> There's obviously a disconnect where people aren't worried about indemnifying > Spamhaus for using their block list, but are worried about indemnifying ARIN > for > using the TAL.
That would be because there is a rather substantial difference between publishing an IP address for which you have spam in hand, and are saying (and only saying) "I received spam from this IP address" (not to mention something which people use to only affect inbound email), and hosting something on which others rely for making their acceptance decision of all legitimate Internet traffic, as well as for the ability to not move malicious (or even accidentally misconfigured) Internet traffic. Anne Anne P. Mitchell, Attorney at Law Dean of Cybersecurity & Cyberlaw, Lincoln Law School of San Jose CEO/President, Institute for Social Internet Public Policy SuretyMail Email Reputation Certification Author: Section 6 of the CAN-SPAM Act of 2003 (the Federal anti-spam law) Legislative Consultant GDPR, CCPA (CA) & CCDPA (CO) Compliance Consultant Board of Directors, Denver Internet Exchange Board of Directors, Asilomar Microcomputer Workshop Legal Counsel: The CyberGreen Institute Former Counsel: Mail Abuse Prevention System (MAPS) Member: California Bar Association
