[CLUE-Talk] Spam question

[Charlie Oriez]

On Sunday 14 April 2002 19:53, Dave Hahn gave up the right to remain 
silent by saying:

> 2) You can require that the sending server's hostname and domain
> name reverse resolve correctly.

some are starting to block on this though.  Excite.com is one 
example.  If the sending ISP lacks the technical confidence to ensure 
that rdns works (a requirement of one of the rfc's), should we trust 
him connecting to our systems


> The level of spam fighting an ISP chooses to do can be restricted
> by quite a few things.  Other things that can backfire:
> 1) Blocking e-mail from a server that has sent spam. -- It's very
> easy to end up blocking @aol.com.  Personally, I don't mind it, but
> the customers have a tendency to complain.

block on IPA.  Spamcop does it quite effectively.  

> 2) Blocking e-mail from servers listed in one of the open-relay /
> Spam server lists.  Same as above.  That's why these guys get
> sued/threatened quite a bit.  

They get threatened quite a bit.  They get sued infrequently.  They 
lose the suits even less frequently.  ISPs in Colorado who use 
technical means to block spam are indemnified against suit.

An entire ISP and it's customers can
> be punished.  Now, don't get me wrong, I think people with open

yep. as they should be.  Customers of pro spam ISPs are choosing 
sides in a war.  They choose the wrong side.  If they want to be 
unblocked, they can switch ISPs.  I dont care if a spammer can't 
reach me because his ISP has shut him down for spamming, or his ISP 
has shut him down by going bankrupt.


> relays should be forced to watch hours of the Teletubbies as
> punishment, but, it's the customers that get punished when they
> can't send e-mail.

they get punished when they choose to aid and abet pro spam ISPs with 
their revenue

> 3) Block e-mail from a 'known' spamming address.  "From" addresses
> can be falsified.  If an ISP automagically blocks e-mail from an
> address from which spam is reported, updates at cnn.com could be
> blocked in that fashion. 

All of the dnsbl's use originating IPA in the received lines, not the 
from address.  That is less likely to be forged, and more accurate to 
block.  Even in my local procmail list I block more often on IPA than 
domain name.



>
> As to the answer to the spam problem, I'm not sure.  The current
> law, in Colorado anyway, really doesn't make it worth your time to
> pursue these guys.  (You can get $10 from them in small claims
> court.  Assuming you can prove who they *actually* are.)  There are
> some stories of people winning quite a bit of money in court from
> repeat spammers.  

It's $10 per spam.  I'm contemplating such a suit right now against 
jobseekernews.com  I calculate that they owe me multiple hundreds of 
dollars for spam dating back just one month.  It is worth less to 
make the effort here than it is say in Washington state.  The nice 
thing is that you can restrain them as well.

Doesnt work with the chickenboners, but the mainsleaze can be 
stopped.  I got Dish Networks to stop where just complaining did no 
good.

-- 
Charles Oriez    39  34' 34.4"N / 105 00' 06.3"W
**
The object-oriented model makes it easy to build up programs by
accretion.  What this often means, in practise, is that it
provides a structured way to write spaghetti code.  --Paul Graham