Re: [anti-abuse-wg] Why SPAM exists in 2017

[Marilson]

Finally someone telling the truth.

Yesterday Peter H answering to Olaf:

>> SPAM... is NOT... abuse. spam is fully legal. neither technical abuse nor a 
>> crime or anything else
> WRONG.  SPAM is illegal in sweden and EU. 

>> and in the few cases where it could be a crime, just call the feds. it's 
>> their job, not the isps.
> ISP's is cooperating in this crime. They know the crime, they know how to 
> prevent it and they don't.

It's worst, Peter! Even when it's a criminal scammer, they try to hide him 
changing their domain. Greed borders on psychopathy. The fictional character 
Gordon Gekko (Michael Douglas) is a Mother Teresa of Wall Street when compared.

Peter, my friend Olaf is my enemy. He does not agree to criminalize ISPs. You 
and I know that many ISPs are complicit in these illicit activities and enable 
the existence of sp(c)ammers. After all are 'only' 473 billion spam PER DAY.

If Olaf does not stop blaming the Jews his messages will not be posted on this 
list. Anyone who is not happy with the actions of the Jews in the world economy 
should try to be as competent as they are and do differently. After all their 
Nobel Prize collection was not bought.

Olaf, I'll give you a real reason to vent your anger. The Jews invented a tool 
that caused, causes and will continue to cause so many evils that makes the 
holocaust an event without expression: monotheism. This tool is the legacy of 
the Jews for humanity. If it does not extinguish mankind.


Peter, meet my friend-enemy Olaf.
Co-chair wrote to Olaf:
>> Please let me know how you think we can proceed.

Olaf answered:
> you can start by letting mine and marilsons's mails through again... 
eventhough i probably don't agree on marilsons standpoint that 'isps are 
criminals'... we must point out that isps OWN RIPE.
and ripe owns this mailinglist.
> they are free to go to the IETF and/or ITU and write a new RFC for a new 
> protocol with a friends list and confirmed senders, and solve it that way

Solve? Someone wants to fix this?

We first
Marilson
Never so few done so much harm to so many.



From: anti-abuse-wg-requ...@ripe.net 
Sent: Sunday, February 12, 2017 9:00 AM
To: anti-abuse-wg@ripe.net 
Subject: anti-abuse-wg Digest, Vol 63, Issue 14

Send anti-abuse-wg mailing list submissions to
anti-abuse-wg@ripe.net

To subscribe or unsubscribe via the World Wide Web, visit
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
or, via email, send a message with subject or body 'help' to
anti-abuse-wg-requ...@ripe.net

You can reach the person managing the list at
anti-abuse-wg-ow...@ripe.net

When replying, please edit your Subject line so it is more specific
than "Re: Contents of anti-abuse-wg digest..."


Today's Topics:

   1. Re: Why SPAM exists in 2017 (peter h)


--

Message: 1
Date: Sun, 12 Feb 2017 08:33:46 +0100
From: peter h 
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] Why SPAM exists in 2017
Message-ID: <201702120833.46899.pe...@hk.ipsec.se>
Content-Type: text/plain;  charset="utf-8"

I received this with a personal mail message, i find it interesting enough to
share with the list:

On Saturday 11 February 2017 23.29, HRH Prince Sven Olaf von CyberBunker wrote:
> simple: why spam 'exists' in 2017 is that 1: it's legal 2: it's not even 
> real abuse even if it would be illegal (it does not use any protocol or 
> service daemon outside of it's technically specified bounds) and 3: you 
> never bothered to modify your antique protocol to include a friends list 
> or encryption keys to select 'senders' based on a contact request or 
> pre-shared keys.
> 
> the question is more why is 'spam' being considered 'abuse' on this 
> mailinglist in 2017 when there are tons of -actual- REAL abuses on a 
> network level going on every single day.
> 
> 
> SPAM... is NOT... abuse. spam is fully legal. neither technical abuse 
> nor a crime or anything else

WRONG.  SPAM is illegal in sweden and EU.

> 
> and in the few cases where it could be a crime, just call the feds. it's 
> their job, not the isps.

ISP's is cooperating in this crime. They know the crime, they know how to 
prevent it
and they don't. 


The rest of this message deleted ..
> 
zsnip>
> Spam exists as ISP across the world, with some excemptions, don't do even the 
> most basic
> > procedures to detect and stop spam from their networks. Shame on them ( but 
> > it is cheap )
> >
> 
> 

-- 
Peter H?kanson   

There's never money to do it right, but always money to do it
again ... and again ... and again ... and again.
( Det ?r billigare att g?ra r?tt. Det ?r dyrt att laga fel. )



End of anti-abuse-wg Digest, Vol 63, Issue 14
*

[anti-abuse-wg] LEA requests 2016

[Athina Fragkouli]

Dear colleagues,

The RIPE NCC has published a transparency report that details the nature 
of the requests we received from law enforcement agencies (LEAs) in 2016.


https://www.ripe.net/publications/docs/ripe-678

Kind regards,

Athina Fragkouli
Head of Legal
RIPE NCC

[anti-abuse-wg] Why spam is abuse in several aspects

[peter h]

Spam is a plague that costs us a lot in time and money. 
It's the abuseive habit off sending ads and malware through stolen channels.

If spammers were running their own server and paying for their Internet access 
it would
be a lot less of a problem.  But as it is (and have been that last 10 years) 
compute
resources are stolen ( by breaking into personal computers and phones) and have
those innocent bystanders pay the cost. 

Spammers also use the stolen computers owners to pay for the Internet traffic, 
unknowingly. It also
conflicts with the users own use as the bandwitdh is eaten upp by the parasitic 
software
that spammers have inplanted.

A large part of the spam sent contains viral malware that keeps the spammers 
resources intact,
as computer owners clean their systems, spammers has to refresh their 
"inventory".

ISP's have part of this scam. Some, but not all, ISP ignores the spam traffic, 
in spite of
several methods available to detect and block. The end result is that people 
uses 
"deny-lists"  or public blocklists to block spam from ip addresses or ranges. 
As ISP
often uses DHCP for the client computers it won't help to block a single ip, 
one have
to block the ISP's whole range to prevent a single spammer from annoying.

Is SMTP wrong ? Certenly not. It's designed as an autonom and distributed 
method of 
sending messages. It's the very autonomous design that keps it from censorship 
and 
kommercial starnglehood.  The problem is that the "highways" has no police that 
stop 
speeders and roadpirats.


My wish is that spem should be considered as the terrorist status as it is, 
regarding
the amout of time it takes from our lifes, every day.


 
-- 
Peter Håkanson   

There's never money to do it right, but always money to do it
again ... and again ... and again ... and again.
( Det är billigare att göra rätt. Det är dyrt att laga fel. )

Re: [anti-abuse-wg] anti-abuse-wg Digest, Vol 63, Issue 12

[Rob Evans]

Marilson,

> How do you know what I wrote considering that my message about "Why SPAM 
> exists" has not been published? If so, why did not I get it in my mail?

Either we are all exceptionally good at extra-sensory perception, or your 
emails are coming through to the list.  However, you appear to be subscribed to 
the ‘digest’ version rather than the main discussion list, which will result in 
a delay to you (and the rest of the subscribers) receiving your own messages, 
and often makes it difficult to understand which message in particular you’re 
replying to.

You can, of course, manage your subscription:


Regards,
Rob

Re: [anti-abuse-wg] anti-abuse-wg Digest, Vol 63, Issue 12

[Marilson]

Hi Rob,

> you appear to be subscribed to the ‘digest’ version rather than the main 
> discussion list, which will result in a delay to you

Oh really! I thought there was no favoritism here. I heard that three times 
last week, offlist.

As you wrote I must be subscribed to the DIGEST version, if it exists.

At least the subject of all messages that I receive is [anti-abuse-wg] 
anti-abuse-wg DIGEST, Vol xx, Issue xx

I answer using the same subject but the professor of Cambridge wrote that I am 
using the wrong subject and said that I'm confounding the other members.
Professor, no one wants to read what I write with my wonderful English.

When it's not Harvard, it's Cambridge.

Thank you Rob

Marilson

From: Rob Evans 
Sent: Monday, February 13, 2017 8:20 AM
To: Marilson 
Cc: anti-abuse-wg@ripe.net 
Subject: Re: [anti-abuse-wg] anti-abuse-wg Digest, Vol 63, Issue 12

Marilson,

> How do you know what I wrote considering that my message about "Why SPAM 
> exists" has not been published? If so, why did not I get it in my mail?

Either we are all exceptionally good at extra-sensory perception, or your 
emails are coming through to the list.  However, you appear to be subscribed to 
the ‘digest’ version rather than the main discussion list, which will result in 
a delay to you (and the rest of the subscribers) receiving your own messages, 
and often makes it difficult to understand which message in particular you’re 
replying to.

You can, of course, manage your subscription:


Regards,
Rob

Re: [anti-abuse-wg] anti-abuse-wg Digest, Vol 63, Issue 12

[Brian Nisbet]

Afternoon,

I should clarify, the subscription change was not made by the WG Chairs 
nor the NCC. It's possible you made it by accident, but I think the 
change happened sometime around early October 2015. I've determined this 
from looking at when your responses changed to be responding to the Digest.


You can change your subscription back at the link Rob indicated. Then 
you will begin to receive each individual mail again.


Thanks,

Brian
Co-Chair, RIPE Anti-Abuse WG
Marilson wrote on 13/02/2017 13:42:

Hi Rob,


you appear to be subscribed to the ‘digest’ version rather than the

main discussion list, which will result in a delay to you

Oh really! I thought there was no favoritism here. I heard that three
times last week, offlist.

As you wrote I must be subscribed to the DIGEST version, if it exists.

At least the subject of all messages that I receive is [anti-abuse-wg]
anti-abuse-wg DIGEST, Vol xx, Issue xx

I answer using the same subject but the professor of Cambridge wrote
that I am using the wrong subject and said that I'm confounding the
other members.
Professor, no one wants to read what I write with my wonderful English.

When it's not Harvard, it's Cambridge.

Thank you Rob

Marilson

*From:* Rob Evans 
*Sent:* Monday, February 13, 2017 8:20 AM
*To:* Marilson 
*Cc:* anti-abuse-wg@ripe.net 
*Subject:* Re: [anti-abuse-wg] anti-abuse-wg Digest, Vol 63, Issue 12

Marilson,


How do you know what I wrote considering that my message about "Why

SPAM exists" has not been published? If so, why did not I get it in my mail?

Either we are all exceptionally good at extra-sensory perception, or
your emails are coming through to the list.  However, you appear to be
subscribed to the ‘digest’ version rather than the main discussion list,
which will result in a delay to you (and the rest of the subscribers)
receiving your own messages, and often makes it difficult to understand
which message in particular you’re replying to.

You can, of course, manage your subscription:


Regards,
Rob

Re: [anti-abuse-wg] Why SPAM exists in 2017

[peter h]

On Monday 13 February 2017 15.09, HRH Prince Sven Olaf von CyberBunker wrote:
> 
> On 13 فبر, 2017 ص 09:42, Marilson wrote:
> > Finally someone telling the truth.
> > Yesterday Peter H answering to Olaf:
> > >> SPAM... is NOT... abuse. spam is fully legal. neither technical 
> > abuse nor a crime or anything else
> > > WRONG.  SPAM is illegal in sweden and EU.
> spam is fully legal in all of the eu as far as 1: the addressee is a 
> business entity OR 2: the addressee opted in (including indirect opt-ins 
> through partners etc).

The above is , of course wrong.  spam is illegal, and delivered by illegal 
means,
usually by breking into someones computer and using a bystanders Internet 
resources.

As regards to opt-in, there is no thing as "indirect opt-ins"

The rest of the confusing message is left out to save electrons ;.)
> 
zsnip>
> 

-- 
Peter Håkanson   

There's never money to do it right, but always money to do it
again ... and again ... and again ... and again.
( Det är billigare att göra rätt. Det är dyrt att laga fel. )

Re: [anti-abuse-wg] Why SPAM exists in 2017

[peter h]

On Monday 13 February 2017 16.27, HRH Prince Sven Olaf von CyberBunker wrote:
> The above is , of course wrong. spam is illegal, and delivered by 
> illegal means,
> 
> well. i hate to break it to you, but filtering it at an isp level, and 
> all activities of so-called self-declared 'blacklists' are illegal under 
> dutch law. it violates net-neutrality, and yes, there is a dutch law 
> against 'spam' but it does not 'protect' business entities, solely 
> natural persons.

Net neutrality is a wholly different animal.  Learn the difference.
As regards to blocklist it's an opinion about trust, to act
according to this is noones business. As mailservers are private property 
the owner has every right to whatever rules one wants. Reufusing
to accept mail from untrusted sources is one such rule. Refusing
to accept malware another rule.

As for the sentence "blacklists' are illegal under dutch law"  please
quote the law mantioned.

As for "indirect opt-ins" it's a fraud in it's entety, noone at it's sane mind 
will
give carte blance to let enyone send spam. It's enterely a hidden
clausure in micropic pront hidden under some banner.

spam is theft and criminal, deliver of spam is done in a criminal fashion. 

Peter h / fighting spam since 1987, unfortently unsuccessful.

( i'll leave the comments below as reference for future standup comedians)
> 
> > usually by breking into someones computer and using a bystanders Internet 
> > resources.
> >
> > As regards to opt-in, there is no thing as "indirect opt-ins"
> yes there is. "hereby i request/agree to receive offers from <$party> OR 
> it's partners".
> (which are left undefined)
> > The rest of the confusing message is left out to save electrons ;.)
> as for your vague "it is spread by illegal means"... well, if they 
> commit wire-fraud (or other hacks) to
> distribute the spam, that seems to be a clear case... in such cases i 
> would not even bother with the 'spamming' aspect but just file charges 
> for hacking ay... doh.
> 
> eventhough you lot of 'anti spam' idiots basically CAUSED them to take 
> that step, by constantly scaring email advertisers away from owning 
> their own infrastructure or using rented infrastructure at normal isps.
> 
> either way to me the entire discussions seems pretty much irrelevant, as 
> none of you seem to have taken any steps to harden your protocol against 
> undesired communications, whatsoever... just 'bla bla ip reputation 
> rating' bla bla kinda dysfunctional crap, that never stopped any single 
> spam whatsoever, and at most, just generated income for competing isps, 
> in terms of 'setup fees' every time they changed isps. lolol. GET A 
> FUCKING FRIENDS LIST... d0h. and find some way in which the From: cannot 
> be set to random values as well, while you're at it.
> 
> > zsnip>
> 
> 

-- 
Peter Håkanson   

There's never money to do it right, but always money to do it
again ... and again ... and again ... and again.
( Det är billigare att göra rätt. Det är dyrt att laga fel. )

Re: [anti-abuse-wg] LEA requests 2016

[Michele Neylon - Blacknight]

Thanks Athina



--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
http://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Social: http://mneylon.social
Some thoughts: http://ceo.hosting/ 
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

On 13/02/2017, 09:53, "anti-abuse-wg on behalf of Athina Fragkouli" 
 wrote:

Dear colleagues,

The RIPE NCC has published a transparency report that details the nature 
of the requests we received from law enforcement agencies (LEAs) in 2016.

https://www.ripe.net/publications/docs/ripe-678

Kind regards,

Athina Fragkouli
Head of Legal
RIPE NCC

[anti-abuse-wg] The well-behaved ISP's role in spamfight

[peter h]

As my wife urged me to clarify things :-)

The role for an ISP in fighting abuse is to detect and prevent it's customer
from sending malware & spam out of it's network. Not filter incoming
stuff, that would be censoring.

A number of means is available for an ISP, most provided that a customer has
signed implicity or in some form a AUP where rules for use of it's services
are stated.

The very simplest thing to do is make sure any outbound smtp is relaye through 
the ISP's 
mailrelays, where spam could be detected and subsequently blocked.

A large number of other measures exists, it's only a matter of priority.

Relying on operating systems ( read MS) to solve spam 
is hopeless, just think of MS track record. And open source won't help either.

Junking SMTP would mean that we loose a independent vendor-independent 
autonomous
decentralized way of exchanging messages. It vwon't stop the bad guys, they can
always find ways around it, but it will stop you and me from freedom to
express ourself and exchange thoughts. 


Thanks for the opportunity to express my thoughts.

-- 
Peter Håkanson   

There's never money to do it right, but always money to do it
again ... and again ... and again ... and again.
( Det är billigare att göra rätt. Det är dyrt att laga fel. )

Re: [anti-abuse-wg] The well-behaved ISP's role in spamfight

[Suresh Ramasubramanian]

I wish it were that clear cut.  You also have a role to protect your customers 
against threats, and to ensure that their mailbox is at least usable rather 
than deluged with spam.

Being proactive about postmaster complaints and being sensitive to false 
positives in filtering is a useful middle path and a widely defined best 
practice. Never mind that quite a few large players don’t follow it.

--srs

On 13/02/17, 8:43 AM, "anti-abuse-wg on behalf of peter h" 
 wrote:

As my wife urged me to clarify things :-)

The role for an ISP in fighting abuse is to detect and prevent it's customer
from sending malware & spam out of it's network. Not filter incoming
stuff, that would be censoring.

 

Re: [anti-abuse-wg] The well-behaved ISP's role in spamfight

[Richard Clayton]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

In message <201702131743.10508.pe...@hk.ipsec.se>, peter h
 writes

>The very simplest thing to do is make sure any outbound smtp is relaye through 
>the ISP's 
>mailrelays, where spam could be detected and subsequently blocked.

this is very unpopular with legitimate businesses who wish to be fully
in control of their email sending destiny -- and ISPs generally do not
wish to discourage the people who cause no trouble and pay their bills
regularly and on time

so although "port 25 blocking" is a M3AAWG Best Practice it has not been
widely adopted with the main (but not only) exception being the large
consumer ISPs in the US (ISPs in Europe have, for historical reasons,
had a significant number of business customers mixed in with pure
consumers and that has made the difference)

- -- 
richard   Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

-BEGIN PGP SIGNATURE-
Version: PGPsdk version 1.7.1

iQA/AwUBWKHoZDu8z1Kouez7EQKegACg5dQkRoa/iAJYEI4QDXu6AkDaL40AnRAO
Ok9QS77z8Acf265vH5lDQf9W
=eO/I
-END PGP SIGNATURE-

Re: [anti-abuse-wg] The well-behaved ISP's role in spamfight

[Sascha Luck [ml]]

On Mon, Feb 13, 2017 at 05:43:09PM +0100, peter h wrote:

The role for an ISP in fighting abuse is to detect and prevent
it's customer from sending malware & spam out of it's network.
Not filter incoming stuff, that would be censoring.


And requiring to submit publications to a third party for
approval prior to sending them is *not* censorship?

rgds,
Sascha Luck

Re: [anti-abuse-wg] The well-behaved ISP's role in spamfight

[peter h]

On Monday 13 February 2017 18.09, Richard Clayton wrote:
> In message <201702131743.10508.pe...@hk.ipsec.se>, peter h
>  writes
> 
> >The very simplest thing to do is make sure any outbound smtp is relaye 
> >through
> >the ISP's
> >mailrelays, where spam could be detected and subsequently blocked.
> 
> this is very unpopular with legitimate businesses who wish to be fully
> in control of their email sending destiny -- and ISPs generally do not
> wish to discourage the people who cause no trouble and pay their bills
> regularly and on time
> 
> so although "port 25 blocking" is a M3AAWG Best Practice it has not been
> widely adopted with the main (but not only) exception being the large
> consumer ISPs in the US (ISPs in Europe have, for historical reasons,
> had a significant number of business customers mixed in with pure
> consumers and that has made the difference)

There is not any req that all customers always should be forced to use
ISP relays, the default behaviour might be to use ISP relays, and
to have DHCP given address. But for an extra service one could 
obtain a fixed address, and as extra service, use port 25.  The main 
point is to have those "unaware" users, whos computers might be stolen, 
prevented. They won't notice, and they don't get harmed.

Spam from a fixed ip or range is much easier to detact and correct then spam 
from 
any box that happens to get an DHCP lease.  Flexibility and service is the
keyword here.

Also, to have a AUP that gives the ISP right to disconnect or block offenders is
importent, and also that the customer has right to service. Any aggreement
is twofold, both rights and obligations, like in society in general.

I'm glad that spam is recignised as the problem it is and hope a renewed 
activity to claim back the bandwitdh and storage space the spammer has taken 
from us.

Yours


-- 
Peter Håkanson   

There's never money to do it right, but always money to do it
again ... and again ... and again ... and again.
( Det är billigare att göra rätt. Det är dyrt att laga fel. )