In message <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Greg Woods) wrote:
>What's a "spam packet"? Very good question.
>
>About once a month or so, I get a complaint from someone about a spam,
>I look at the headers, and the message clearly did not originate from
>and never passed through any of our mail servers. So I write back to
>the complainant pointing this out, and the response is something like
>"well, I did a traceroute to the source and it passed through one of
>your routers".
Was that true?
What was the source IP, exactly?
Let's not talk in vague generalities. Let's talk specifics. Post
the IP so that the rest of us can try doing traceroutes also. It may
be enlightening. (I for one wasn't aware that NCAR gave connectivity
to anybody except NCAR.)
>Ignoring for the moment the fact that routing on the
>Internet is dynamic and sometimes asymmetric, and this by itself
>doesn't prove that the spam packets actually did pass through our
>router, I'm curious to know how people on this list view this
>situation. Are we really expected to police every packet that goes
>through our routers just because we happen to be an interconnection
>point for several different networks, and therefore we route some IP
>traffic that neither originates nor terminates with us?
Expected? Well, yes and no.
Some people may ``expect'' that, but I personally only hope for it.
Let's just say that it would be a Better World if everyone who provides
bandwidth to spam sources would be somewhat more pro-active about its
elimination.
>What do these
>complainants really expect us to do? Do they think we should threaten
>to block all IP traffic from a given source just because they
>originated a spam?
Well... ummm... yea. That would be nice.
NCAR is taxpayer supported. I are a taxpayer. I do not wish to have even
1/100th of 1% of my federal tax dollars spent in providing bandwidth to
spammers.
>If so, is that a reasonable expectation even for the
>most radical anti-spammers?
Expectation? No. Hope? Yes.
>Are there any active blacklists out there
>that would put us on their list for this sort of thing?
The MAPS RBL has "blackholed" some fairly large organizations because they
were repeatedly and persistantly providing connectivity to spammers.
>To me, this is like expecting the phone company to prevent illegal use
>of the phone system.
No, that is a seriously flawed analogy.
It is more like expecting the Village Elders to take a stick and whack
the Village Idiot over the head when he gets drunk on a Saturday Night
and then goes around trashing other nearby villiages.
It's a tough job, but somebody's got to do it. (In case you haven't
noticed, there are quite a lot of "Village Idiots" on the net these
days.)
>I don't think this is a reasonable approach, and I
>would hate the kind of Internet that would be created if people were expected
>to do this kind of monitoring and traffic restriction at the IP level.
So you would prefer the kind of Internet where numerous Village Idiots
are left to run rampant with no restraints whatsoever??
Yea! That's the ticket! And I guess we shouldn't whack the Idiots who
try to plug their end of their cablemodem lines into a nearby 120V outlet
either, right? After all, its a free country, right?
The net only works when people behave themselves, when they follow the
RFCs, etc., etc. When they don't, somebody has to be there to cut the
wire.
