[Mimedefang] OS wars... [was Viruses: Bounce or Discard?]
David F. Skoll
dfs at roaringpenguin.com
Tue Sep 30 08:15:01 EDT 2003
On Tue, 30 Sep 2003, Joe Stevens wrote:
> Yea, we can crossrefrence the IP and time a message was send with the
> authentication logs, and find out who sent it -- thats easy... but BILL
> them? Where do we get the "right" from?
>From the Terms of Service your customers agreed to when they signed up.
> What do we do with the money we collect?
Well, that's a problem you should like to have. :-)
> You could also make the argument our users are paying for unrestricted
> access to the internet -- to do whatever they want with...
I don't know what things are like where you live, but here in Canada,
most of the big ISPs do not offer "unrestricted access" to the Internet.
Most, for example, forbid you to run servers, and many actively filter
out SMTP and HTTP inbound ports. Quite a few block outbound SMTP, forcing
you to relay through their mail servers.
Sure, some customers grumble. But for residential service, at least,
that's the future.
> and I think
> there is still debate over whether the unintentional propogation of a
> computer virus is even illegal; so its almost certainly not going to be
> "finable" by a non-government party.
Legality or illegality has nothing to do with it. Just as ISPs can charge
for excess bandwidth use, they can charge for transmission of viruses.
It's just a different class of traffic, and they don't need government
permission to do this, as long as they state their fee schedule up front.
In most parts of the world, ISPs are not as regulated as Telcos, so
they have considerably more freedom.
> Finally, there are so many rouge ISPs out there (mostly outside the US,
> but...) that we can't even get to stop a user (for example) flooding our
> network with UDP packets... that it just seems to make ISP fining on a
> global scale impracticle.
That's a different issue.
> Your logic about users needing to pay the true economic cost of their
> software is sound... but ISPs aren't going to be the ones to charge them.
Well, I said ISPs because they're in the best position to detect the
problem early on.
> It it were me, I think it would be much more reasonable to have the
> government fine the software producers that *make* the buggy software.
But unless you can show harm to the users of that software, the
government will likely lose its case. That's why the first (painful)
step must be to make the users of the software pay the *true* "Total
Cost of Ownership."
Regards,
David.
More information about the MIMEDefang
mailing list