This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] Draft Anti-Abuse Working Group Minutes - RIPE 60
- Previous message (by thread): [anti-abuse-wg] Draft Anti-Abuse Working Group Minutes - RIPE 60
- Next message (by thread): [anti-abuse-wg] Draft Anti-Abuse Working Group Minutes - RIPE 60
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Richard Cox
richard.cox at btuser.net
Tue Aug 10 01:19:20 CEST 2010
Frank Gadegast <ripe-anti-spam-wg at powerweb.de> wrote: >> Brian said there was some discussion in the Address Policy Working >> Group about certified routing and revocation of certificates. He said >> that at the moment there was no real way to stop routing in this way >> because people route what they want to route. > > This might be true, but removing networks from RIPEs databases will > also remove all reverse mapping and nameserver entries, right? It certainly should. > No mailserver, that is configured to fight only a bit against spam > accepts mail from IPs without a working reverse mapping. So, if RIPE > ever wants to punish network abusers, thats an easy way of doing it RIPE has no role to punish network abusers. RIPE should have a role to take appropriate action against those who abuse RIPE's resources. That would include providing false identity or configuration details in connection with a request for network resources. Those are the cases where revocation of those resources is needed - and of course the routing data would then have to be removed as a result. What is worth bearing in mind is that a revoked allocation should show up in IP-WHOIS as REVOKED for a given period of time after revocation. Otherwise we get the vexing situation where an abuser asks an ISP to route his IP block and tells the ISP, when they check RIPE's WHOIS and see "not found", "Oh dear, looks like the RIPE database isn't working. "Revoked" must be clearly visible. For example, nobody really knows why AS43074 and 193.109.246.0/23 are no longer in the RIPE database. But AS43074 (announcing 193.109.246.0/23) is being routed by STARNET in Moldova and bringing you all the lovely Zeus malware and similar. Network Next Hop Path *> 193.109.246.0/23 208.74.64.40 3257 31252 43074 i Unfortunately removing rDNS etc won't stop that malware spreading. -- Richard
- Previous message (by thread): [anti-abuse-wg] Draft Anti-Abuse Working Group Minutes - RIPE 60
- Next message (by thread): [anti-abuse-wg] Draft Anti-Abuse Working Group Minutes - RIPE 60
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]