This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)

Previous message (by thread): [anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)
Next message (by thread): [anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Frank Gadegast ripe-anti-spam-wg at powerweb.de
Thu Nov 11 12:31:04 CET 2010

Jørgen Hovland wrote:
>
>
> On 11/11/10 10:21, Frank Gadegast wrote:
>>
>>> But making things mandatory doesn't solve poor design.
>>
>>
>> ??? please explain, dont get it.
>>
>
>
> You are unable to find the (abuse) contact because you don't know where
> to look, not that it isn't there because it wasn't mandatory.

The abuse-mailbox-field is not mandatory, and it did not
help at all. There are enough records, that have none (even
from interested LIRs) or that hide there abuse contacts
in remarks or simply think, that normal email-fields are enough,
leaving the complainant with a guess, which one is right.

So, it needs to be mandatory to have them all in one day.
Give people a choice and they will choose to do nothing ;o)

>> DDoS attacks happen every day, get detected and blocked.
> Exactly. Just like spam.

.. continues for ever.

We just had one last month, that was really enoying.
About 1300 machines hammered down a customers site.
Our detection blocked them all in about 20 minutes, but
the traffic still reached our edge routers and
firewalls. This is enoying, because our upstream
providers will not block single IPs on their side and
we will have to pay the traffic, just to block it straight
away.

flow-control detected to original IPs (most Sender-IPs
where faked), but it did not stop for about 3 weeks
until the PCs with a trojan finally got the order
from the attacker to do something else.

We tried to inform the responsible admins, but only
reached about 30% of them. The rest had no email at all
or no valid email address or returned with the usual
mailbox full or User unknown.
Would love to raise this rate.

>> There is no need for an email address of the admin-c.
>>
> I disagree, but it's optional and thats great.

Def right.

But this cannot be true for illegal actions ...

Kind regards, Frank
--
PHADE Software - PowerWeb                       http://www.powerweb.de
Inh. Dipl.-Inform. Frank Gadegast             mailto:frank at powerweb.de
Schinkelstrasse 17                                fon: +49 33200 52920
14558 Nuthetal OT Rehbruecke, Germany             fax: +49 33200 52921
======================================================================
Public PGP Key available for frank at powerweb.de

Previous message (by thread): [anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)
Next message (by thread): [anti-abuse-wg] 2010-08 New Policy Proposal (Abuse contact information)

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]