What's a "spam packet"? Very good question.
About once a month or so, I get a complaint from someone about a spam,
I look at the headers, and the message clearly did not originate from
and never passed through any of our mail servers. So I write back to
the complainant pointing this out, and the response is something like
"well, I did a traceroute to the source and it passed through one of
your routers". Ignoring for the moment the fact that routing on the
Internet is dynamic and sometimes asymmetric, and this by itself
doesn't prove that the spam packets actually did pass through our
router, I'm curious to know how people on this list view this
situation. Are we really expected to police every packet that goes
through our routers just because we happen to be an interconnection
point for several different networks, and therefore we route some IP
traffic that neither originates nor terminates with us? What do these
complainants really expect us to do? Do they think we should threaten
to block all IP traffic from a given source just because they
originated a spam? If so, is that a reasonable expectation even for the
most radical anti-spammers? Are there any active blacklists out there
that would put us on their list for this sort of thing?
To me, this is like expecting the phone company to prevent illegal use
of the phone system. I don't think this is a reasonable approach, and I
would hate the kind of Internet that would be created if people were expected
to do this kind of monitoring and traffic restriction at the IP level.
What do the rest of you think? Anybody else in a similar position?
--Greg
