mailing list archives
Re: Fun new policy at AOL
From: Omachonu Ogali <nanog () missnglnk com>
Date: Sat, 30 Aug 2003 09:49:53 -0400
On Sat, Aug 30, 2003 at 12:21:02PM +0100, Stephen J. Wilcox wrote:
It really doesnt make any difference, if you change the rules by implementing
auth etc the spammers will just adopt and it follows that the more thorough you
are in the anti-spam measures, the more drastic the spammers will become to
maintain their business..
Yes, it does make a difference.
a) Now, there is no longer a gray area with spam, if they are
successfully bruteforcing your users' passwords, I believe
that falls under unauthorized entry (now, there is no need
to go to your senator to ASK them to put anti-spam laws in
place), and you can follow this up with your local law
b) This adds an extra step, therefore slowing down their
dictionary attacks and relay abuse, resulting in a lot
c) I'm also asking for server-to-server authentication among
trusted mail servers and administrators, at which point you
can ask the other mail server to sign a contract laying out
the terms of sending mail to your server (and they can do
the same to you) and make them legally liable for any
Hey, now you can actally implement those per message fines
in all of your AUPs.
d) After reptitive breaches, I'm sure users and administrators
would be willing to chip into a lawyer pot (kinda like ISPC)
which would make it easier to sue offenders rather than
asking themselves "is it really worth it to plunk down $10k
for some penis enlargement mail".
Think of something along the lines of USENET peering, but now
RE: Fun new policy at AOL Drew Weaver (Aug 29)