Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com> wrote:
I recently ran across the following email which came from an ISP responding
to a complaint about an infected system on their network issued by DShield
(http://www.dshield.org/):
---------snip------------
...
We don't care, the major issue is that we don't want to receive this kind
of mail, because we're a large ISP and we have no control about our
multiple clients and their Windows systems.
Your mail was annoying, so we simply filtered it out. We know that many of
them are infected even if we don't receive your mail.
---------snip------------
I understand 100%.
Even 2 years ago, I had big fights with users of anti-spam systems,
who "helpfully" notified me that my domain was being used in the From:
& body of spam. They were *quite* angry when I told them I didn't
want to see such messages, ("but you may have a bad user at your
domain!"), and that I was the *only* person with an account at that
domain.
I finally fixed the problem by getting the anti-spam vendors to
quench *all* reports for my domain.
The solution here is not to send the ISP a notification. The
solution is to send them a sales rep, who can sell them a 1Gbps switch
with full anti-virus scanning & fuiltering capabilities. Even if it
costs $100K, they will recuperate that quickly, in fewer support
calls, a more stable network, etc.
And I think that the root cause of this behaviour (for good or bad)
is that the IETF does not do compliance testing or enforcement. If
they did, it would be possible to order them removed from the net, as
a non-net-friendly system. But politics can be massively abused,
which is why the IETF has avoided it until now.
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg