[12160] in North American Network Operators' Group
Re: BGP blackholing spam [was Spammer Bust]
daemon@ATHENA.MIT.EDU (Paul A Vixie)
Sat Sep 6 14:29:36 1997
To: nanog@merit.edu
In-reply-to: Your message of "Sat, 06 Sep 1997 11:55:11 EDT."
<Pine.BSD.3.91.970906114336.13417B-100000@apollo.carroll.com>
Date: Sat, 06 Sep 1997 11:14:09 -0700
From: Paul A Vixie <paul@vix.com>
> Is it possible to get the list of sites included in this feed. Paul Vixie
> used to publish these site on his web site, but the "Rogue" sites area has
> been taken down. Apparently a large number of list "memebers" threaten
> legal action. They alleged some used this list as a list of targets for
> retaliation.
http://spam.abuse.net/ is hosted on a vixie machine but not edited by any
vixie people. scott hazen mueller, a former employee here, is in charge
of that page. i have no editorial input at all other than as an individual
contributor. in other details, the above paragraph is factually correct.
> We were freuquent reviewers of the list. We used the information there to
> update our sendmail filters. We were very dissapointed to see it go.
>
> The only trouble I have with Paul's list was it occasionally needed fine
> tuning by hand. Some sites had to be permitted, even though they may have
> been guilty of UCE. On one occasion, they had an ISP on their list. This
> ISP was close enough to us in geographic region that it was reasonable to
> expect some of our users were emailing users on their system. We could not
> therefore black hole them.
thank you for that explaination. the black hole list is not for everybody,
though i believe that with the "fine tuning" you described, it can be of use
to anybody who wants to do more work and get less spam.
> It would seem to me that this would be more serious if this were an
> automatic feed, sent directly to our routers. There would be no way to
> review the sites on the list before they were blocked.
>
> Perhaps Paul would create a mailing list for network operators interested
> in receiving his blackhole list. As new updates to the group were made,
> they could be sent to the list. So as not to appear as though we are
> looking for something for nothing, we would be willing to donate resources
> to run the list.
because of my cease-and-desist problem, and my very real worries about
"conspiracy in restraint of trade", i will not make the list available
other than through a protocol like BGP/TCP which allows me to revoke an
entry from the list in real time and without anyone else's participation.
