Who cares about ISPs? The ISP is the ONLY one that cares! The domain owner is the problem S/he doesn't care. At least the ISP realizes their IP block can get black listed, or THEIR ISP could shut them down, so THEY may care! Look at yahoo. A major business has had their E-mail blocked, and many Ecommerce sites no longer accept their email addresses!
Also, if they are told about something, and are negligent, they could be SUED! Heck, if this "hacker" drives my bandwidth usage to high, I may send a bill to UUNET! ALSO, the domain owner today, in spamming, is often CLOAKED! They have a site that doesn't respond to ICMP, and are on a foriegn ISP who ALSO doesn't respond. EVENTUALLY, they hit someone that ISN'T cloaked, though. Steve >-- Original Message -- >Date: Mon, 02 Dec 2002 05:57:49 -0800 >From: "Roger B.A. Klorese" <[EMAIL PROTECTED]> >To: Robert L Mathews <[EMAIL PROTECTED]> >CC: [EMAIL PROTECTED] >Subject: Re: protecting ourselves from scammers > > >Robert L Mathews wrote: > >>Even if it were always the case that "domain-owner->connectivity", >>wouldn't that just reinforce the point I made? If they're the same >>person, there's no need to complain to the domain owner; just send the >>report to the connectivity provider from ARIN, and it'll reach the right > >>person anyway. >> >Why look up netblocks when you can use a public resource for its >intended purpose? > >>And that you rarely get spam, for example, from people who have colocated > >>a server someplace and started selling Viagra, or gambling, or porn >>through their domain name? >> >Spam's not a reportable/actionable offense under our AUP. Only threats >and similar probably-criminal offenses are. > >>The contact information for >>network operators is by definition in ARIN WHOIS, not domain WHOIS, so I > >>I don't quite follow the argument that reporting abuse to network >>operations personnel requires domain WHOIS -- it seems to argue just the > >>opposite. >> >But that's domain WHOIS' purpose. Most people have never heard of ARIN >WHOIS, or ARIN for that matter, and there's no ned for them to. > >>For example, the domain owner's postal address would still be available > >>in the event of a lawsuit. And for simple form-letter copyright >>violations, the DMCA provides an official way for intellectual property > >>owners to communicate directly with the ISP, who notifies the domain >>owner, and the domain owner can then respond with their physical address > >>if they want to fight it. >> >Again, far too cumbersome -- why bring the ISP into it when they're not >a player? > >>(I've noticed that most people who defend the use of WHOIS for legal >>purposes just assume that the current WHOIS system is accurate. >> >No, only that it should be. > >>In the >>case of "bad guys", particularly egregious spammers, I've often found >>just the opposite to be the case, >> >Again, for us, spammers are irrelevant. > >>and even if it isn't intentional, a >>good fraction of domain WHOIS data is out-of-date. >> >Deal with that, don't dismiss it. > >>Again, we're >>presumably talking about evildoers here: asking them to enter their true > >>address isn't something we can rely on for legal purposes. >> >Then they should be audited, not tossed out. > >>And again, >>since the ISP is always going to be contactable, they're probably going > >>to be a better bet for legal communication than the domain owner anyway.) >> >Again, who cares about ISPs? > >
