One way Worldcom is failing...

[strredwolf]

Lets create an ISP for this example, US.WSK. US.WSK has several plans, from dialup and DSL to hosting and colocation. It takes all clientel.

Several spammers set up shop on US.WSK and bomb the bejesus out of the Internet. Complains roll in... and get tossed asside.

More spam gets delivered, and the rest of the Internet suffers. The buzz starts, with complaints being published on Usenet and the Web over US.WSK. The damage starts, but US.WSK is ignorant to it.

SPEWS notices this, and publishes an advisory against accepting any email from US.WSK and all it's IP spaces. SpamHaus's SBL follows suit.

US.WSK says folks need to post at a website or whatnot to complain. It is then marked as RFC Igonrant.

The buzz reaches major news outlets, where it's rereported and customers learn. Customers also complain about the block... and learn about the problems. They redirect to US.WSK.

US.WSK does nothing.

Customers leave. Some file suit against US.WSK. Eventually, US.WSK goes bankrupt because of all the spammers it protected, and dies.

Worldcom is heading towards that line now. Don't believe the 9-12 month timeframe -- unless they kick off the spammers.

Comments

[ketrien.livejournal.com]

nevermind the fact that spamhaus is reguarded as a reactionary bunch of sycophants who like to block class b's when a single ip or /28 will do the job. nevermind the fact that worldcom/uunet does not directly sell dialup - they resell, and have no customer information beyond what the isp reselling the line tells them. oh, and let's not forget that most (about 70% or better) spammers use fraudulent names, addresses, and credit cards to sign up for the account, use it once, and never touch it again. nevermind the fact that the responsibility for eliminating suppliers resides squarely on the shoulders of the person directly providing the service, meaning if your isp has a pipe to uunet and the spammers are on your isp, it's your isp's responsibility. but this is america, where nobody's responsible for fucking anything. just look at the gov't and kids today. uunet's customers aren't leaving in droves, far from it, uunet is still signing up new customers and upgrading existing customers. know why? because they're the biggest, and still the best. (like genuity's competition to them now. that's like saying the family restaraunt down the road poses a serious challenge to denny's.) they also carry the vast majority of national and continental traffic for north america, though c&w currently holds trans-atlantic i believe, and panamsat is a gimme. but hey, when someone files for chapter 11, they're dead. funny, i don't hear people saying they don't shop at kmart anymore because kmart is in financial ruin currently...
think people. THINK.

[strredwolf.livejournal.com]

Nevermind that I've been around the net since '95.
Nevermind that I was spammed by CyberPromotions when it was the spam king.
Nevermind the fact that it took blocking the entire friggin ISP (AGIS.NET) to get them to realize "Uh, we have a problem here."
Nevermind the fact that we (independent sysadmins) kept trying to block the spammers, but they ether move around in IP space, or become the ISP themselves.
Nevermind the fact that we saw the rize and fall of MAPS, when it became obvious that agressive action was needed -- and we kept sending nominations in.
Nevermind the fact that SPEWS and SBL were created so that such agressive action can be done.

Nevermind the fact that UU.NET/Worldcom has a three-strikes policy that isn't enforced -- that straight from the Abuse Admin's mouth (John St. Clare) and observed policy.
Nevermind the fact that it took *years* to get UU.NET's dialup services to shut off port 25 to the Internet direct, and stop the policy of letting MSN/Earthlink/Netcom/Mindspring/others sharing each other's rented dialups.

Yes, it's the ISP's responsiblity. But if the ISP doesn't want to play, it falls on the upstream provider to nuke the ISP. Noone's responsible? Yeah, right. EVERYONE's responsible. The upstream is responcible for the actions of their clients, even if it's UU.NET to a ISP that doesn't want to do squat.

[strredwolf.livejournal.com]

By the way -- The person who runs the SBL and Spamhaus is accessible by reading news.admin.net-abuse.email. Just make sure you bring in a good scoring/killfiling newsreader like slrn. We get too many kooks.