On Feb 22, 2007, at 1:41 AM, Brian E Carpenter wrote:
The level of bulk unsolicited messages exceed more than 90% of the
volume in many cases
I estimate 95% of moderated non-member mail that hits the IESG list
to be b.u.m.
Much that slips past somewhat static (and not very effective) lists
come from a small percentage of network providers not managing
prohibitions of bulk unsolicited messages. On one hand, network
provider's revenues depend upon traffic, any traffic. On the other
hand are support calls. Effective black-hole operators only deal
with network providers. Network providers can stipulate which
address ranges are placed on the black-hole operator's policy based
lists. When bulk unsolicited messages are detected from sources
enabled by the network provider, the network provider is contacted
first. Deference is afforded when a network provider responds, where
avoiding a listing is truly a shared interest.
Customers of network providers that do not to respond to reports, and
that also have a high density of IP addresses emitting bulk
unsolicited messages are unfortunately at risk. When a customer
becomes listed, the black-hole list operator will likely inform them
they must contact their network provider, as the network provider
must act on their behalf. It is impossible to develop relationships
with billions of network provider's customers, where those wishing to
send bulk unsolicited messages are also often less than truthful.
Short of making bulk unsolicited messages outright illegal or
permitting complete mayhem, the tussle remains between black-hole
list operators and network providers, an aggregate of receivers
versus an aggregate of transmitters.
Network providers very much desire black-hole operators to
automatically delist IP addresses when their customers complain to
the black-hole operator. Ongoing efforts in the ASRG voice this
desire in a draft aimed at advising black-hole list operators. This
draft does not clarify how network providers are identified, or
attempt to describe the network provider's role in controlling bulk
unsolicited messaging. Ignoring the role of the network provider may
be extremely profitable for some, but is also likely to be highly
detrimental for the Internet as a whole.
A better way to deal with this problem would be to impose stiff
sanctions on network providers who fail to handle reports of bulk
unsolicited messages. This will mean they need to deal with
fraudulent accounts or block infected computers. Currently, the PITA
created by black-hole lists create some financial incentive that
restrains BUMs at their current, albeit high, levels. Ignoring the
role network providers play in controlling bulk unsolicited messages
will likely allow this problem to grow much worse.
-Doug
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf