[SpamCop-List] Re: Legal Question
pete at heypete.com
Sat Nov 20 04:37:05 EST 2004
In article <slrncpua5p.172.nobody at 127.0.0.1>,
Steven Maesslein <nobody at nowhere.invalid> wrote:
> If we're talking about mail traffic, then I'd say that they were.
I've not gotten much spam from Comcast recently, which is surprising.
Personally, I'd do what AOL did (to great success) -- redirect all
outgoing port 25 data to an AOL mailserver.
This allows rate-limiting and virus-scanning on outbound mail without
requiring people traveling away from their home connection to change
their mail client settings. It's technically quite a simple thing. If
AOL can do it (and their mail people are good -- actively communicating
on SPAM-L and otherwise doing good stuff), anybody can.
Sure, it won't stop *all* problems, but it'll greatly reduce spam and
viruses being sent direct-to-MX by zombied machines and give the ISP a
paper trail to identify zombied machines and take appropriate action.
I don't bother with the redirecting, I just block all port 25 and
require users to use my SMTP server which has rate-limiting,
virus-scanning, etc. on it. It works out quite well for a provider of my
size. A provider of Comcast's size would be better off redirecting, as
it would cut down on support calls from goobers who can't reconfigure
their SMTP server in their client.
> Comscat's clients enter into a legally binding contract between
> themselves and Comscat saying "thou shalt not spam". If they *do* spam,
> whether knowingly or not, then it's Comscat's responsibility to enforce
> the terms of the contract.
Comcast's rules at http://www.comcast.net/terms/subscriber.jsp, section
10, sub-section f state, "Comcast's failure to insist upon or enforce
strict performance of any provision of this Agreement shall not be
construed as a waiver of any provision or right."
Thus, although it's against the rules to spam from their system, Comcast
disclaims any responsibility for their users actions.
Their AUP at http://www.comcast.net/terms/use.jsp also states, "The
failure of Comcast or its suppliers to enforce this AUP, for whatever
reason, shall not be construed as a waiver of any right to do so at any
Any provider of appreciable size will have spammers on their network.
Such is life. However, as long as the provider swiftly terminates based
on complaints, that's fine. It's the "pink contracts" and unresponsive
providers that we need to look out for. I'm not sure how well Comcast
handles actual spammers using their cable lines, but it doesn't seem
that they're too responsive about zombies on their networks, which are
just as bad.
Through the judicious use of the CBL (via the Spamhaus XBL, which I
strongly recommend for any administrators), I've cut down my
virus-and-zombie spam load substantially. The SpamCop BL also helps
catch them quickly as well. The njabl.org "dynablock" list seems to list
all/nearly all of Comcast's dynamic IP addresses, as well as those from
many other providers. Using it would presumably limit incoming mail from
said dynamic addresses -- most residential users should be using their
ISP's mailserver anyway.
I'd like to see Comcast do more to stop the spam and the zombies, but
short of pressure applied by external networks (by means of widespread
blocking) and internal customers (who can't send mail due to the
blocks), there's not going to be much done.
More information about the SpamCop-List