[anti-abuse-wg] 2011-06 New Policy Proposal (Abuse Contact Management in the RIPE NCC Database)

chrish at consol.net wrote:
> Hi!

Hi,

> There already is an admin-c.

Well, administration is something completely different than abuse 
responsibilty, right ?
One is called "administration", the other is "abuse" ...
... "administration", "abuse", you see, two different words.
Two different responsibilities.

I somehow got puzzled, because you really think, that somebody should
try to reach your admin-c, when reporting spam or other abuse.
The admin-c is the administration, the CEO, the owner, not the
administrator of some resources.
Could that all explain your big confusion ?

Yes, and thats why your arguments are all wrong and useless and are
only confusing.

 > And what responsibility are you referring to?

Surely your responsibility for the use of the resources giving your
company by your RIR/LIR.
Who should I contact, if one of your servers on your networks got hacked
and misused for attacking our networks ?

Please publish some email addresses at the right places, so I could
contact you quick as possible, what also helps you to identify
problems.
I will defny not contact your admin-c, hes probably on a long business
trip aqcuiring a third company, maybe "Consol Ltd.", making holidays or 
is ill, I need an email address of your anti abuse staff beeing
read 24x7 and no postal address or phone only working daytime on
business days.

 > ConSol* GmbH is - as you probably already know from your extensive 
research, which btw also shows that your 'accusation' of 'hiding' is 
obviously unfounded - not my company.

Hm, obviously wrong, these to companies are directly nested:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr rd ra; Ques: 1, Ans: 1, Auth: 3, Addit: 2
;; QUESTIONS:
;;      consol.net, type = MX, class = IN

;; ANSWERS:
consol.net.     63955   MX      10 mailrelay.consol.de.

;; AUTHORITY RECORDS:
consol.net.     63955   NS      dns3.consol.net.
consol.net.     63955   NS      dns2.consol.net.
consol.net.     63955   NS      dns1.consol.net.

And you have an address under @consol.net
But you are using the internal resources, mailservers and gateways
of consol.de
So: consol.de and consol.net are the same and you are an internal.

Received: from sol1.bb.consol.de (sol1.bb.consol.de [10.250.0.71])
         by gw1.consol.de (8.14.4/8.14.4) with ESMTP id pB7L3g6f040098


BTW: you have no signature attached, thats why it has to go over
the list only. Im not sending somebody email, when hes not open
enough to tell who he is.

> To force admin-cs to use different/multiple mailboxes, another attribute is necessary.
> That would be abuse-mailbox.
> This already exists, so everybody who wants to use it, can use it. It's just that currently nobody is forced to use it, if you don't want/need to use it, you don't have to.
>
>> So, everybody thats has to complain simply knows now who to contact
>
> ...that would be the admin-c.
> And following the proposal: in some cases following weird, diffuse, and sparsely defined policies maybe also an abuse-c.
>
>> and will nevermore bother somebodys personal email address like
>> the email named in the admin-c (see an example below).
>
> The email address listed in my admin-c object is not my private personal email, but the email address chosen for the admin-c - for being contacted in case of administrative issues.
> This is true for both role and person objects.
> If you don't want to be emailed personally, use a role object. If you don't want people to use a specific email - don't list it in your contact objects!
>
> Even if you chose for whatever strange reason to enter into a role or person object an email you don't want people querying the db to know/use, what you would need following that rationale is an abuse-mailbox attribute for that admin-c object. Not another -c object.
> (Actually I guess a new 'secret-email' attribute would fit best for your needs)
>
>> The other places will fanish just in the moment the abuse-c is
>> introduced, simply because because every resource owner has
>> to re-think, how a complaint should reach him.
>
> Sorry, no. According to the proposal, there will be additional objects and attributes. And people are forced to 'accept' being bulk-spammed. That's it.
>
> The rest is prophecy (and experience suggests the opposite - see the remarks on contradicting abuse-mailbox and other attributes in this very same thread).
>
> Btw, a short hint for resource owners on how to be contacted:
> - list your postal address in the way you'd wish to be contacted by postal service
> - list the phone number you'd wish to be contacted by by phone
> - list the fax number you'd wish to be contacted by by fax, or leave it out if you don't want to be contacted by fax
> - list the email address you'd wish to be contacted by, or leave it out if you don't want to be contacted by email
> - list the abuse-mailbox email address you'd wish to be contacted by in case of abuse complaints in case you wish to have a special mailbox for those, or leave it out if you don't
>
>> If the resource owner does not like any confusion, he will
>> have to remove abuse contacts from the remark section.
>
> Non-sequitur.
> I'd say: to minimize confusion, let's not add the proposed stuff. :)
>
>> Its the usual reaction from somebody who likes to hide his personal
>> responsibility:
>
> Well I think my explanation was quite comprehensive.
>
> On the other hand I think trying to go ad personam in a technical discussion should not be accepted.
>
> ConSol* GmbH is - as you probably already know from your extensive research, which btw also shows that your 'accusation' of 'hiding' is obviously unfounded - not my company. I'm working for ConSol*, and domain registration is not in my areas of responsibility or influence. Having said that - while wondering why, I mean it's not (well - it shouldn't be) your business - you might want to return to on-topic, non-ad-personam discussion.
> And what responsibility are you referring to? I mean, this sounds like I'm supposed to "take the responsibility to disagree with you"? Spooky...
>
>> hm, no abuse contact in the remarks, no abuse-mailbox, no nothing ...
>
> Thanks for providing the opportunity to point that out.
> There is no abuse-c (well...), there is no abuse-mailbox, but there's no no nothing: there is an admin-c, and that admin-c has (among other contact data) an e-mail.
>
>> And a personal email address, thats obviously not related to
>> your company (mabye simple because a lot of spam and wrong
>> complains is arriving there).
>
> Again, all this is pulled out of thin air (much like the 'substance' of the proposal, if you ask me).
>
> It's a person object, in that regard 'personal email address' is probably formally right. And also: not surprising. :)
> I don't see how that is 'obviously not related to the company'. And regarding the rest of your statement, I don't quite understand what you're trying to say there.
>
>> You should really support the proposal, it will help you a lot.
>
> Well actually, as I already explained, at least for the broad majority this proposal doesn't help, but complicates things and causes partly severe problems. So I don't really see a future for it...
> And this also doesn't really seem to change, it actually gets worse: in your reply I didn't find a single argument explaining or clarifying on the issues I mentioned, or bringing forward any new or neglected aspects. And experience shows that being attacked personally when trying to discuss a technical issue is a red flag regarding the subject and/or the motivation of the attacking party...
>
> I still failed to see who might be 'helped' by the proposed stuff, and how... I mean, I'm convinced the authors at least had to think this will somehow help them, but I don't see how...
>
> Regards,
>
> 	Chris
>
>


Kind regards, Frank
--
PHADE Software - PowerWeb                       http://www.powerweb.de
Inh. Dipl.-Inform. Frank Gadegast             mailto:frank at powerweb.de
Schinkelstrasse 17                                fon: +49 33200 52920
14558 Nuthetal OT Rehbruecke, Germany             fax: +49 33200 52921
======================================================================

-- 

Mit freundlichen Gruessen,
--
PHADE Software - PowerWeb                       http://www.powerweb.de
Inh. Dipl.-Inform. Frank Gadegast             mailto:frank at powerweb.de
Schinkelstrasse 17                                fon: +49 33200 52920
14558 Nuthetal OT Rehbruecke, Germany             fax: +49 33200 52921
======================================================================