[anti-abuse-wg] Need policy to require abuse contacts to accept abuse reports

Norman,

Thanks for your email. Policies can be proposed by anyone and they are 
considered on merit, not on the occupation of the proposer.

However such a policy must actually be written and put to the working 
group. If you are not able to do this, who is? The WG Chairs and the 
RIPE NCC are able to help with the drafting of a policy.

However I must warn you that historically such policies have not been 
met with great acceptance by the community. Things are always changing, 
of course, so who knows?

Thanks,

Brian
Co-Chair, RIPE Anti-Abuse WG

Brian Nisbet, Network Operations Manager
HEAnet Limited, Ireland's Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin 1
Registered in Ireland, no 275301  tel: +35316609040
web: http://www.heanet.ie/

Norman Diamond wrote on 18/09/2016 01:42:
> Several ISPs put useless abuse contact addresses in their RIPE registrations.
>
> I am told that RIPE only requires an ISP to register an address for the supposed purpose of reporting abuse, but RIPE doesn't require the ISP to actually accept abuse reports at the registered address.  Therefore a change in policy is required.
>
> Some examples are that an abuse address inspects a report for indications of spam.  If a spamming ISP observes that a victim's report includes a quotation of the ISP's spam, containing headers and contents to prove that the spam is spam and which IP address sent the spam, then the ISP bounces the victim's report back to the victim, because the ISP's spam really was spam and it's included in the victim's report.
>
> Some examples are that an abuse address inspects the mail server of the victim's ISP.  If a spamming ISP observes that their victim is a customer of a different ISP which formerly used to be an equally bad spamming ISP, then the ISP bounces the victim's report back to the victim.  The spamming ISP might reject the report even before seeing the contents of the report, terminating the mail connection early.  Or it might wait and bounce later.
>
> An improved RIPE policy would require an ISP to register an address where the ISP will actually accept reports of the ISP's spam.
>
> (Now, I am just an ordinary customer of an ISP, coincidentally one which formerly used to send a lot of spam, and I used to be more vicious in reporting my ISP's spam to its administrators than in reporting to most other ISPs.  In fact Yahoo US and Yahoo Japan often block each other because they know that they're both famous for spamming.  However, it seems they've cleaned up to the extent where they accept reports from each other's customers.  Anyway, I am just an ordinary customer, not an administrator, and this is not my job, so I intend to unsubscribe from this list in a few days.  Please kindly consider the foregoing suggestion on its own merits not on the suggester's occupation.)
>
> Yours sincerely,
> Norman Diamond
>
>