At 8:45 PM -0800 2/1/99, Russ Allbery wrote:
} Paul J Schinder <[EMAIL PROTECTED]> writes:
}
} Heh. Heh heh. Um... "in theory" is the phrase that comes to mind.
:-)
}
} Sure. But the problem was being cast in terms of "IP address provided by
} ISP to end user." The point that I'm trying to make is that a better
} casting of the problem is in terms of "IP addresses provided without any
} clear means of accountability." ISPs are currently forced into providing
} trial-period accounts for competition reasons, and those clearly fall into
} that category.
}
} I think that "dialups" is the *wrong* statement of the problem. There
} exist plenty of dialup pools that are not a spam risk. For example,
} consider a large company that has a dialup pool available to contractors
} who for whatever reason need direct external connectivity (there *are*
} companies that do this; I have worked for one in the past). In order to
} have access to it, you have to be employed by the company. This is not a
} spam risk. Yet it's a dialup pool.
Yes, there is a dialup pool at Goddard that is unlikely to spew spam
anyone's way any time soon. Maybe "dialup" is the wrong word, but it is a
convenient shorthand for the "xxx-xxx-xxx-xxx.dialup.location.isp" kinds of
addresses that I get assigned every time I use my Earthlink account, or the
notorious dfw netcom addresses. Those are the type that I see abused from
here. (With a .gov address, even though I use it on Usenet, I get
relatively little spam.) If you have a better word than "dialups", please
use it.
}
} The right place to be looking here is "do the people managing this range
} of IP addresses have sufficient safeguards in place to make spamming not a
} problem" not "oh, it looks like a dialup, nuke it." To take another
} example, nearly all dialup pools *outside* the United States may have
} sufficient safeguards in place. I don't know. But the economics there
} are different than they are here.
In practice it seems that many American ISP's have little control over the
use of their dialup banks. Overseas abuse that I see from here seems to be
more limited to relay rape.
}
} To take a third example, if you're actually preventing any spam by
} blocking Stanford's dialup pool (yes, we run our own), I'd dearly like to
} know about it. Feel free to mail me off-list if you've seen anything like
} that, provide timestamps, and I'll take it up with our abuse folks and can
} provide a much more effective solution to those problems than blocking our
} dialups would ever provide.
Not that I know of. As I said at the beginning of this thread, I don't use
DUL, but I do block the dialup ranges I get spammed from. That usually
means a do a little whois/DNS digging and some grepping of recent mail logs
to see if anyone on this end is actually receiving legitimate mail from
anyone sending direct from dialups. The answer so far has always been no,
so I have no qualms blocking out dialup banks at the tcpserver level.
I recognize the hazard of countermeasures, though. I do use ORBS. I was
amused when JPL's main servers first got listed. I was even more amused
when Goddard's main servers got listed. In both cases, of course, I had to
let those machines through the block. I try to grep my logs daily to trap
such problems.
}
} > The whole point of people on the other side of this is that I should
} > make decisions on my end based on their desires. That's not the way the
} > game works.
}
} No, my point is that I like communicating with other people. This is the
} whole reason why I use the Internet. But there is a level beyond which I
} am unwilling to go to communicate with someone. I by and large will not
} waste my time undoing spam-blocked addresses, for example. So I tend to
} jump into conversations where it seems to me like people are heading down
} paths that may result in they and I no longer being able to communicate
} with each other.
I have the same feeling regarding spam-blocked addresses, and always leave
my addresses in the clear. But I also like to get through the day without
seeing stupid advertisements in my in-box. So I take the countermeasures I
deem reasonable to minimize that. Blocking dialup banks that I've been
spammed from is one of those measures.
}
} --
} Russ Allbery ([EMAIL PROTECTED]) <URL:http://www.eyrie.org/~eagle/>
---
Paul J. Schinder
NASA Goddard Space Flight Center
Code 693, Greenbelt, MD 20771
[EMAIL PROTECTED]
