SPEWS?
Steven J. Sobol
sjsobol at JustThe.net
Thu Jun 20 18:35:16 UTC 2002
On Thu, 20 Jun 2002, Andy Johnson wrote:
> Doesn't anyone see the irony here? Fighting abuse with abuse is somewhat
> counter-productive.
*Spamming* or launching a DoS attack in response to spam is definitely
abusive. I understand your point here. I don't think it's an invalid one.
I do believe that whether escalations are abusive is a question that is
open to debate. Indeed, I believe the question *should* be debated.
> This all boils down to more or less the user missing/not receiving an
> important email. So by blacklisting a netblock which originated SPAM, and
> more importantly, its neighbors (or in SPEWS case, the entire AS and
> netblocks announced from it), you are preventing valid emails from being
> delivered. So SPEWS is just as guilty of depriving people of their mail as
> spammers are IMO.
Which is more important? The right to express yourself or the right for
a property owner to protect his property? I've always claimed that
property rights trump free-speech rights, and where spam is concerned,
the courts have agreed with me (e.g. the AOL case and the CompuServe
case against Sanford Wallace back in the mid-1990's).
Now, the big question with blocking is whether or not your users are aware
of the blocking happening. In a service-provider environment, a good
network admin will make his customers aware of the blockage and either
have them agree to it or allow them to turn it off. But that is not a
moral or ethical issue. That's a contractual issue. If the provider is
arbitraily blocking stuff without telling his customers, yes, that can
be said to be a moral or ethical issue, but I make the assumption, for
the sake of this particular thread, that the customers know what's going
on.
As to whether it's counter-productive, again, whether or not it is is
based in large part on whether or not the customers have agreed to it.
My opinion is that the end-users *must* always have final say over what is
blocked or not blocked.
> Regarding your last comment, when tracking down and filtering a DoS, do
> you filter just the offending IP space, or ALL netblocks announced by that
> AS?
Neither; I don't run any devices that need to speak BGP. If I did, I'd
start by filtering the offending IPs only. If I still saw attacks coming
from elsewhere in the ISP's netspace I would broaden the range of the
blocks.
--
Steve Sobol, CTO JustThe.net LLC, Mentor On The Lake, OH 888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance
stance towards abusive priests. The fact that 20% didn't, scares me...
More information about the NANOG
mailing list