This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Re: Additional Layers for Economic Incentives to improve Internet Security
- Previous message (by thread): [anti-abuse-wg] Re: Additional Layers for Economic Incentives to improve Internet Security
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jørgen Hovland
jorgen at hovland.cx
Tue Dec 28 21:43:31 CET 2010
On 28/12/2010 17:29, Joe St Sauver wrote: > Hi, > > jorgen at hovland.cx commented: > > #> #An ASN does not represent a single legal entity > #> > > Routine daily life requires reliance on what some term "basic continuity > assumptions", e.g., things that we take for granted because they've always > been so. ... > > ...Similarly, I'm willing to make the "leap of faith" and assume that AS25 will > continue to be Berkeley and AS4983 will continue to be Intel, etc. I think I'm not being clear enough. I am not talking about the single entity an AS-number is registered on. There are probably no AS-numbers on the internet that originates traffic from only a single legal entity, including Berkeley. When talking about blacklisting or nullrouting an AS-number due to unwanted actions taken from a set of IP-addresses you will probably always blacklist other legal entities than just the one(s) you really want to blacklist. The same applies for blacklisting IP-addresses although the probability is far less. > #> #Spam in general cannot be defined > #> > #> Sure it can, and many folks offer definitions, including folks such as > #> Spamhaus, see http://www.spamhaus.org/definition.html > #> > #> Other entities, such as MAAWG, prefer to opt out of the whole "what is > #> and what isn't spam" debate, simply referring to "abusive mail" for > #> things like their quarterly email metrics reports (see > #> http://www.maawg.org/email_metrics_report ) > # > #Didn't you just show me that it in fact cannot be defined in general? :) > > No. What you may be noticing is that, unlike units of measurement in > the metric system, where a single universal definition exists, squishier > concepts (such as spam) may have multiple accepted definitions that exist > at the same time. > Which was not what I meant, but you have a point there. Obviously there are a huge amount of spamdefinitions. The problem, if you can call it that, is that your definition is not equal to mine. Therefore, if you tell me that AS65000 is your top1 spammer in your network, that info is useless to me. You are right that it is fine with many definitions, but when dealing with global/regional policies and anti-abuse, which we for example do on this list, people seem mostly to refer to their own definition and have little or no understanding/respect of that there are others. > #A site that does measure real mail volume is senderbase. > > Senderbase does indeed measure real email volume. Unfortunately, that's > not the same as spam, although for many sites, spam may be 90% or more > of that total volume, so it may be closely correlated for some sites > that don't manage their outbound traffic. > Although I didn't mention it measured spam volume, there are however others that do. Cheers,
- Previous message (by thread): [anti-abuse-wg] Re: Additional Layers for Economic Incentives to improve Internet Security
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]