Begin forwarded message:
From: peter håkanson <peter@hk.ipsec.se> Date: October 21, 2009 11:33:51 AM GMT+02:00 To: Florian Weimer <fweimer@bfk.de> Subject: Re: [anti-abuse-wg] Antispam measures content-type: text/plain; charset=iso-8859-1; format=flowed; delsp=yes mime-version: 1.0 (Apple Message framework v1076) x-universally-unique-identifier: fcad27c0-c289-49cd-80b3-1b91332e229d in-reply-to: <82vdi9uo14.fsf@mid.bfk.de> content-transfer-encoding: quoted-printable x-smtp-server: bore.hk.ipsec.se message-id: <5036E015-CC9D-4D2E-AD84-FB340601B07F@hk.ipsec.se> references: <COL117-W30F981CC6FF1583F0A2A20D2C00@phx.gbl> <82vdi9uo14.fsf@mid.bfk.de
On Oct 21, 2009, at 10:52 AM, Florian Weimer wrote:
* Chimel Chimel:
1) Does RIPE or other registrars impose antispam fighting measures or a code of conduct to the ISPs or telcos it allocates IP ranges to?
No, not that I know.
For instance, do these registrar customers specifically sign an agreement never to post spam themselves. Do they also sign an agreement to terminate IP sub-allocation or contract with their own customers who are using their IP addresses to post spam?
No, surely not. That would be poor service. You don't want to lose your IP resources just because your infrastructure has been compromised. 8-(
On the contrary, a real risk of loosing their allocation might be a good motivation to run their shop accordingly. As of today some providers don't care ( and will benefit from spammers).
Just like alkohol-serving firms ( bars etc) if they don't run ther bar according to local rules they will loose the permits. We don't allow sleazy hospitals either. Why should we permit sleazy ISP's to poison our vital infrastructure ??
2) If there is such measures, how does RIPE enforce them?
There is no enforcement.
3) What does RIPE intends to do about Ukrtelecom, who is alone responsible for hundreds of thousands of daily spam posts in discussion forums and BBSs?
Well ...
According to the people in stopforumspam.com, every single post emanating from ukrtelecom is spam, there is not a single genuine user from that telco.
... so you should be lucky that it's so easy to filter that type of spam. If you shut down netblocks, the badness just spreads far and wide and gets more difficult to track.
Of course, if the activity is indeed illegal, it should be stopped. One problem we face is that a lot of questionable practices (DNS poisoning, injecting pop-ups with ads, installing software on PCs without informed consent) are also carried out by obviously legitimate businesses, so it's often difficult to convince a prosecutor that it's illegal.
On top of that, many legal scholars claim that in the EU, once you say the magic word, "telco", you are no longer responsible for the traffic you handle, much like anyone could seek asylum in Germany (until we got rid of this constitutional guarantee in the 90s, which was rather disappointing because nothing expresses your national wealth better than an almost unconditional willingness to share it). This blanket liability exemption is the root of the problem, and it is pretty much unique to the telco sector, at least in its generality. It has to go.
We don't have to resort to legal discussions here , if RIPE supplies goods under some conditions, any breakage of that condition is enought to terminate the contract. It's a deal between business partners.
I'd like to see the whole list in order to ban it all from my forum, even if it means banning genuine users from Ukraine.
The relevant parts of the RIPE database is available from ftp.ripe.net. In the past, I've generated anti-abuse ACLs from mnt- by handles, which was surprisingly effective. Using BGP might help as well.
-- Florian Weimer <fweimer@bfk.de> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99
====================================================== Peter Håkanson Phone +46707328101 Fax +4631223190 IPSec sverige Email peter@ipsec.se "Safe by design" Address Bror Nilssons gata 16 Lundbystrand S-417 55 Gothenburg Sweden
====================================================== Peter Håkanson Phone +46707328101 Fax +4631223190 IPSec sverige Email peter@ipsec.se "Safe by design" Address Bror Nilssons gata 16 Lundbystrand S-417 55 Gothenburg Sweden