Lazy network operators - NOT

Mon Apr 19 02:39:49 UTC 2004

On Sun, 18 Apr 2004, Doug White wrote:
> Well, Paul did advance a methodology - blackhole them all <grin>

If Paul came up with a practical way to fix millions of compromised
computers which didn't involve hiring entire second-world countries
to talk grandma through the process, I think many people would be
interested in talking to him.

On the other hand, repeately shocking the rat regardless of what it
does, just results in the rat sitting in the cage afraid to do anything.

> I prefer to send a
>
> 550 IP blocked for USE - for resolution contact your service provider.

If you haven't noticed, the infected user doesn't notice this.  However
many other people with legitimate uses are frequently caught up in the
collateral damage.

That's why I keep advocating better ways to identify the specific sources
of the unwanted traffic, even if they change IP addresses.  That way you
could positively block the infected computers from not only mail but
anything else you don't want to supply (no more GOOGLE/YAHOO/CNN for you),
without massive collateral damage.  Then the cost-benefit equation would
be closer.  If you annoy a lot of people, lots of people can completely
and positively ignore you.

With better identification, you directly receive the benefit of keeping
your computer clean.  You eliminate the third-party dependency of needing
to fix other's peoples mistakes in order to do your work.  It also makes
it easier for other people to take action, because the collateral damage
is less.

> The job becomes even more difficult when not everyone can agree on what is spam
> and what is legitimate.

Stop requiring people to agree on it.

If you want to force third-parties to do stuff, you must define exactly
what you want them to do or not do. On the other hand, if you have the
power to make the decision yourself, you don't need to convince a
third-party the activity was a violation.