Pat wrote:
> So I, John Q. Spammer go to an ISP and ask for a connection. I tell
> ISP I want to be known as 'spam.com'. I do not tell the ISP I want
> to be known as '208.31.42.98'
Um, Pat -- that's not correct. The ISP has absolutely nothing to do with
your domain name. You don't tell him what you want to be known as at all
in most cases. Usually they just assign you an IP address. If you have
your own AS number and assigned block and are going to run BGP, you tell
them what your IP is. But in either case, no domain names are involved.
The only time the ISP might nbeed to know that info is if in addition to
being your ISP they are also providing additional value added services,
above and beyond just being an ISP, such as DNS hosting or SMTP mail.
> ... ISP says I will take care of all that once you get installed by
> a registrar.
The registrar is the only business that needs to know about your
domain name. Our ISP does not know/need to know/care what our domain
name is.
> Quite a difference, the registrar _is_ like directory assistance,
> but different in the sense that directory assistance does not
> _assign_ anything, but simply reports on what has been assigned. So
> if the registrar was not a greedy son-of-a-bitch and started saying
> NO! that would help a lot. Oh yes, I know that John Q. Spammer
> could try to cut a deal under the table direct with the ISP, or
> whomever it is that physically makes his connections in and out, but
> ISPs working in concert with registrars could do a lot to clean up
> the mess.
Given that in most cases involving spammers, the ISP has no way of
knowing what registered domains are using a block of addresses, that
won't work.
> And like the old system which was used with FIDO, when a site
> becomes a nuisance, he gets delisted, and if others up the line do
> not cooperate then _they_ get delisted also. The rule ISP's and
> registrars would use is that if John Q. Spammer was expelled by
> whoever, then no one touches him or works with him. PAT]
There is such a system in place more or less. The ROKSO list run by
spamhaus is pretty much what you describe.
It's of limited use, however. The spammers use prepaid debit cards
under phoney names to register domains, so they can't be identified
before hand by the registrar.
Most spammers these days don't even really have an internet connection
for their business per se -- they hire a sleazy overseas company to
host their server for them. They use fake names again to do this. The
spam is sent as follows -- somone gets a consumer level dsl, dial up,
or cable internet account. They then use this ISP connection to get
trojan infected PC's worldwide to send the spam for them. Since no
spam comes form their own account, it never gets traced to that
account. The only identifiable things are the domain name of the
server, the registrar of the domain name, and the company hosting the
server.
[TELECOM Digest Editor's Note: Seems like an awfully convoluted way
of running your business, IMO. So my response would be to kill the
domain name of the server, chop off the registrar's head, and burn
down the company hosting the server. Fair enough? As one writer here
yesterday pointed out, the ISPs could cure a huge amount of the
problem (but I would say give the registrars some part of the job
also) if they gave a Good God Damn, which many of them do not, such
as MCI. And don't forget, MCI uses their employee Vint Cerf as their
front man/mouthpiece with ICANN, truly God's Gift to Netters everywhere.
And the small business people who run local ISP operations who _do_
care and _do_ attempt to check out new customers are treated like
imbiciles, the same as your Esteemed Moderator. PAT]