[48980] in North American Network Operators' Group
Re: SPEWS?
daemon@ATHENA.MIT.EDU (Sandy Harris)
Thu Jun 20 15:29:46 2002
Date: Thu, 20 Jun 2002 14:33:18 -0400
From: Sandy Harris <pashley@storm.ca>
To: nanog@nanog.org
Errors-To: owner-nanog-outgoing@merit.edu
Andy Johnson wrote:
> > Let me clarify, then.
> >
> > If the offending ISP does not respond, and you have exhausted all avenues
> > available to you to get the ISP to get its customer to stop spamming -
> > whether by TOS'ing the customer, education or whatever -
... and you've waited a reasonable time ...
Then the ISP is obviously either incompetent or deliberately aiding the
spammers. Why should you even consider anything less than blacklisting
every netblock the ISP has?
> > then escalation may work if the collateral damage caused by escalation
> > is enough to get the spammers' neighbors to complain to the ISP.
The objective isn't just to stop that spammer. If the ISP is clearly
acting irresponsibly and not dealing with a spam problem, getting them
to wake up is more important than the individual spammer.
> > And I don't think this is a potential solution only for spam; it is
> > appropriate (IMESHO) in other abusive situations too.
> >
>
> Doesn't anyone see the irony here? Fighting abuse with abuse is somewhat
> counter-productive. ...
Not if its the only way to wake up that ISP.
Of course, this sort of block must be a last desparate measure. At
a minimum, the spammer's been at it for weeks and you've mailed abuse@,
postmaster@ and the whois contacts without eliciting a response from
the ISP, before you even consider it.
Even then, you should likely try phoning the ISP and/or browsing
their website for other contact addresses before taking such a
drastic action.
But if drastic action seems the only way, don't stop at half
measures. Blackhole every netblock they have, and for all
packet types, not just email.
