>Everybody thinks if its not us, we don't have problem so we dont want >to spend anything to fix it - bu its not true, you already are paying >for it due to increased cost of operation. The cost of fixing your own >network even 50% of other ISPs did it, would in the end be smaller.
The cost of building a network is a step function. If you didn't have to provision the capacity to handle the traffic from spammers and DDoS attacks, then you could delay spending these significant chunks of money. In fact, I suspect that this was an important factor in killing off companies during the telecom collapse. These companies were driven to expand their networks faster than could be justified by the paying customers because of the large amount of traffic generated by non-paying customers. DDoS and spam have to be tackled in two different ways but both of these problems will not be solved until we address the roots of the issue and not the symptoms. In both cases, the root of the issue is that network operators are unable to cooperate effectively in tracking down network abuse. I know that a lot of people in the ISP industry have a basically anarcho-libertarian political viewpoint and that viewpoint has helped them make the right kind of decisions in building most of the technical architecture of the Internet. But this has also blinded people to the advantages of co-operative action. There is nothing wrong with network operators meeting together in a forum to jointly make decisions about best practices for running the Internet's email system or for tracking down the true sources of network abuse. This is basically the same kind of thing that the IETF does for network protocols and the MPLS forum and the ATM forum, etc. Once again, I call on the companies who participate in the various NANOG forums to get your email engineers and email architects and email managers all together in a single forum to hash out the issues. We have solutions, too many of them, but we cannot deploy these things succesfully without broad agreement. Remember what Tony Hain and Phil Karn have said about end-to-end. If you get a bunch of network engineers together and ask them to stop spam they will inevitably want to configure their routers which leads to filtering and ACLs. Anyone who believes that would be a mistake should be supporting the concept of an Internet Email Operators Forum because the people responsible for the application will be able to find a solution at the application layer. --Michael Dillon
