Points on your Internet driver's license (was RE: Even you can

John Curran jcurran at istaff.org
Sun Jun 13 17:14:57 UTC 2004 

Paul,
 
   Actually, credit agencies don't have a single standard for what
   "bad" is; they are obligated to only keep factual data (as can
   be best determined) in the files.   When you cause a credit
   report to be checked, one or more algorithms are used to
   score your credit, but the algorithm used is up to the particular
   inquirer and credit bureau.

   It's not that hard to make this one work for spammers, but you
   need some key pieces to all be in place:
 
   1.  Common definition for what information is kept
   2.  ISP's need customer contracts which allow reporting of
        incidents and terminations to any/all such bureaus
   3.  ISP's need to figure out how to handle a "new" site
        which has no listings.   Spammers already figured out
        that some ISPs do D&B credit checks, and have gotten
        very good at appearing as a new "startup" a week later.
  
/John

At 4:50 PM +0000 6/13/04, Paul Vixie wrote:
>owen at delong.com (Owen DeLong) writes:
>
>> Perhaps what is needed is a reporting agency, similar to the credit
>> reporting agencies, where ISPs can register chronic problem-customers.
>> Eventually, your internet credit rating deteriorates to the point that no
>> ISP will offer you service.
>
>it is with some discomfort that i watch the last decade or so of ultimate
>final solutions to spam be rediscovered on a sleepy nanog weekend.  the
>reason the above analogy fails to hold (and why that proposal isn't a
>solution) is that credit reporting agencies have an established standard
>for what "bad" is -- days overdue on payments.  there is no similar standard
>for a tcp/ip endsystem, and there can be none.  a week doesn't go by without
>some goober-with-firewall complaining that f-root is portscanning him.  as112
>gets it every day at least two or three times.  someone else here reports
>that his squid proxy is regularly reported by norton's tools because it sets
>unusual bits in the tcp header.  and so on.
>--
>Paul Vixie

More information about the NANOG mailing list