----- Original Message -----
From: "Julian Mehnle" <bulk(_at_)mehnle(_dot_)net>
Sent: Sunday, February 06, 2005 7:55 AM
Subject: RE: [spf-discuss] Spam Zombies use ISP's MX to proliferate their
Nico Kadel-Garcia wrote:
Chris Drake wrote:
> > The answer is to put reasonable limits on email sending in place.
> Err - no - the answer is for the ISP to send the zombie victim one
> message saying "clean your PC, then phone the help desk", then
> disconnect them and block their login. If you put a barricade in
> front of a zombie, the zombie owner will adapt around it (eg: program
> the zombie to auto-create HTTP accounts for sending from, or
> whatever). If you *remove* the zombie, well, that actually solves
That's quite expensive for ISP's to do,
Manpower. Let's take an ISP of 1000 clients. Let's say that 5% of them wind
up being zombied (a not wildly unreasonable number). That's 50 people, and
you'd think you could just fire off a note and yank the plug.
Nuh-uh. First, you've got to set the policy. That's executive man-hours.
Then you've got to write the policy into the user contracts. Then you've got
to have the lawyers double check it so that the ISP is not liable for
anything that slips past you, and that you don't imperil your "common
carrier" status and leave yourselves open to *other* lawsuits. Then you've
got to keep spending the man-hours dealing with the shrieking customers who
got their account yanked and missed their business email or their plan
reservations or whatever they considered important, even if they're just
lying about how important it was. Then you've got to deal with the bad
reputation you get for censorship for being hardasses about this kind of
It adds up. Some of this is the cost of doing a competent business, but that
doesn't make enforcing a rigorous policy cheap. You lose customers who get
cut off and then find some less well-run service to connect them. (For
example, ISP's that simply block port 25 outgoing, use SMTP-AUTH, and don't
have to worry about this.)
and gets them into the same sort of ranting and whining that we see now
from people who think SPF infringes their freedom to send email from
wherever they want pretending to be whoever they want for their
So what? If disconnecting zombies until unzombified actually solves the
problem and not just mitigates the symptoms, it is the right thing to do.
People whine all day for irrational reasons.
True, but your business as an ISP includes selling your services. Whining
hurts your sales, and ignoring whining can get you sued. Justified or not,
successful or not, lawsuits cost money and can put you out of business.