[anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)

On 23.01.2018 13:52, Name wrote:
> Autoresponders/webforms should actually be encouraged, because a stand alone 
> email address means that all a spammer/attacker has to do to is flood that email 
> account with bogus data and the valid reports will either get lost amongst the 
> genuine ones, or the inbox will become full. A CAPTCHA can increase the 
> reliability of reports.

As explained in my last email, manually filling out webforms does not work
for CERTs and other security teams sending hundreds of abuse complaints
per day in a (semi-)automated fashion. The reports are usually sent with
a ticket number in the subject line to track the status/responses in a
ticketing system.


> A ticket/web-form solution also removes the possibility of what i spoke about 
> before, where administrators install spam filters on their email system and 
> don't exclude the abuse email box from the spam filter, resulting in spam 
> complaints being rejected.

This problem should probably be addressed in the policy as well (make sure
your spam filters don't reject legit complaints).


     - Thomas

CERT-Bund Incident Response & Malware Analysis Team