Hmmm...possibly...I just wonder how "reasonable" anyone that puts this in place will be. Vigilante tactics tend to be emotionally driven, and emotion and reason...well... you get the idea.
I remember the early days of SpamCop. Lots of false positives, and a lot of headaches trying to get those removed. They're very good now, but it was a painful experience early on. I wonder if the time and effort will be taken to put proper controls in place...and still disagree with what I perceive as a misuse of bandwidth to perform an attack with this vigilante tactic. But I think I may just go buy more telecommunications stocks anyway...<grin> Darin. ----- Original Message ----- From: "Marc Funaro" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, November 30, 2004 10:50 AM Subject: RE: [IMail Forum] Lycos screensaver tackles spam websites > Resellers of a product at some unsuspecting company who has no > idea that the > person/company that just signed up intends to use spam to push > the product. > Admittedly this will make the spammer easy to track and > prosecute...and any > legit company should/would shut them off as soon as they realize what is > happening...but for a third party to attack a legit company > because of what > one reseller does for a short time is objectionable. I guess I'd argue that one reseller would probably not be enough to immediately place a "legit company" in a DDoS database right away. And promptness of action might actually be a good thing, forcing companies to really consider their reseller program contracts and make changes rather than slip under the radar for too long. > > This collateral damage concept comes up every once in a while. > I think most > people would take a different view of this if they were the ones > put out of > business as a result of the "collateral damage". It's all fine and good > until it happens to you... Honestly - in all true honesty to myself and to you - I'm willing to be in the at-risk category. If I started getting DDoS'd today, it would be an inconvenience to be sure. But if the DDoS service is being run properly, with proper controls (a big IF, I know... again, it remains to be seen how Lycos will handle this new service), if I'm a legit company I should be able to contact Lycos and be removed from their database. Better yet, I should be able to be proactive and "register" my website so that if I am about to be added to their database, I can be notified in time to take action. I don't see such a feature at Lycos, which might be a good suggestion to put to them, but could be a means of defeating the service. All of this, of course, is based on some pretty strong assumptions -- that Lycos is going to handle this service well, that their database will be accurate, that they will respond in a timely fashion and with proper attention to removal requests, and that they might implement a register-and-be-notified-pending-addition-to-the-database feature (which might defeat their purpose... notifying a spammer before they are added so they can change the target site or something, of course). IMO, if Lycos sticks with the top 10 or even 20 real offenders -- true spam, and true websites that support it -- "collateral damage" should not be any worse than the percentage that some of you are losing as a result of spam filters. To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
