[anti-abuse-wg] Abuse Reporting Issues

Arnold wrote:

> On 3/15/2013 2:03 AM, MailPlus| David Hofstee wrote:
> 
>> Hi Frederik,
>>
>> I am such a person (DH3195-RIPE). I entered my email a long time ago.
>> Unlike passwords that expire and accounts that get locked when not
>> used, this vital contact info is never re-validated. We never get mail
>> that says: "Ripe wants to confirm that you are still having Role X in
>> your organisation. Click here to confirm.". A full-inbox bounce could
>> trigger a phone call. Etc.  Ripe should charge money for not keeping
>> records up to date.
> 
> My sentiments exactly.
> Without ongoing efforts to verify and costs to the client for failing to
> respond, all of this possibly keeps some people busy, but does nothing
> to help stem SPAM.

And even if there would be money involved, some way or another, SPAM would not
go away or become less.

It simply is a fact, that sending unsolicited messages simply is not illegal in
some places.

In some corners of the world it is even a business model. So whether the contact
info is "correct" (for any definition of), working (for any definition of) or not,
is mostly a non-issue in this case.

Bothering the RIPE NCC again and again is also not going to have a too big
impact.

There are quite a few other well-established mechanisms to fight unwanted (again,
for any definition of) activities. Like Regulators, Trade Commissions, national
and sector-specific or ISP-related CERTs and so on.

And - hopping on my soap-box - the real problem to solve is to educate the
users to *not* react to SPAM. No business gained by spamming, costing money
(even if it is cheap), would make it go away pretty quickly.
End soap-box :-)

Wilfried

> Arnold
> 
>>
>> In my (ESP) world, an email address that has not been used by the
>> list-owner for over a year is a risk for a spam trap ;-).
>>
>> Bye,
>>
>> David
>>
>> -----Oorspronkelijk bericht-----
>> Van: Fredrik Widell [mailto:fredrik at resilans.se]
>> Verzonden: vrijdag 15 maart 2013 09:30
>> Aan: MailPlus| David Hofstee
>> CC: Arnold; Denis Walker; Tobias Knecht; anti-abuse-wg at ripe.net
>> Onderwerp: Re: [anti-abuse-wg] Abuse Reporting Issues
>>
>> On Fri, 15 Mar 2013, MailPlus| David Hofstee wrote:
>>
>>
>>
>> There is a way of always reaching the correct recipients when it comes
>> to reporting abuse, which it seems every single abuse-department is
>> neglecting to use.
>>
>> Why not take a look at the source, see which Autonomous System is
>> actually announcing the prefix the address belongs to, it is quite
>> hard to hide that information.
>>
>> (there are a lot of free looking-glasses on the Internet for those of
>> you who does not have access to a router, or, why not use ripes
>> riswhois :)
>>
>> When you know the AS, return to the whois-databases and look for the
>> contact information for that Autonomous System, and contact them
>> instead, they will always know which the offending customer is, they
>> can always do something about the problem.
>>
>> And the best part, it actually works :)
>>
>>
>>
>>
>>
>>
>>
>>> I have never seen an email asking me to confirm that I still do the
>>> stuff that is listed in my local RIR...
>>>
>>> David
>>>
>>> -----Oorspronkelijk bericht-----
>>> Van: anti-abuse-wg-bounces at ripe.net
>>> [mailto:anti-abuse-wg-bounces at ripe.net] Namens Arnold
>>> Verzonden: vrijdag 15 maart 2013 09:29
>>> Aan: Denis Walker
>>> CC: Tobias Knecht; anti-abuse-wg at ripe.net
>>> Onderwerp: Re: [anti-abuse-wg] Abuse Reporting Issues
>>>
>>> On 3/14/2013 3:28 AM, Denis Walker wrote:
>>>
>>>> The RIPE Database contains many email addresses. These addresses are
>>>> there for different reasons. Many attributes may point you to an
>>>> email address, for example:
>>>> admin-c:
>>>> tech-c:
>>>> zone-c:
>>>> ping-hdl:
>>>> notify:
>>>> ref-nfy:
>>>> mnt-ref:
>>>> changed:
>>>>
>>>> and abuse-mailbox:
>>>>
>>>> Only this last one is specifically intended for abuse complaints. The
>>>> problem we had in the past is that this attribute was always optional
>>>> and if used could be put in many different places.
>>>
>>> I applaud the motion to make the attribute mandatory; whether it will
>>> have much effect in reality I'll wait and see.
>>>
>>> I realize there are many addresses in the RIPE database and if at all
>>> possible - for records without an abuse -email address - I tend to
>>> address my report to the admin-c, as I see those people as the most
>>> likely to have any influence on getting the 'problem' fixed.
>>>
>>>> I think in this context 'usable' may have different interpretations.
>>>> One of the functions of the RIPE Database is for engineers to be able
>>>> to contact each other to resolve network and routing problems.
>>>> Sending an abuse report to a network engineer because he has a
>>>> 'usable' email address in the database may not achieve the result
>>>> you were expecting.
>>>>
>>> No disagreement on this from me. I merely pointed out that for _my_
>>> purposes, the Abuse Finder is less useful than the IANA files or the
>>> RIPE query page.
>>>
>>>> The Abuse Finder tool returns the email addresses that have been
>>>> provided for receiving abuse reports. If no such address has been
>>>> provided the tool will return nothing, even if there are other email
>>>> addresses in the database that are intended for other purposes.
>>>
>>> Understood and accepted, but I have to and have had to work with what
>>> there was available.
>>> If the available resources change, with time my approach will change
>>> as well.
>>>
>>>> Over the next few months, as the abuse-c: data is entered into the
>>>> database, the Abuse Finder tool will return more positive results.
>>>> This will be the quickest and most reliable way to find abuse
>>>> contacts for any resource.
>>>
>>> Hope your expectations will become reality.
>>>
>>>
>>> Regards
>>> Arnold
>>>
>>>
> 
>