Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-04 Thread Owen DeLong via NANOG 
Problem with that theory is the ratio of collateral damage to pain inflicted. 

Filter or deeper cogent and they don’t feel anything themselves. Their 
customers _might_ miss being able to reach your customers (or you), but then it 
is Cogent’s customers that feel the pain the most and Cogent to a much lesser 
degree and only as a second order effect. 

You will definitely miss connecting to some of Cogent’s customers, so you have 
also directly inflicted pain upon your self (and likely your customers). 

Personally, I would support any of my providers teaching Cogent a lesson this 
way, but most customers aren’t so understanding or even aware of the situation 
and they don’t care even if it is explained to them. They expect their packets 
to get delivered. That’s why they pay you.

It would be nice if there were a way to get Cogent fined or to sue Cogent for 
these acts and raise their costs directly without harming their customers, but 
so far nobody has figured out a way to do it. (Perhaps the layer 9 types in the 
list can put their brains to work on this problem). 

Owen


> On Oct 4, 2023, at 04:30, b...@uu3.net wrote:
> 
> This is not the outcome of internet ecosystem, this is outcome
> of commercialization, where money is what is all cared, not good
> product, ethical behavior, etc.
> 
> This is also because good guys do NOT fight back strong enough.
> Cogent start to give you hard time? Start to filter they whole
> prefixes? Maybe depeer them?
> 
> I know this sound extreme, but.. everything else seems to fail..
> 
> 
> -- Original message --
> 
> From: Christopher Morrow 
> To: nanog@nanog.org
> Subject: Re: ARIN email address (was cogent spamming directly from ARIN
>records?)
> Date: Tue, 3 Oct 2023 15:48:11 -0400
> 
> i agree this is a sad outcome of the internet ecosystem.
> 
>> We keep discussing it because we care about keeping the internet
>> running. It's similar to why we keep looking for new security holes in
>> existing software: we don't stop because inevitably we'll find more so
>> it's a lost cause, we keep looking because inevitably we'll find more
>> so the product becomes more secure.
> 
> those are a bit of a false equivalence... but... ok.
> I think: "Oh look, more spam, delete"
> is basically how this sort of problem (email from randos trying to
> sell me ED pills or 10Gs) should be treated.
> I don't know that it's helpful to keep re-litigating that end state :(
> 
> I'm sure telling dave shaeffer: "Hey, your sales droids are being
> rude" is going to end as well as sending him ED pill emails.

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-04 Thread borg 
This is not the outcome of internet ecosystem, this is outcome
of commercialization, where money is what is all cared, not good
product, ethical behavior, etc.

This is also because good guys do NOT fight back strong enough.
Cogent start to give you hard time? Start to filter they whole
prefixes? Maybe depeer them?

I know this sound extreme, but.. everything else seems to fail..


-- Original message --

From: Christopher Morrow 
To: nanog@nanog.org
Subject: Re: ARIN email address (was cogent spamming directly from ARIN
records?)
Date: Tue, 3 Oct 2023 15:48:11 -0400

i agree this is a sad outcome of the internet ecosystem.

> We keep discussing it because we care about keeping the internet
> running. It's similar to why we keep looking for new security holes in
> existing software: we don't stop because inevitably we'll find more so
> it's a lost cause, we keep looking because inevitably we'll find more
> so the product becomes more secure.

those are a bit of a false equivalence... but... ok.
I think: "Oh look, more spam, delete"
is basically how this sort of problem (email from randos trying to
sell me ED pills or 10Gs) should be treated.
I don't know that it's helpful to keep re-litigating that end state :(

I'm sure telling dave shaeffer: "Hey, your sales droids are being
rude" is going to end as well as sending him ED pill emails.

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread Collider 
Heh. (:

Le 4 octobre 2023 01:23:13 UTC, Owen DeLong via NANOG  a écrit 
:
>I was one of the main people behind their suspension from ARIN whois for 6 
>months.
>
>They have not spammed me since.
>
>They’re probably afraid of another cake.
>
>Owen
>
>
>> On Oct 3, 2023, at 18:18, Mike Lyon  wrote:
>> 
>> Give it time :)
>> 
>> -Mike
>> 
>>> On Oct 3, 2023, at 18:06, Owen DeLong via NANOG  wrote:
>>> 
>>> But I seem to have finally gotten Cogent trained not to spam this one, so 
>>> I think I’ll leave it as is.
>>> 
>>> YMMV
>>> 
>>> Owen
>>> 
>>> 
 On Oct 3, 2023, at 08:52, Bryan Fields  wrote:
 
> On 10/2/23 11:28 AM, Mel Beckman wrote:
> I believe they got the contact information from ARIN
 
 I'd suggest everyone use an alias unique to ARIN for your POC and/or 
 public email.  Makes it super simple to verify where it was sourced from.
 
 (and yes I've got the same spam)
 -- 
 Bryan Fields
 
 727-409-1194 - Voice
 http://bryanfields.net
>>> 
>

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread John Curran 

On Oct 3, 2023, at 11:52 AM, Bryan Fields  wrote:

On 10/2/23 11:28 AM, Mel Beckman wrote:
I believe they got the contact information from ARIN

I'd suggest everyone use an alias unique to ARIN for your POC and/or public 
email.  Makes it super simple to verify where it was sourced from.

(and yes I've got the same spam)

Bryan -

You are absolutely correct - it is wise to use a unique email address if at all 
possible, and please report misuse to 
complia...@arin.net.

It does make a difference, as abuse reports result in discussions with 
organizations regarding appropriate reeducation regimes for violating staff – 
and further implications if the pattern of abuse appears systemic as opposed to 
incidental.

(It is not a perfect system, as it often needs periodically refreshment in some 
orgs due to inevitable turnover and miscreant creativity, but it does tamp down 
the worst of the abuse that would occur otherwise…)

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread John Curran 

> On Oct 3, 2023, at 11:52 AM, Bryan Fields  wrote:
> 
> On 10/2/23 11:28 AM, Mel Beckman wrote:
>> I believe they got the contact information from ARIN
> 
> I'd suggest everyone use an alias unique to ARIN for your POC and/or public 
> email.  Makes it super simple to verify where it was sourced from.
> 
> (and yes I've got the same spam)

Bryan - 

You are absolutely correct - it is wise to use a unique email address if at all 
possible, and please report misuse to complia...@arin.net 
. 

It does make a difference, as abuse reports result in discussions with 
organizations regarding appropriate reeducation regimes for violating staff – 
and further implications if the pattern of abuse appears systemic as opposed to 
incidental. 

(It is not a perfect system, as it often needs periodically refreshment in some 
orgs due to inevitable turnover and miscreant creativity, but it does tamp down 
the worst of the abuse that would occur otherwise…)

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread Owen DeLong via NANOG 
I was one of the main people behind their suspension from ARIN whois for 6 
months.

They have not spammed me since.

They’re probably afraid of another cake.

Owen


> On Oct 3, 2023, at 18:18, Mike Lyon  wrote:
> 
> Give it time :)
> 
> -Mike
> 
>> On Oct 3, 2023, at 18:06, Owen DeLong via NANOG  wrote:
>> 
>> But I seem to have finally gotten Cogent trained not to spam this one, so I 
>> think I’ll leave it as is.
>> 
>> YMMV
>> 
>> Owen
>> 
>> 
>>> On Oct 3, 2023, at 08:52, Bryan Fields  wrote:
>>> 
 On 10/2/23 11:28 AM, Mel Beckman wrote:
 I believe they got the contact information from ARIN
>>> 
>>> I'd suggest everyone use an alias unique to ARIN for your POC and/or public 
>>> email.  Makes it super simple to verify where it was sourced from.
>>> 
>>> (and yes I've got the same spam)
>>> -- 
>>> Bryan Fields
>>> 
>>> 727-409-1194 - Voice
>>> http://bryanfields.net
>>

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread Mike Lyon 
Give it time :)

-Mike

> On Oct 3, 2023, at 18:06, Owen DeLong via NANOG  wrote:
> 
> But I seem to have finally gotten Cogent trained not to spam this one, so I 
> think I’ll leave it as is.
> 
> YMMV
> 
> Owen
> 
> 
>> On Oct 3, 2023, at 08:52, Bryan Fields  wrote:
>> 
>>> On 10/2/23 11:28 AM, Mel Beckman wrote:
>>> I believe they got the contact information from ARIN
>> 
>> I'd suggest everyone use an alias unique to ARIN for your POC and/or public 
>> email.  Makes it super simple to verify where it was sourced from.
>> 
>> (and yes I've got the same spam)
>> -- 
>> Bryan Fields
>> 
>> 727-409-1194 - Voice
>> http://bryanfields.net
>

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread Owen DeLong via NANOG 
But I seem to have finally gotten Cogent trained not to spam this one, so I 
think I’ll leave it as is.

YMMV

Owen


> On Oct 3, 2023, at 08:52, Bryan Fields  wrote:
> 
> On 10/2/23 11:28 AM, Mel Beckman wrote:
>> I believe they got the contact information from ARIN
> 
> I'd suggest everyone use an alias unique to ARIN for your POC and/or public 
> email.  Makes it super simple to verify where it was sourced from.
> 
> (and yes I've got the same spam)
> -- 
> Bryan Fields
> 
> 727-409-1194 - Voice
> http://bryanfields.net

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread niels=nanog 

* morrowc.li...@gmail.com (Christopher Morrow) [Tue 03 Oct 2023, 21:50 CEST]:
I'm sure telling dave shaeffer: "Hey, your sales droids are being 
rude" is going to end as well as sending him ED pill emails.


Such outreach to technical contacts is counterproductive anyway. Which 
is more likely, that noc@ leads to a person with purchasing power, or 
that it leads to one who happens to be rabidly anti-spam who may then 
help get you thrown off the PeeringDB island for a few seasons?



-- Niels.

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread Daniel Corbe 



On 10/3/2023 3:48 PM, Christopher Morrow wrote:

those are a bit of a false equivalence... but... ok.
I think: "Oh look, more spam, delete"
is basically how this sort of problem (email from randos trying to
sell me ED pills or 10Gs) should be treated.
I don't know that it's helpful to keep re-litigating that end state :(

I'm sure telling dave shaeffer: "Hey, your sales droids are being
rude" is going to end as well as sending him ED pill emails.


On the other hand, it's actually nice knowing Cogent are up to their 
same old tricks, so that when they try to end-around me to get a sale 
done, I have plenty of ammunition at my disposal to shoot them down.


Much like your ED pill E-Mail analogy above (and I think you might have 
been able to pick a less explicit example, but hey, edgy humor amirite?) 
it should be pretty trivial for you to nuke this thread so it doesn't 
keep appearing at the top of your inbox.


OpenPGP_signature.asc
Description: OpenPGP digital signature

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread Christopher Morrow 
On Tue, Oct 3, 2023 at 12:54 PM  wrote:
>
> * morrowc.li...@gmail.com (Christopher Morrow) [Tue 03 Oct 2023, 18:29 CEST]:
> >this sort of thing (provider X scrapes Y and mails Z for sales leads)
> >every ~18 months.
> >the same outrage and conversation happens every time.
> >the same protection mechanisms are noted every time.
> >
> >Is there a reason that: "killfileand move on" is not the answer
> >everytime for this?
> >(why do we need to keep rediscussing it)
>
> It's a vicious circle: provider scrapes operational addresses and
> spams them, providers stop putting useful addresses in public
> databases to avoid spam, everybody who needs to find operational
> contacts in a variety of situations loses in the end.

i agree this is a sad outcome of the internet ecosystem.

> We keep discussing it because we care about keeping the internet
> running. It's similar to why we keep looking for new security holes in
> existing software: we don't stop because inevitably we'll find more so
> it's a lost cause, we keep looking because inevitably we'll find more
> so the product becomes more secure.

those are a bit of a false equivalence... but... ok.
I think: "Oh look, more spam, delete"
is basically how this sort of problem (email from randos trying to
sell me ED pills or 10Gs) should be treated.
I don't know that it's helpful to keep re-litigating that end state :(

I'm sure telling dave shaeffer: "Hey, your sales droids are being
rude" is going to end as well as sending him ED pill emails.

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread niels=nanog 

* morrowc.li...@gmail.com (Christopher Morrow) [Tue 03 Oct 2023, 18:29 CEST]:
this sort of thing (provider X scrapes Y and mails Z for sales leads) 
every ~18 months.

the same outrage and conversation happens every time.
the same protection mechanisms are noted every time.

Is there a reason that: "killfileand move on" is not the answer 
everytime for this?

(why do we need to keep rediscussing it)


It's a vicious circle: provider scrapes operational addresses and 
spams them, providers stop putting useful addresses in public 
databases to avoid spam, everybody who needs to find operational 
contacts in a variety of situations loses in the end.


We keep discussing it because we care about keeping the internet 
running. It's similar to why we keep looking for new security holes in 
existing software: we don't stop because inevitably we'll find more so 
it's a lost cause, we keep looking because inevitably we'll find more 
so the product becomes more secure.



-- Niels.

Re: ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread Christopher Morrow 
this sort of thing (provider X scrapes Y and mails Z for sales leads)
every ~18 months.
the same outrage and conversation happens every time.
the same protection mechanisms are noted every time.

Is there a reason that: "killfileand move on" is not the answer
everytime for this?
(why do we need to keep rediscussing it)

On Tue, Oct 3, 2023 at 11:54 AM Bryan Fields  wrote:
>
> On 10/2/23 11:28 AM, Mel Beckman wrote:
> > I believe they got the contact information from ARIN
>
> I'd suggest everyone use an alias unique to ARIN for your POC and/or public
> email.  Makes it super simple to verify where it was sourced from.
>
> (and yes I've got the same spam)
> --
> Bryan Fields
>
> 727-409-1194 - Voice
> http://bryanfields.net
>

ARIN email address (was cogent spamming directly from ARIN records?)

2023-10-03 Thread Bryan Fields 

On 10/2/23 11:28 AM, Mel Beckman wrote:

I believe they got the contact information from ARIN


I'd suggest everyone use an alias unique to ARIN for your POC and/or public 
email.  Makes it super simple to verify where it was sourced from.


(and yes I've got the same spam)
--
Bryan Fields

727-409-1194 - Voice
http://bryanfields.net