On Tue, 11 Mar 2003 18:03:21 -0300, "Alejandro G. Belluscio"
<baldusi(_at_)uol(_dot_)com(_dot_)ar> said:
Yes. Because the the SMTP manager is the one who has to deal with the
spammer. If he doesn't he'll have his certificate revocated. A spamhause
won't get a certificate, or get revoked quite quickly. That's also in
part why we send the the Spam Claim to the signer of the certificate.
Of course, if the SMTP manager is on the payroll of the spammer, and is
the signer of the certificate, they can just drop the Spam Claim on the
floor.
"A spamhaus won't get a certificate or get revoked quite quickly". Why is
there a spam problem, when spamming is against the official AUP at most ISPs?
After all - nobody would sell bandwidth to a spammer, or if they did, they'd
revoke it quickly, right?
So let's see - there exist shady ISPs that will sell bandwidth to spammers,
even though other sites may blackhole their entire AS (remember - the MAPS
RBL is available as a BGP feed, and used at some sites). But you don't expect
there to be any shady certificate issuers that will issue certs to spammers,
even though other sites may refuse to honor anything signed by them.
All you're doing is changing the problem from whack-a-mole bandwidth to
whack-a-mole certs. And that's even worse - the telco can take weeks to
deliver a DSL or T-1 to a new base of operations, but a new cert can be
delivered in minutes. Of course, the really serious spammers are either not
worried because they've paid off the ISP, or they've already got replacement
lines/certs/whatever already in process for the next spamming run....
pgpt6VXRS8lag.pgp
Description: PGP signature