[Dshield] Idea for dealing with ISPs that ignore abuse notificatons was RE: The Art/Tao/Zen of Abuse e-mails (Was: [Fwd: WHY IS YOURCUSTOMER...])

David Cary Hart DShield at TQMcube.com
Fri Aug 25 19:18:35 GMT 2006

On Fri, 25 Aug 2006 08:19:02 -0700, "Tomas L. Byrnes"
<tomb at byrneit.net> opined:
> One way to change those economics is if we all were to block ALL
> traffic from the CIDRs of non-responsive Abuse aliases.
> Perhaps DShield could post a list of CIDRs managed by RPs that don't
> respond to fightback.
> That changes the equation, at least for fightback, drastically:
> "Do something about these reports, or we will publish your IP
> addresses to a list that is used worldwide to block traffic".
> If they don't respond to messages from DSHIELD/SANS, and/or keep
> their RP contact alias up to date, they're not good netizens, and
> deserve to be cast into the outer darkness.
I'm still working on the concept for a Dshield DNSBL zone. The data
analysis from our recent DDoS serves to confirm the close correlation
between security lapses and spam.

Bouncing email tends to get their attention - FAST. Of course, this
does nothing for ISPs that ignore problems in dynamic space like

Our DNSRBL - Eliminate Spam at the Source: http://www.TQMcube.com
               Don't Subsidize Criminals: http://boulderpledge.org

More information about the list mailing list