This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Need policy to require abuse contacts to accept abuse reports
- Previous message (by thread): [anti-abuse-wg] Need policy to require abuse contacts to accept abuse reports
- Next message (by thread): [anti-abuse-wg] Need policy to require abuse contacts to accept abuse reports
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Brian Nisbet
brian.nisbet at heanet.ie
Mon Sep 19 16:45:50 CEST 2016
Norman, Thanks for your email. Policies can be proposed by anyone and they are considered on merit, not on the occupation of the proposer. However such a policy must actually be written and put to the working group. If you are not able to do this, who is? The WG Chairs and the RIPE NCC are able to help with the drafting of a policy. However I must warn you that historically such policies have not been met with great acceptance by the community. Things are always changing, of course, so who knows? Thanks, Brian Co-Chair, RIPE Anti-Abuse WG Brian Nisbet, Network Operations Manager HEAnet Limited, Ireland's Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin 1 Registered in Ireland, no 275301 tel: +35316609040 web: http://www.heanet.ie/ Norman Diamond wrote on 18/09/2016 01:42: > Several ISPs put useless abuse contact addresses in their RIPE registrations. > > I am told that RIPE only requires an ISP to register an address for the supposed purpose of reporting abuse, but RIPE doesn't require the ISP to actually accept abuse reports at the registered address. Therefore a change in policy is required. > > Some examples are that an abuse address inspects a report for indications of spam. If a spamming ISP observes that a victim's report includes a quotation of the ISP's spam, containing headers and contents to prove that the spam is spam and which IP address sent the spam, then the ISP bounces the victim's report back to the victim, because the ISP's spam really was spam and it's included in the victim's report. > > Some examples are that an abuse address inspects the mail server of the victim's ISP. If a spamming ISP observes that their victim is a customer of a different ISP which formerly used to be an equally bad spamming ISP, then the ISP bounces the victim's report back to the victim. The spamming ISP might reject the report even before seeing the contents of the report, terminating the mail connection early. Or it might wait and bounce later. > > An improved RIPE policy would require an ISP to register an address where the ISP will actually accept reports of the ISP's spam. > > (Now, I am just an ordinary customer of an ISP, coincidentally one which formerly used to send a lot of spam, and I used to be more vicious in reporting my ISP's spam to its administrators than in reporting to most other ISPs. In fact Yahoo US and Yahoo Japan often block each other because they know that they're both famous for spamming. However, it seems they've cleaned up to the extent where they accept reports from each other's customers. Anyway, I am just an ordinary customer, not an administrator, and this is not my job, so I intend to unsubscribe from this list in a few days. Please kindly consider the foregoing suggestion on its own merits not on the suggester's occupation.) > > Yours sincerely, > Norman Diamond > >
- Previous message (by thread): [anti-abuse-wg] Need policy to require abuse contacts to accept abuse reports
- Next message (by thread): [anti-abuse-wg] Need policy to require abuse contacts to accept abuse reports
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]