[29921] in North American Network Operators' Group
RE: RBL-type BGP service for known rogue networks?
daemon@ATHENA.MIT.EDU (Hal Murray)
Sun Jul 9 21:40:45 2000
Message-Id: <200007100138.SAA01514@quatre.pa.dec.com>
To: nanog@merit.edu
Cc: murray@pa.dec.com
In-Reply-To: Message of Sat, 8 Jul 2000 21:24:28 -0700
from <rmeyer@mhsc.com>
<001601bfe95d$92e27c10$eaaf6cc7@PEREGRIN>
Date: Sun, 09 Jul 2000 18:38:42 -0700
From: Hal Murray <murray@pa.dec.com>
Errors-To: owner-nanog-outgoing@merit.edu
From: "Roeland M.J. Meyer" <rmeyer@mhsc.com>
> I agree. MHSC lost an entire market plan, hosting third-party secure
> mail, becasue third-party mail services must allow relaying that
> is at minimum semi-open. At the time SMTP AUTH didn't exist (Until
> it's use becomes more wide-spread it still isn't real useful). The
> anti-relay bunch are killing a valid business model.
This brings up an interesting point that I haven't seen discussed
much.
What should happen when various business models for using the internet
conflict? Who gets to decide? Or how do we collect and distribute
the information so individual sites can decide for themselves?
I think all the examples I know about involve network abuse, or at
least activities that will be considered as network abuse by many
sensible people. Maybe the common theme is cost-shifting. I'm including
support costs as well as up-front traffic/server costs.
The obvious example is an ISP who wants to take spammers as customers,
or host web servers for spammers. The next example is an ISP with
a good looking anti-spam section in their AUP but they take a long
time to enforce it. How long should it take to disconnect a flagrant
spammer? ...
How about ISPs that tolerate crackers or smurfers? What about ISPs
that are just slow or incompetent at backtracking abusive traffic
with forged headers or setting up filters to drop forged headers
from their customers?
AllAdvantage is another good example to consider. I have no interest
in what they offer and I generally like having new/different businesses
connected to the internet. But their system encourages spam, so
we all get to pay for AllAdvantage's business in increased spam-fighting
costs. I'm sure they could stop the spam (or rather almost all of
it), but that would increase their costs.
Another example that was recently mentioned was ISPs that are teaming
up with phone companies. The phone company does the billing and
gives the ISP a cut so the ISP doesn't have to keep customer records
and hence those ISPs will have troubles disconnecting crackers.
Again, the ISPs could do a reasonable job of making sure their customers
are good netizens, but it will raise their cost of doing business.
