> What about spammers who register as resellers for legit non-spamming > companies? > > If/when that happens/has happened, the company gets DDoS'd only > because they > have a reseller program.
I guess I'd have to counter with this: Does that company wish to actively participate or be mentioned in UCE? Do they wish to have their reputation tarnished by being seen as supporters of spammers? Are they willing to tighten up their reseller program, so that this is not an issue for them? Shouldn't they do that anyway? A company that does not specifically tell resellers not to send UCE relating to their reseller relationship -- backed up by legal action if the reseller does not comply -- is akin to a network provider that allows spammers to exist and send UCE... they are acting as "enablers" for spammers. Ignorance is not bliss on the Internet... it's pointed out and dealt with swiftly. Companies that do not take a stance against spammers/spamming in the verbiage of their reseller agreements deserve what they get, don't they? Shouldn't reseller agreements be binding contracts with legal consequences? IMO, I think they should, and there should be a clause in each one, demanding that the reseller refrain from sending SPAM on behalf of the resellee. > If this effort succeeds at all, it will only drive the spammers > into being > more variable in their approaches...making them harder to detect. > While it sounds good to try to take revenge on the spammers, I > believe these > are misdirected efforts. We need to be concentrating on finding ways to > stop them from sending at all rather than trying to attack in return. IMO, it seems likely that spammers are going to be "more variable in their approaches" regardless of whether a working, effective DDoS system is put into place. And, while revenge is certainly the initial instinct here, in this case I think there's more to it than that -- there's the potential to actually make spamming a non-lucrative venture. I haven't seen any other system yet that could make such a claim. Creating a new means of combating spammers - from a completely different angle -- does not have to mean the end or interruption of other research into "ways to stop them from sending at all". It's just another Tool Against The Beast like blacklists, spam filters, and SPF. Making spamming activities "unacceptable" (through laws and other toothless means) has not worked, and probably never will. Making it "difficult" is only marginally working, as spammers are ALWAYS seeking to become "more variable in their approaches"... and it's causing legitimate email traffic to suffer as collateral damage. Making spamming "pointless and ineffective" has real potential, and that's what this DDoS system appears to present. It remains to be seen if there will truly be any collateral damage from such a system, and how bad it could be. It also remains to be seen whether such a system could actually become effective against spammers by making it costly to do their dirty work. Without that information, in the form of real data, nobody can argue for sure whether such a system is truly "good or bad". And the way the Internet seems to work, the only way to know for sure it to do what Lycos has done -- put it out there, provide the infrastructure and willingness to take the risk, and give it a go. Some of us will applaud their effort and support the "experiment", others will not. ALWAYS AND AGAIN: I absolutely welcome opposing viewpoints. I'm certainly willing to admit that my position on this issue could change, and the debate still seems relevant to this list. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
