Reporting Little Blue Men

all the involved parties. Since no one is getting physically injured and
no money is being stolen, I think they are just waiting to see what

Who says no money is being stolen?

Every time a UCE is delivered to my server, someone out there has stolen
resources from me. Resources *are* money.

Everytime a network is smurfed, network resources have been stolen.

It's just like as if someone out there set up an auto-dialer to tie up
a businesses fax machine, or busy up all their lines.

But you should note that both authors also indicate that (from Cheswick and
Bellovin, page 205): "Computing and electronic communications service
providers are more limited in their right to monitor user activity. Just as
the phone company personnel may not, in general, listen to your calls,
employees of a public electronic mail service may not read your messages,
whether in transit or stored." There will be more detailed information in
our spam policy.

Yes, but if the phone company wishes, they may decide to block certain
"rogue" exchanges from reaching their network. I know of no such cases
because you have to be a licensed CLEC, and the Internet has no such
equivalent. But I have a real hard time swallowing the idea that use of
the RBL (for example) might be considered illegal.

Get people to stop illegally blocking spam,

Not a bloody chance. I block 500 spams every 24 hours at the system level
(procmail based filtering) and I don't even know how many more at the IP
level so it never makes it to my mail server. I have a right to protect
my business from those who wish to steal resources from it without paying.

But, believe me, I (as would most others) like nothing more than to be
able to turn off all my filtering.

and then get the spammers to
stop illegally using relays.

Relays aren't the only problem. The problem is that SPAM is an
acceptable form of advertising in the eyes of the US Government (and others).
Much of the spam we receive comes from hotmail, msn, ATT worldnet dialups, etc.
It's not sent through a relay, but sent through the original dynamically
assigned IP. Spam software gets smarter all the time.

As it's been pointed out several times, including the last NANOG, there are
no technical means available to eliminate SPAM, only reduce it.

Once the network and online providers obey
the law, you can ask the spammers to obey the law, too.

That's a pretty interesting comment. How many spammers have you interviewed
that support this theory?

Dave

The key point that many missed is that because the FBI is overloaded with
complaints like this, legitimate DoS attacks go uninvestigated and
unprosecuted.

Normally, Eric (the original poster of the smurfing problem), would go to
the FBI for help in tracking down and prosecuting the perpetrator.

But some have noticed lately that they aren't getting much help in DoS
cases. I'm just explaining why.

Further, I hope it should be clear that spam non-combatants have to get
involved to stop the chaos, and enforce federal laws on spammers and
anti-spammers, or suffer further lack of police response on real crimes.
We are the ones who are damaged, when real crimes against us aren't
prosecuted and real crimminals aren't punished. Thats what spam has to do
with smurfing.

all the involved parties. Since no one is getting physically injured and
no money is being stolen, I think they are just waiting to see what

Who says no money is being stolen?

Every time a UCE is delivered to my server, someone out there has stolen
resources from me. Resources *are* money.

They are resources you have sold to your customers. You can't snoop what
your customers do with the resources. If you doubt this, read first my
spampolicy, then buy "Firewalls and Internet Security", and "Unix System
Security", read what they say, and then discuss the laws with your lawyer.

Everytime a network is smurfed, network resources have been stolen.

It's just like as if someone out there set up an auto-dialer to tie up
a businesses fax machine, or busy up all their lines.

Intent is a key issue. If they are doing it to deny services, they are
breaking the law. If you have a ton of users all trying to dial in, they
are not breaking the law; you sold them accounts.

People actually trying to sell products via email are not trying to deny
services. They are not breaking the law, at least, not by existing. But
the FBI is swamped with these sort of complaints. They aren't buying them.
And they are overlooking legitimate complaints because of it.

Relays aren't the only problem. The problem is that SPAM is an
acceptable form of advertising in the eyes of the US Government (and others).

Thats a political issue. Good luck, and have fun storming the castle.

But when you take the step from advocacy to actions you are violating the
law in almost every case. You can advocate anything, but you can't go
tearing down buildings, or in this case, intercepting communications.

Even if anti-spam laws are passed, you won't be able to monitor packets or
users to detect violations of the law, any more than the phone company can
listen in on your calls to make sure you aren't placing illegal bets.

    --Dean

Ok, but some case I just saw mentioned somewhere drew a line between
people looking at things, and programs processing them automatically,
placing the former in the category of editorial control, but not the
latter. Don't remember the context, think it was Usenet. Presumably,
if that legal theory held, it could be applied to spaminators, as well.

No?

Cheers,
-- jra

Jay R. Ashworth wrote:

Ok, but some case I just saw mentioned somewhere drew a line between
people looking at things, and programs processing them automatically,
placing the former in the category of editorial control, but not the
latter. Don't remember the context, think it was Usenet. Presumably,
if that legal theory held, it could be applied to spaminators, as well.

It was the data tap that the government did on the Argentinian cracker lastyear.
Their program output data only when the keywords were present and
even then it was only n characters before and after the keyword.

No, as Dean correctly pointed out to me just now, it was the
Intellectual Property rights vs. web caching discussion right here,
last week.

Cheers,
-- jra

If someone is stealing long distance services from AT&T are they
prohibited from tracking/tracing/blocking the activity?

Some spammers argue that their recipients buy flat-rate services and not
bandwidth by the bit. Does that mean that someone stealing long distance
can argue that it isn't really stealing because it doesn't cost AT&T for
the services the thief steals? We are talking apples and apples here:
electronic services/resources.

Stealing is taking our using something without the owner (the person who
paid for it) giving permission, even if the owner will later resell those
services to a customer. If I buy a box of cornflakes to resell later,
the fact that I will resell it doesn't mean you can take content out of
the box before the customer receives it, esp when the customer will come
back to me asking where the rest of the cornflakes are. Substitute
bandwidth for cornflakes. If the spammer takes away bandwidth which would
go to the customer, services have been stolen. With the use of frame relay
clouds w/CIR's spam or smurf could definately impact on response time etc.

- James D. Wilson
netsurf@sersol.com