Re: SPAM bill - ineffective government regulation ??

From: David MacQuigg (shuvit_at_127.0.0.1)
Date: 12/11/03 

Date: Thu, 11 Dec 2003 13:13:20 -0700

On Wed, 10 Dec 2003 11:34:36 +0000 (UTC), unruh@string.physics.ubc.ca
(Bill Unruh) wrote:

>David MacQuigg <shuvit@127.0.0.1> writes:
>
>]Here are my suggestions:
>]1) All email should have valid timestamps and IP addresses in at least
>]the headers attached after it leaves the source. I was astonished to
>]learn that spammers can fake not only the headers attached in transit,
>]but even the timestamp from my own ISP. Having non-faked top headers
>]on every email will at least make it possible to trace the spam to the
>]origninating ISP.
>
>Not the way the ineternet works. I can open up port 25 on another
>machine and deliver mail ( incliding whatever headers I want) directly.
>No ISP in the way. Ie, I can make up as long a list of "Received:"
>headers as I would like.

I believe most of the crap I'm seeing is coming via my ISP, not some
"back channel" directly into my computer. In my email program
(Eudora) I designate a particular email server, and it requires a
password every time I connect. I can also access that server via a
web interface from someone else's computer, and what I see in my
"Inbox" is the same load of crap.

This would explain, however, some emails I have seen where even the
timestamp from my own ISP is faked!! These are relatively few, and
probably from local spammers.

Regardless of these details, it should be fundamentally possible to
verify at each station the IP address of the link just before. These
are point-to-point connections, not omnidirectional broadcasts. It
seems like this is just a matter of proper design of the programs
handling email.

>]2) ISPs who get reports of spam from one of their users should make
>]all reasonable efforts to prevent further abuse by that user. An ISP
>
>Most probably do. but see point 1.

I agree. It's the few causing a problem for many.

>]that is making a good-faith effort should find that effort much less
>]burdensome than complying with awkward government regulations, which
>]will be the inevitable next step. Take a look at the regulations on
>]radio and TV broadcasting, if you want to see a possible future for
>]the internet.
>]3) ISPs who don't cooperate should be blocked by an industry-wide
>]committee, which will listen to their excuses and make a fair
>]decision.
>
>And how would you do that? What trials and hearings and who would
>conduct them? Whose jurisdiction would you have these operate under?

99% is obvious spam. The 1% in question could go to a local committee
made up of ISPs in a region or country. The industry-wide committe
would only have to deal with the few percent of those cases, where the
blocked ISP wanted to appeal the decision of the local committee. The
whole process should take days, not years, as I have heard some
complain about existing poorly-managed block lists.

At any point, the blocked ISP could go to a regular court in whatever
jusisdiction it operates. My guess is the courts would simply follow
the recommendations of the industry committee.

The interesting challenges will come when a spammer gets a court order
from some spam-hosting country. Then there will have to be
international treaties, etc., much like we do now with regular
broadcast media. In the meantime, ISPs would voluntarily honor the
block list, and we would be free of 99% of the spam.

We can solve the problem ourselves, or wait until governments do it
for us. The wait may not be long, however. Spam is already 50% of
the internet traffic, and doubling every 3 months.

-- Dave

Relevant Pages

  • Re: attachment and e-mail where to report these security issues?
    ... THAT is why the ENTIRE headers should be ... sent to the originating ISP, so the ISP can look up the correct originating ... report that DOES include the headers. ... >> has an infected system, don't you think they would like to know about it ...
    (microsoft.public.security.virus)
  • Re: attachment and e-mail where to report these security issues?
    ... As far as the "looking up" I was referring to looking into the headers. ... headers, how to figure out the originating ISP to send the information to, ... the address listed as the sender is not likely to be the actual sender. ... > report that DOES include the headers. ...
    (microsoft.public.security.virus)
  • Re: Computer ID / IP Address Questions
    ... As for the IP you have, that is assigned by your ISP and changes from time ... When you read an email's Headers, the TOPmost header is the most recent. ... Some places, like Yahoo, can ma,e a mess out of Headers, ... How in the heck did yahoo know my web mail message originated from ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: [kde-linux] Kmail Problems. Was: Installing KDE4 on Sid
    ... I was wondering whether the headers could say whether one or more ... SuSE updates? ... these are all coming from the ISP's servers. ... I was tempted to become an ISP and run my own servers. ...
    (KDE)
  • Re: [Full-Disclosure] Odd packet?
    ... >> However, as you said, no ISP, which has to follow rules and regulations in the ... however in rfc 1700: ... then an ISP should be disturbed if there were ever reports ... The ISP are in a sense implementers of an IP network, ...
    (Full-Disclosure)