Attn MCI/UUNet - Massive abuse from your network

Dr. Jeffrey Race jrace at attglobal.net
Thu Jun 24 08:17:35 UTC 2004


Chris why do you give me such easy ones? :)

This situation has been known for years and it is I repeat trivially easy to solve.

1-There are relatively small numbers of serious spammers and of ISPs.
2-In your contract you require all your customers to know the true identities of
    their customers (if juridical entities, their officers and directors) and to impose
    this requirement on every subcontract.  ISP violators will be terminated immediately.
3-The end-user contract must state that spamming is forbidden; there are
   penalties for infraction, notionally $500 for the first offense, $5,000 for
  the next, $50,000 for the third, AT WHATEVER CARRIER IN THE SYSTEMWIDE
  DATABASE.   The end-user
  must provide a validated credit card.   Customer agrees that violation will
  result in immediate termination with prejudice which will be logged in a system-wide
  shared database.
4-No applicant can be accepted without first checking this database and ROKSO.

Violation of such a contract is not just a civil matter resulting in penalties (charged
against the credit card which affects the applicant's credit history).   It is also the
criminal offense of "fraud in the inducement" because the perp signed the 
agreement with the prior intention to violate it.

Therefore when your downstream terminates a perp, they enter him (by real name)
in the system-wide database, collect the penalty, and file a police report and have
him criminally prosecuted.  If they refuse, you terminate the downstream.

Poof!  MCI spam problem goes away in 30 days.

I went through all this with your counsel Neil Patel.  Your company refused to
do anything, because it wanted to continue to profit from spam.    The adventure
continues.

Chris--nothing personal.   It's just business.  These are the facts.  Lots of
companies have procedures like this in place which is why they don't have
spam problems.

Jeffrey Race





On Thu, 24 Jun 2004 06:34:25 +0000 (GMT), Christopher L. Morrow wrote:
>On Thu, 24 Jun 2004, Dr. Jeffrey Race wrote:
>> On Thu, 24 Jun 2004 03:05:41 +0000 (GMT), Christopher L. Morrow wrote:
>> >Sure, customer of a customer we got emailtools.com kicked from their
>> >original 'home' now they've moved off (probably several times since 2000)
>> >to another customer. This happens to every ISP, each time they appear we
>> >start the process to disconnect them.
>>
>> This is too flagrant to let pass without comment.
>>
>> This "endless loop" situation does NOT happen to every ISP, only to those who
>> have not emplaced procedures to prevent serial signups of serial
>> abusers.  This is
>
>Sorry, you mistook my statement, or I mis-spoke it such that you would
>misunderstand it :( So, the point I was trying to make I'll try again with
>an example: (situtation not made up, parties made up)
>
>1) spammer#12 signs up as a webhosting customer of Exodus who is a
>customer of As701
>2) 701 gets complaints, notifies good customer Exodus who terms the
>spammer's website/box/blah
>3) spammer#12 signs up with next 50$/month hosting site Abovenet off 1239
>4) 1239 gets complaints notifies the good customer abovenet who terms the
>customer.
>.
>.
>.
>12) spammer#12 signs up with webhosting group rackspace who is a 701
>customer
>13) return to step 2
>
>This process happens repeatedly, spammers know they can get about a month
>of time (or more, depending on upstreams and hosting providers in
>question) of life, either way it's just 50 bucks.... At all times, they
>are not customers of 1239, 701, whomever... they are a customer of a
>customer. So, 701 or 1239 never know who the downstream is, in the
>particular case of emailtools.com this is the case... Or, that's what
>seems to have happened since they were a customer of some NYC based
>customer 4 years ago, and are now a customer of some TPA based customer
>now.
>
>> trivially easy to do and your firm's failure to do so and to enforce
>> this rule on your
>> contracting parties definitively proves your management's decision to
>> profit from
>> spam rather than to stop spam.
>>
>
>I'd also point out someting that any provider will tell you: "Spammers
>never pay their bills." This is, in fact (for you nanae watchers), the
>reason that most of them get canceled by us FASTER... Sadly, non-payment
>is often a quicker and easier method to term a customer than 'abuse', less
>checks since there is no 'percieved revenue' :(






More information about the NANOG mailing list