> From: Valdis.Kletnieks@vt.edu > The problem is that ARIN is sending a bill to the owner of a /8 that it > has to forward to the owner of the delegated /15 who sold bandwidth to > a /24 - and the activity isn't violating the AUP of the /8 (remember, > they only sell connectivity - and you do NOT want to get into content-based > stuff - there's a reason why 17 USC 512 gives a safe-harbor to ISPs regarding > their users). I was not thinking very big bill, say $100-500. Size would not depend on the ISP. What it would actually cause, that when they delegate or sell forward, they would probably require a deposit that covers the bill from each customer. ISP would pay up, but pass the buck downward. Also, maybe modification: the bill would not be sent for each spam incident. It would be sent when a spam incident is detected. ISP would have a week or some other predefined time to close the "leak", before another bill would be sent (if spam continues). > Again, the problem is that you're sending a bill to somebody who may be legally > unable to do anything about it - if I run an open relay, and my contract with > my ISP doesn't say anything about what the packets are, they don't have much > right to turn it off if my bill is paid. And how does the ISP tell the > difference between an "open" relay and a heavy e-mail user? It doesn't need to tell. Spam is detected when receivers complain, and at least currently, SPAM is easy to recognize just by looking at the content. (And, if sender claims it was requested, they better be able to prove it). The contract must have the SPAM clause and require the deposit to cover the bill.