This WP article, Spammers’ New Strategy (washingtonpost.com) Talks about how some ISPs are letting their machines spew spam.
When I first started reading it, I thought they meant that spammers had taken over the ISP machines and the spam was being generated from Zombies. Easy solution for that, let the rest of the internet block traffic from that ISP unitl they get control of their machines back.
But, as I read it, they appear to be talking about customers of the ISP spewwing spam and not the ISP machines. Since most ISPs have anti-spamming rules, if one of their customers is IDed as a spammer the customer is usually removed from the ISP. That’s been SOP for years, where is the news?
Then it goes back to the ISP machines being used as zombies, using a software product distributed by a customer of MCI, hosted on a machine leased from MCI. So the antispammers want MCI to shut down the source of the software and not the spam itself. Not a good idea.
We can’t have ISPs turning off a customer site just because people disagree with what they have on their site. The ISP is not a content cop, judge, jury or executioner. The ISP should be blocking all spam that is originating through its site. Such spam is identified as email content that gets the ISP domain addressess blocked at a majority of receiving sites such that the ISPs non-spam customers can’t use email effectively.
Mail that is being sent with spoofed address/header information is spam.
I suppport blocking the source of spam, the so-called ‘blacklist’ approach, and it should be blocked as close to the source as possible. If that means blocking an entire ISP that doesn’t have control of its machines, so be it. Let them fix it or lose their customers.