This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] how to detect spambots - SPAMTrusted

Previous message (by thread): [anti-abuse-wg] how to detect spambots - SPAMTrusted
Next message (by thread): [anti-abuse-wg] how to detect spambots - SPAMTrusted

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Frank Gadegast ripe-anti-spam-wg at powerweb.de
Wed Mar 4 10:19:53 CET 2009

Jeffrey Race wrote:
> This simple wheel reinvented many times; need only to apply
> current knowledge.  If someone will work with me we can 
> submit the described RFC as is or improved as needed
> 
> 
>  <http://www.camblab.com/misc/univ_std.txt>
>    based on
>  <http://www.camblab.com/nugget/spam_03.pdf>
> 

Great.

I see two points here:

- the group should define regulations to force
   RIPE-members to detect spam originating from
   their own IPs
- the group should force members to have
   a working abuse email address

(its sad, that the once defined abuse-mailbox field
  in RIPEs whois never made it to be a needed field,
  this should be changed ASAP)

Our own blacklist under
http://www.dnsbl.de
sends out thousands of spam reports daily
to the email addresses of the network
administrators found in RIPEs whois.
Most email address do not work (user unknown,
mailbox full aso), a lot do send auto-replier
with ticket numbers (telefonica is great with
this), but never an email, that
the case has been solved, most do not react.

Currently there are only 2% answering or fixing
the problem.

Why do we not recommend to implement a system
at RIPE, where abuse reports could be CCed to
(including the netblock and the email address
  a report was sent too, the system then could
  check, if it was the right address and store
  a timestamp, any ISP should then be informed
  how he could send an email to RIPE to inform
  that hes working on it or that the case was
  fixed) so that RIPE can messure, wich ISP is really
fixing abuse cases ?

And: if any ISP collects more than 100
cases that are open for more than two weeks
without any reaction, the problem network
blocks are simply revoked by RIPE ;o)

RIPE should be able to implement such a
harsh system, because any member signed
to not pollute the internet already.

Kind regards, Frank

> 
> Jeffrey Race
> 
> 
> 

-- 

Mit freundlichen Gruessen,
--
PHADE Software - PowerWeb                       http://www.powerweb.de
Inh. Dipl.-Inform. Frank Gadegast             mailto:frank at powerweb.de
Schinkelstrasse 17                                fon: +49 33200 52920
14558 Nuthetal OT Rehbruecke, Germany             fax: +49 33200 52921
======================================================================
Public PGP Key available for frank at powerweb.de

Previous message (by thread): [anti-abuse-wg] how to detect spambots - SPAMTrusted
Next message (by thread): [anti-abuse-wg] how to detect spambots - SPAMTrusted

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]