reply-To: <725755F5E728EE4086DAAF1A54DACF4F1A2F40DF96@sea5exbe1.speakeasy.hq>
Date: Fri, 6 Nov 2009 10:58:35 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Jonathan Brashear <Jonathan.Brashear@hq.speakeasy.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
(top posting makes it hard to follow the conversation, but...)
On Fri, Nov 6, 2009 at 10:52 AM, Jonathan Brashear
<Jonathan.Brashear@hq.speakeasy.net> wrote:
> Correct me if I'm wrong, but isn't there an RFC(2142 if memory serves) th=
at states filtering certain email addresses(like abuse@, noc@, support@) is=
n't allowed? =A0I understand your point, but it seems sending it to /dev/nu=
ll only opens another set of problems for you down the road.
There are some 'nice to have' ideas that
postmaster/abuse/root/webmaster ought to go somewhere and be seen. If
the business decides that any tom/dick/harry/mary can 'inform' them of
something such as this you can bet your aliases file that abuse@ will
get turned down somewhere.
I don't support that activity, but I also don't support this
incarnation of the anti-X regulation either.
-Chris
>
> Network Engineer, JNCIS-M
>> 214-981-1954 (office)
>> 214-642-4075 (cell)
>> jbrashear@hq.speakeasy.net
> http://www.speakeasy.net
> -----Original Message-----
> From: Christopher Morrow [mailto:morrowc.lists@gmail.com]
> Sent: Friday, November 06, 2009 9:47 AM
> To: Valdis.Kletnieks@vt.edu
> Cc: nanog@nanog.org
> Subject: Re: Congress may require ISPs to block fraud sites H.R.3817
>
> On Thu, Nov 5, 2009 at 5:56 PM, =A0<Valdis.Kletnieks@vt.edu> wrote:
>> On Thu, 05 Nov 2009 16:40:09 CST, Bryan King said:
>>> Did I miss a thread on this? Has anyone looked at this yet?
>>
>>> `(2) INTERNET SERVICE PROVIDERS- Any Internet service provider that, on
>>> or through a system or network controlled or operated by the Internet
>>> service provider, transmits, routes, provides connections for, or store=
s
>>> any material containing any misrepresentation of the kind prohibited in
>>> paragraph (1) shall be liable for any damages caused thereby, including
>>> damages suffered by SIPC, if the Internet service provider--
>>
>> "routes" sounds the most dangerous part there. =A0Does this mean that if
>> we have a BGP peering session with somebody, we need to filter it?
>>
>> Fortunately, there's the conditions:
>>
>>> `(A) has actual knowledge that the material contains a misrepresentatio=
n
>>> of the kind prohibited in paragraph (1), or
>>
>>> `(B) in the absence of actual knowledge, is aware of facts or
>>> circumstances from which it is apparent that the material contains a
>>> misrepresentation of the kind prohibited in paragraph (1), and
>>
>>> upon obtaining such knowledge or awareness, fails to act expeditiously
>>> to remove, or disable access to, the material.
>>
>> So the big players that just provide bandwidth to the smaller players ar=
e
>> mostly off the hook - AS701 has no reason to be aware that some website =
in
>> Tortuga is in violation (which raises an intresting point - what if the
>> site *is* offshore?)
>
> mail to: abuse@uu.net
> Subject: Fraud through your network
>
> Hi! someone in tortuga on ip address 1.2.3.4 which I accessed through
> your network is fraudulently claiming to be the state-bank-of-elbonia.
> Just though you should know! Also, I think that HR3817 expects you'll
> now stop this from happening!
>
> -concerned-internet-user
>
> oops, now they have actual knowledge... I suppose this is a good
> reason though to:
>
> vi /etc/aliases ->
> abuse: /dev/null
>
> so, is this bill helping? or hurting? :(
>
>>
>> And the immediate usptreams will fail to obtain knowledge or awareness o=
f
>> their customer's actions, the same way they always have.
>>
>> Move along, nothing to see.. ;)
>
> to my mind this is the exact same set of problems that the PA state
> anti-CP law brought forth...
>
> -chris
>
>
>
