Re: protecting ourselves from scammers

From: Roger B.A. Klorese (rogerk@queernet.org)
Date: Mon Dec 02 2002 - 08:57:49 EST

Next message: Chuck Hatcher: "Re: Verisign Name Store ???"
Previous message: Adrian Daminato: "Re: opensrs renewal reminder SMTP server blackholed by Spamcop?"
In reply to: Robert L Mathews: "Re: protecting ourselves from scammers"
Next in thread: steve@seasoned-software.com: "Re: protecting ourselves from scammers"
Reply: steve@seasoned-software.com: "Re: protecting ourselves from scammers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Robert L Mathews wrote:

>Even if it were always the case that "domain-owner->connectivity",
>wouldn't that just reinforce the point I made? If they're the same
>person, there's no need to complain to the domain owner; just send the
>report to the connectivity provider from ARIN, and it'll reach the right
>person anyway.
>
Why look up netblocks when you can use a public resource for its
intended purpose?

>And that you rarely get spam, for example, from people who have colocated
>a server someplace and started selling Viagra, or gambling, or porn
>through their domain name?
>
Spam's not a reportable/actionable offense under our AUP. Only threats
and similar probably-criminal offenses are.

>The contact information for
>network operators is by definition in ARIN WHOIS, not domain WHOIS, so I
>I don't quite follow the argument that reporting abuse to network
>operations personnel requires domain WHOIS -- it seems to argue just the
>opposite.
>
But that's domain WHOIS' purpose. Most people have never heard of ARIN
WHOIS, or ARIN for that matter, and there's no ned for them to.

>For example, the domain owner's postal address would still be available
>in the event of a lawsuit. And for simple form-letter copyright
>violations, the DMCA provides an official way for intellectual property
>owners to communicate directly with the ISP, who notifies the domain
>owner, and the domain owner can then respond with their physical address
>if they want to fight it.
>
Again, far too cumbersome -- why bring the ISP into it when they're not
a player?

>(I've noticed that most people who defend the use of WHOIS for legal
>purposes just assume that the current WHOIS system is accurate.
>
No, only that it should be.

>In the
>case of "bad guys", particularly egregious spammers, I've often found
>just the opposite to be the case,
>
Again, for us, spammers are irrelevant.

>and even if it isn't intentional, a
>good fraction of domain WHOIS data is out-of-date.
>
Deal with that, don't dismiss it.

>Again, we're
>presumably talking about evildoers here: asking them to enter their true
>address isn't something we can rely on for legal purposes.
>
Then they should be audited, not tossed out.

>And again,
>since the ISP is always going to be contactable, they're probably going
>to be a better bet for legal communication than the domain owner anyway.)
>
Again, who cares about ISPs?

Next message: Chuck Hatcher: "Re: Verisign Name Store ???"
Previous message: Adrian Daminato: "Re: opensrs renewal reminder SMTP server blackholed by Spamcop?"
In reply to: Robert L Mathews: "Re: protecting ourselves from scammers"
Next in thread: steve@seasoned-software.com: "Re: protecting ourselves from scammers"
Reply: steve@seasoned-software.com: "Re: protecting ourselves from scammers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:37:32 EDT