On 07:48 PM 5/19/02, John R Levine wrote:
>I think this particular line of inquiry might lead to reinventing the
>credit bureau. We already have those. Once that rated potential ISP
>customers, the way that regular credit bureaus rate potential bank
>customers, might not be a bad idea.
That's actually a HUGE need. At SpamCon there was a lot of talk about how
ISPs might setup a customer-reputation clearing house (like a credit
bureau) where ISPs could report and share information about bad customers
(spammers) like other businesses report and share information about bad
payees. This would provide ISPs with more control to avoid selling
throw-away accounts to the known spammers.
However... there are quite a few known spammers that buy throw-away
accounts (usually using fraudulent identification when signing up) and move
from ISP to ISP as they get nuked, and the ISPs are relatively powerless to
attack them, to prove it's them, to get law enforcement interested in
investigating, etc. The lack of a solid law seems to be the biggest
stumbling block. As I said earlier, get a law that lets ISPs set their
policy and fees, and makes it possible for an ISP to send someone to JAIL
if they violate the policy and don't pay the fee/fine, and I bet spam
originating in the US or benefiting a US company will quickly die off. We
just have to make the risk greater than the payoff.