This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] Abuse Finder Tool

Previous message (by thread): [anti-abuse-wg] Abuse Finder Tool
Next message (by thread): [anti-abuse-wg] Invitation from Balaji Nagalgave

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Denis Walker denis at ripe.net
Tue Apr 27 13:01:06 CEST 2010

Dear Colleagues,

We received these suggestions in response to the Abuse Finder tool
announced on RIPE Labs
http://labs.ripe.net/content/abuse-finder

- it would be helpful, if its noted in the output from wich object or field
 the abuse email address was extracted from (e.g. admin-c, tech-c, remarks,
 abuse-field aso)
 so output could look like:
 admin-c: noc at tester.de
 abuse-email: abuse at tester.de
 so that one can decide, wich one is really relevant for the own needs

- what are the exact limits ?
- is there a way of raising the limits for special cases (we maintain our
 own spam blcklist and do send about 30.000 reports, where there are
 about 5.000 to 8.000 reports originate from the RIPE region) daily
- how can the finder be testes via other protocols (then just a webpage)

We did think about applying some weighting to the email addresses
returned. However, the abuse handling data is not structured within the
RIPE Database. There are many places the abuse handling email can be
put. This depends on where the network administrator thinks is the most
appropriate place. It could be in an IRT object. Or in the admin-c of
the maintainer of the INETNUM object. Because it is very subjective, one
address is no more valuable or important than another. In most cases you
are unlikely to receive a long list of email address options. So the
actual objects they came from is less important.

One of the main reasons for developing this tool is to reduce the need
for users to query for personal data objects. In which case limits
become less relevant. With the current data structure we cannot yet
totally remove this need. Many abuse email addresses are contained in
remarks, some of which are within personal data objects. We return links
to the objects that contain remarks that may hold such an email address.
If the tool does not return any "abuse-mailbox:" email addresses you
will need to follow these links to the suggested objects with remarks.
By pointing to those objects that have such remarks this tool avoids the
need for users to directly query for all personal data objects referenced.

The back end web service can be accessed via any HTTP client library.
The response is available in XML or JSON.

Regards
Denis Walker
Business Analyst
RIPE NCC Database Group

Previous message (by thread): [anti-abuse-wg] Abuse Finder Tool
Next message (by thread): [anti-abuse-wg] Invitation from Balaji Nagalgave

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]