[120726] in North American Network Operators' Group
Re: Article on spammers and their infrastructure
daemon@ATHENA.MIT.EDU (Jorge Amodio)
Thu Dec 31 17:57:15 2009
In-Reply-To: <60B0F2124D07B942988329B5B7CA393D020BE8763B@mail2.FireEye.com>
Date: Thu, 31 Dec 2009 16:56:29 -0600
From: Jorge Amodio <jmamodio@gmail.com>
To: Alex Lanstein <ALanstein@fireeye.com>
Cc: "nanog@merit.edu" <nanog@merit.edu>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
>>>>Cool. Then you just have to figure out how to unilaterally withdraw a
>>>>resource that doesn't have a centralized automated verification system.
>>>>Taking you out of whois doesn't automatically take you out of people's
>>>>BGP tables, after all.
>
> That's step two of the problem - enforcement. =A0Enforcement may seem "ha=
rd", but it's impossible without a policy. =A0If there is no policy clearly=
violated, enforcement cannot happen.
You are right, without a policy there is not what to enforce, but on
the other hand even with a policy you need somebody with police powers
to enforce the policy.
Then who do we want (if we do, which I don't believe we do) to play
the net-police role ?
ICANN ? the RIRs ? the ISPs ? ITU ? X invaders ? three letter agency
of your choice ? local law enforcement ?
I truly believe that if many service providers (access, domain,
hosting, etc) reduce just a notch the profit making greed and start to
close some doors for the bad guys we may be able to mitigate some
problems.
Time for new year resolutions ...
Cheers
Jorge
