[anti-abuse-wg] Manual vs automated reports

On Tue 24/Jul/2012 20:39:44 +0200 Reza Farzan wrote:
> To complement what Alessandro said, it is good that RFC 6650 splits
> abuse complaints between "solicited" and "unsolicited" ones, even
> though it may confuse common users.
> 
> The "solicited" should be reserved for Spam Cop, and other
> administrators who are trying to report Abuse/Spam activities to a
> network.

Perhaps I wasn't clear enough.  "Solicited", at least in the sense of
RFC 6650, refers to private agreements, e.g. like the one you apply
for at http://postmaster.aol.com/SupportRequest.FBL.php .   The FBL
email address involved in the agreement can be dedicated.

Perhaps RFC 6650 could have chosen a better term, but the definition
it gives is clear enough:

  The original, and still by far the most common, application of
  [RFC5965] is when two mail systems make a private agreement to
  exchange abuse reports -- usually reports due to recipients manually
  reporting messages as spam.  We refer to these as solicited reports.

> The "unsolicited" channel could be like a web form that encourages
> users to report Abuse/Spam activities to a network like the one
> that GoDaddy has:
> https://supportcenter.godaddy.com/Abuse/SpamReport.aspx?ci=22420.

Hm... yes.  Although explicitly asking for reports looks very much
like soliciting them, that form is more similar to an abuse-mailbox
published in its own peculiar way, than to an FBL.

> This way, the "solicited" channel (abuse at domain-name.com) would
> remain free of unsolicited inquiries, and network administrators
> could mange it more efficiently and process legitimate reports
> promptly.

Using an FBL address different from abuse at domain-name.com is a good
way to keep it free from other stuff.