This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[anti-abuse-wg] Support of, and comments on, proposal 2010-08

Previous message (by thread): [anti-abuse-wg] Support of, and comments on, proposal 2010-08
Next message (by thread): [anti-abuse-wg] Support of, and comments on, proposal 2010-08

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alessandro Vesely vesely at tana.it
Wed Nov 17 17:40:35 CET 2010

On 17/Nov/10 16:11, Michele Neylon :: Blacknight wrote:
> [toppostfix]
> On 17 Nov 2010, at 15:31, Alessandro Vesely wrote:
>> On 17/Nov/10 14:45, Michele Neylon :: Blacknight wrote:
>>> Maybe there is an opportunity for this WG to work on operator
>>> education, though I am unsure as to the correct protocols and
>>> procedures for same
>> 
>> IMHO it may be very useful, as RIPE has enough moral impact.  Setting
>> up a procedure for coordinating periodic testing of abuse-mailboxes,
>> involving ISPs as well as some of their users (mail server admins),
>> might be a good starting point...
>
> I think you misunderstood what I was getting at.

I don't think so.  "Testing" implies that something actually works.

> While testing abuse mailboxes would have merit I was referring more
> to the general importance of handling abuse complaints and the
> overall impact that abuse could have for a business.

Tobia's proposal (2010-09) doesn't quite address testing, as it only
concerns update notifications and corresponding corrections.  How does
RIPE NCC become aware that a database object contains invalid
information?  By "testing an abuse-mailbox" I mean actually sending a
message to it, and verify the outcome.

Sending is the most effective way to determine an address' validity.
Thus, RIPE might define a "test" message-type.  It should work much
like any other complaint, except it does not affect reputation.  To
acknowledge the test, the recipient should send a response of some
kind; it should be designed so as to also allow testing feedback
loops.  So much for the merit of testing.

For the overall impact, building such a testing infrastructure implies
that operators learn to run automated scripts upon receiving messages
at their abuse-mailboxes, recognizing a few kinds of message formats
(arf, x-arf, and iodef extension; one or more of these should provide
for test messages.)  The possibility to serve feedback loops for
interested end users may also be aired, and postmasters may then want
to send test messages to their own ISPs to check they work as expected.

Previous message (by thread): [anti-abuse-wg] Support of, and comments on, proposal 2010-08
Next message (by thread): [anti-abuse-wg] Support of, and comments on, proposal 2010-08

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ anti-abuse-wg Archives ]