Despamming wholesale dialup

Dean_Anderson · October 30, 1998, 6:52pm

One problem is that the wholesale provider may not have permission to do
this. You must obtain permission from a party to the communication prior to
interfering with it, unless it qualifies as an abuse.

You should be aware that the pro-spammers have a bill in Congress to
explicitly define spam as a legitimate activity, ie not an abuse. It will
likely be passed in this session. I tried to tell people a year and a half
ago that spammers were closely associated with an advertising lobby that
would be effective on this is issue, and that they needed to try a more
reasonable approach. But they insisted "I was wrong".

So "Spam fighting" is now a lost cause, which should not be discussed on
Nanog anyway.

--Dean

Ray_Everett-Church · October 30, 1998, 8:45pm

An interesting answer to the problem you discussed above was suggested by
somebody from the EFF at a spam BOF at USENIX this summer. He suggested
that by default, you filter on port 25. But if somebody needs access for
legitimate reasons, or even if they don't, have a letter they can fill out,
sign, and send in which states that they will not send spam, subject to a
$500/message penalty. Then if they do, just bill them.

One problem is that the wholesale provider may not have permission to do
this. You must obtain permission from a party to the communication prior to
interfering with it, unless it qualifies as an abuse.

Only if you have a really narrowly and poorly worded AUP/TOS contract. The
Electronic Communications Privacy Act forbids looking at the contents
without authorization, but carriers are protected in certain circumstances
some cases and moreover most carriers have provisions in their contracts
that fill in the gaps. I would be very surprised if blocking port 25 would
be covered by ECPA... filtering it for content without authorization is a
different matter.

You should be aware that the pro-spammers have a bill in Congress to
explicitly define spam as a legitimate activity, ie not an abuse. It will
likely be passed in this session. I tried to tell people a year and a half
ago that spammers were closely associated with an advertising lobby that
would be effective on this is issue, and that they needed to try a more
reasonable approach. But they insisted "I was wrong".

So "Spam fighting" is now a lost cause, which should not be discussed on
Nanog anyway.

  --Dean

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
          Plain Aviation, Inc dean@av8.com
          LAN/WAN/UNIX/NT/TCPIP http://www.av8.com
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Um... well you're wrong, at least on the subject of the pending
legislation. The anti-spam lobby was successful in getting it stripped from
the legislation which passed the House, and although Sen. Murkowski was
interested in putting it back during the conference committee process, it
languished there and wasn't finished before Congress adjourned. So all the
pending spam legislation - both anti and pro - is dead for now. And yes, it
is off topic for Nanog.

-Ray

-- ------------------------------------------------------------------
Ray Everett-Church (RE279) * More info: <http://www.everett.org>
Attorney/Internet Consultant * Opinion(REC) != Opinion(client(REC))
This mail isn't legal advice. * Outlaw Spam = <http://www.cauce.org>

Steve_Sobol1 · October 30, 1998, 9:30pm

One problem is that the wholesale provider may not have permission to do
this. You must obtain permission from a party to the communication prior to
interfering with it, unless it qualifies as an abuse.

Don't start again, Dean.

You should be aware that the pro-spammers have a bill in Congress to
explicitly define spam as a legitimate activity, ie not an abuse. It will
likely be passed in this session.

Wrong. It died. Unfortunately, the telephone anti-slamming bill died with
it - the spam rider was attached to the anti-slamming bill.

I tried to tell people a year and a half
ago that spammers were closely associated with an advertising lobby that
would be effective on this is issue, and that they needed to try a more
reasonable approach. But they insisted "I was wrong".

You're still wrong. The DMA and its members seem to be adopting a wait-and-
see attitude, although they seem to be moving towards action...

So "Spam fighting" is now a lost cause

Whatever.

which should not be discussed on Nanog anyway.

Which doesn't stop you from whining about spamfighters every few months
anyhow.

Dalvenjah_FoxFire1 · October 30, 1998, 9:33pm

On Fri, Oct 30, 1998 at 03:45:29PM -0500, Ray Everett-Church put this into my mailbox:

Only if you have a really narrowly and poorly worded AUP/TOS contract. The
Electronic Communications Privacy Act forbids looking at the contents
without authorization, but carriers are protected in certain circumstances
some cases and moreover most carriers have provisions in their contracts
that fill in the gaps. I would be very surprised if blocking port 25 would
be covered by ECPA... filtering it for content without authorization is a
different matter.

According to the local US Asst. Atty. Gen., if you tell people you're going to
monitor, block, whatever before they sign on to your system and give them
the option of going away (this applies to telnet pre-logon banners, but
I'm sure an AUP contract falls under the same auspices), and they continue
to use your system after being made aware that you can do this, they have
absolutely no grounds to complain/file suit/whatever under the ECPA.

The usual disclaimers apply. (I am not a lawyer, I cannot quote the
specific sections of Title 18, etc. etc. etc.)

-dalvenjah