[rescue] Spam (was: Perverse Question)

Curtis H. Wilbar Jr. rescue at hawkmountain.net
Sat Jun 7 11:12:23 CDT 2003

>From: "Sheldon T. Hall" <shel at cmhcsys.com>
>To: "The Rescue List" <rescue at sunhelp.org>
>Subject: RE: [rescue] Spam (was: Perverse Question)
> Curtis H. Wilbar Jr. writes ...
>>From: "Sheldon T. Hall" <shel at cmhcsys.com>
>> >
>> >Until they apply the "illegal access" laws and make spamming a crime, and
>> >the knowing transmission of it a civil offense, those of us who must be
>> >available will continue to seek technological defenses.
>> And even then since so much spam is relayed off of open proxies (primarily
>> misconfigured Korean proxy servers) which eompltely hides the source, as
>> long as those methods of spamming without leaving a trail are open, spam
>> will continue to flourish.
>Yes, and that's where the "knowing transmission" part comes in.  US law
>can't do much about open relays in .ko and .my, but they _can_ do something
>about the .us networks that carry the resulting traffic.  I expect that the
>network operators in .kr and .my would close those relays fast, or shut down
>those customers, once they found out that they couldn't exchange packets
>with .us because the .us networks didn't want to get prosecuted for "knowing

As much as I hate spam, "knowing transmission" as you apply it to SPAM
is a bad thing IMHO.  I was a former ISP owner (partial), worked for
the subsequent owners when it sold, and am involved in internet services
to this day.  

I am going to stand by my belief (formed early on), that in ISP is a transit
vehicle for packets.  Having the ISP be the inspector, judge, jury, and if
need be executioner for data it carriers puts a heavy burden on the ISP.

Spammers should pay the price, companies that pay spammers to represent them
should pay a price, ISPs that carry SPAM should not pay the price.

The Spammers and ISPS and service providers that try to block them are in
a constant battle... and I have to say, because the world is so full of
poorly configured networks and servers, it is easy for the spammer to stay
one step ahead of the ISPs, blacklists, etc.

There are thousands upon thousdands of misconfigured proxies, even more
misconfigured or weakly configured mail servers.  I've seen spam "Attacks"
where you could not stay ahead of the revolving list of servers the 
spammers were using.... they have thousands of server to push their crap,
and by rotating through them sending 25-100 mails or more then moving on
keeps the server they are abusing less harmed, and makes it harder for
anyone trying to keep up (manually) from being able to do so.

>IMHO, the .us networks that carry that traffic are just "fences" for the
>thieves abroad.

And you should be able to prosecute the USPS for delivery junk mail to
your mailbox....  you should be able to prosecute the phone company
for carrying the traffic of that junk spam to your fax machine ?  I think

SMTP was not designed (originally) with these problems in mind... therefore
no means of trust or verification of server identity (or originally user
identity) was part of the spec.... therefore, like anything else morons
get their hands on... it gets abused...

>> Now if the law can target the companies that the spam is sent for.... and
>> not just the spammer.... then maybe they will be more effective.
>Would that it could ... but it would be tough.  Chevy sends out covert spam
>advertising Ford, Ford gets prosecuted ... nah, too much potential for
>unintended consequences.

1. find spammer
2. legal system mandates that the spammer turn over the client responsible
3. spammer and client are prosecuted

Sure, could this be hard, could it be abused... yes, but then again, so
can every other law in our system....  don't get me started on law...
hot cofee to crotch and the like are a crock and IMHO a blatent abuse of
our legal system that in the end we all pay for.

>rescue list - http://www.sunhelp.org/mailman/listinfo/rescue

I for one would like to see the whole spam situation resolved... but putting
the responsibility on the ISPs and network carriers is NOT the answer.  Putting
responsibility on those that send the spam and pay people/providers/etc to
send the spam is the answer.

-- Curt

Curtis Wilbar
Hawk Mountain Networks
rescue at hawkmountain.net

My e-mail is protected against viruses and spam by MailGuardian
          Top notch protection at unbelievable prices

More information about the rescue mailing list