This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] GDPR - positive effects on email abuse
- Previous message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
- Next message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Volker Greimann
vgreimann at key-systems.net
Tue May 29 16:23:13 CEST 2018
OK, let'S ban IP numbers then. Clearly they are evil! ;-) Am 29.05.2018 um 16:12 schrieb ox: > Jordi, > > This is a technical statement, it is not a pov (point of view) - it is a simple and salient fact: > > No abuse on the Internet is possible without an IP number. > > In your example: > > the mail server = the IP number. > > so the abuse originates from the mail server IP number. > > the DNS = IP number > > DNS is that service that translates names into numbers, so that you are > able to deliver your spam. > > a domain by itself can do nothing. > > hth > > Andre > > > On Tue, 29 May 2018 16:03:41 +0200 > JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg at ripe.net> wrote: > >> Well, we disagree in the definition of abuse maybe? >> >> You can find many definitions of this: >> >> "Spamming is the abuse of electronic messaging systems to send >> unsolicited bulk messages, which are generally undesired" >> >> So, spam is abuse, and I don't need to know IPs to send spam. The >> mail server will use DNS to find them. >> >> Regards, >> Jordi >> >> >> >> -----Mensaje original----- >> De: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> en nombre de ox >> <andre at ox.co.za> Organización: ox.co.za >> Fecha: martes, 29 de mayo de 2018, 15:57 >> Para: JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg at ripe.net> >> Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse >> >> >> I am so happy that you are asking this question :) >> >> This is what causes much confusion with people, including >> experienced netadmins, sysadmins and many very technically advanced >> people. >> You can use any email address as an example: >> anti-abuse-wg at ripe.net >> Please think about it for a second: >> >> How would you go about sending spam to this email address without >> using an IP number? >> >> It is not possible for Internet abuse to exist - without an IP >> number. >> So, for this wg : EVERYTHING that is abuse is powered by IP >> numbers. >> Andre >> >> On Tue, 29 May 2018 15:51:38 +0200 >> JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg at ripe.net> >> wrote: >> > How come you can't send spam without the IP? >> > >> > I can look for new registered domains, use whois for catching >> > the emails that appear there, and then spam them. >> > >> > This is something that I experience everytime I register a new >> > domain, tons of spams to the whois recently created email >> > contacts. >> > >> > Regards, >> > Jordi >> > >> > >> > >> > -----Mensaje original----- >> > De: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> en nombre de >> > ox <andre at ox.co.za> Organización: ox.co.za >> > Fecha: martes, 29 de mayo de 2018, 15:39 >> > Para: <anti-abuse-wg at ripe.net> >> > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email >> > abuse >> > >> > >> > Please correct me if you think I am wrong: >> > >> > 1. >> > You cannot send spam without an IP number. >> > >> > 2. >> > You cannot do any abuse without an IP number. >> > >> > >> > I can do a whois on any.com or some.eu and have a tech or >> > abuse email address and WORKING registrar contact information. >> > >> > I cannot do a whois on ALL ripe assigned ipv4 resources and >> > get accurate and/or working resource contact information. >> > >> > >> > So, where the problem is - is easy to see, no? >> > >> > Andre >> > >> > >> > On Tue, 29 May 2018 15:12:27 +0200 >> > JORDI PALET MARTINEZ via anti-abuse-wg >> > <anti-abuse-wg at ripe.net> wrote: >> > > I consider an abuse the fact of collecting emails and >> > > sending spam. Also, if you have a domain, you can see >> > > what IPs are related to it for other kinds of abuses. >> > > >> > > Regards, >> > > Jordi >> > > >> > > >> > > >> > > -----Mensaje original----- >> > > De: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> en >> > > nombre de ox <andre at ox.co.za> Organización: ox.co.za >> > > Fecha: martes, 29 de mayo de 2018, 14:32 >> > > Para: <anti-abuse-wg at ripe.net> >> > > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on >> > > email abuse >> > > >> > > >> > > Abuse has nothing to do with a domain name. >> > > >> > > Nobody can abuse anyone armed only with a domain name. >> > > >> > > Without using an actual IP number, a domain name can >> > > do nothing. >> > > Protecting the privacy of a domain registrant is >> > > absolutely correct. >> > > The trouble is that network operators are resistant to >> > > accept the responsibility (costs, issues, trouble) of >> > > managing abuse >> > > Even if you do a whois right now, you will find a >> > > functional registrar abuse email address. >> > > >> > > The same cannot yet be said for the resources >> > > assigned by this RR >> > > Andre >> > > >> > > >> > > On Tue, 29 May 2018 14:00:44 +0200 >> > > JORDI PALET MARTINEZ via anti-abuse-wg >> > > <anti-abuse-wg at ripe.net> wrote: >> > > > Whois, as everything in the life, has good and bad >> > > > things. Against: Privacy invaded. In fact, when you >> > > > register a new domain and you associate a visible >> > > > email to it, in a matter of hours, you get spam. >> > > > Pro: If it is a real email with humans behind, it >> > > > facilitates the resolution of abuse cases. >> > > > The balance is always difficult ... >> > > > Regards, >> > > > Jordi >> > > >> > > > >> > > > De: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> >> > > > en nombre de Volker Greimann >> > > > <vgreimann at key-systems.net> Fecha: martes, 29 de >> > > > mayo de 2018, 13:49 Para: Suresh Ramasubramanian >> > > > <ops.lists at gmail.com>, "anti-abuse-wg at ripe.net" >> > > > <anti-abuse-wg at ripe.net> Asunto: Re: >> > > > [anti-abuse-wg] GDPR - positive effects on email >> > > > abuse >> > > > >> > > > >> > > > >> > > > Even in those cases, whois is but one tool that >> > > > helps identify bad actors by means of violating >> > > > privacy rights of millions. There are other tools, >> > > > like DNS traces, reviews of hosting infrastructures >> > > > used, etc. all of which will continue to be >> > > > available for the uses you refer to. >> > > > >> > > > And maybe it is time to ensure law enforcement is >> > > > better equipped to deal with such issues earlier >> > > > and faster. Up to now, governments have been >> > > > afforded the luxury of being able to underfund such >> > > > efforts as others were doing their jobs for them. >> > > > Maybe this will lead to better law enforcement and >> > > > international cooperation. >> > > > >> > > > Best, >> > > > >> > > > Volker >> > > > >> > > > >> > > > >> > > > Am 29.05.2018 um 13:34 schrieb Suresh >> > > > Ramasubramanian: >> > > > >> > > > This unfortunately is entirely wrong and short >> > > > sighted >> > > > >> > > > >> > > > >> > > > All security practitioners protect our respective >> > > > services and networks against a wide variety of >> > > > threats including malware and phish campaigns. >> > > > >> > > > >> > > > >> > > > Very few of those go on to be referred to law >> > > > enforcement and that only after an extensive >> > > > dossier is built internally to show that the perps >> > > > in question justify a - frequently cross border - >> > > > law enforcement action. >> > > > >> > > > >> > > > >> > > > Security and protecting user privacy go hand in >> > > > hand and I wish more people realised that, and >> > > > maybe also realised the resource and administrative >> > > > lconstraints and limits law enforcement is saddled >> > > > with >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > >> > > > From: anti-abuse-wg >> > > > <anti-abuse-wg-bounces at ripe.net> on behalf of >> > > > Volker Greimann <vgreimann at key-systems.net> Sent: >> > > > Tuesday, May 29, 2018 4:06:18 PM To: >> > > > anti-abuse-wg at ripe.net Subject: Re: [anti-abuse-wg] >> > > > GDPR >> > > > - positive effects on email abuse >> > > > >> > > > >> > > > >> > > > Wow, the level of narrowmindedness and >> > > > fearmongering is high with this one. >> > > > >> > > > Crime online will likely not increase due to GDPR. >> > > > It may be more difficult to detect and take action >> > > > against due to the loss of one tool amongst many, >> > > > but ultimately that tool was illegal to begin with >> > > > as it violated the rights to privacy of millions of >> > > > domain owners. >> > > > >> > > > "Private researchers" and other vigilantes or >> > > > rent-a-cops will indeed have a more difficult time >> > > > to obtain such data as they will finally have to do >> > > > so by legal means, but then they are in an >> > > > untenable position anyway, taking upon themselves >> > > > functions that should be fulfilled by actual law >> > > > enforcement. >> > > > >> > > > Ultimately, private data if internet users no >> > > > longer being public will lead to better >> > > > registration data for those with a right to access >> > > > it. Those with no such rights will have to figure >> > > > out alternate routes to do their jobs that does not >> > > > violate the rights of millions. >> > > > >> > > > Best, >> > > > >> > > > Volker >> > > > >> > > > >> > > > >> > > > Am 28.05.2018 um 21:13 schrieb Ronald F. >> > > > Guilmette: >> > > > > ox <andre at ox.co.za> wrote: >> > > > > >> > > > >> Firstly I would like to comment that the >> > > > >> multinationals and their funded trade groups (and >> > > > >> their lobby orgs) shouted from the rooftops that >> > > > >> if the GDPR came into effect, Internet in the EU >> > > > >> would collapse and there would be digital doom >> > > > >> and gloom. >> > > > > I am not a multinational. I am an individual >> > > > > volunteer anti-abuse researcher. And yet even -I- >> > > > > have told everyone I know that the disappearance >> > > > > of public WHOIS is and will be an epic >> > > > > catastrophy. If there was cybercrime on the >> > > > > Internet before, it will be increased, going >> > > > > forward, by tenfold. >> > > > >> How wrong they were (hindsight is perfect - as >> > > > >> we can all clearly see) >> > > > > Be patient. The change has only just occurred. >> > > > > >> > > > >> The EU has truly become a world and global >> > > > >> leader in the reclamation of individual rights >> > > > >> and the free Internet. >> > > > > Here on this side of the pond, one usually has to >> > > > > turn on Fox News in order to be treated to this >> > > > > level of rubbish. >> > > > > >> > > > > The only thing that has happened is that private >> > > > > researchers the world over have been effectively >> > > > > blinded due to the supreme arogance and idiocy of >> > > > > europeans... europeans who, in their religious >> > > > > fervor, have come to view it as their holy >> > > > > obligation to foist their demented notions onto >> > > > > the rest of the world, whether any of the rest of >> > > > > us like it or not. >> > > > > >> > > > > Meanwhile the malevolent forces of state-sponsored >> > > > > intrigue and violation of human rights are and >> > > > > shall remain totally unfettered and unaffected by >> > > > > GDPR, as they will be the first ones to obtain >> > > > > special exemptions allowing them to continue to >> > > > > see WHOIS data. The CIA, NSA, BDN, and FSB are >> > > > > undoubtedly celebrating the arrival of GDPR, as >> > > > > it further entrenches their special status at the >> > > > > expense of the great unwashes masses. >> > > > > >> > > > > Friday was a sad day for both transparency and >> > > > > democracy, but all across the globe both >> > > > > criminals and statists undoubtedly celebrated it >> > > > > with toasts of champaign. >> > > > > >> > > > > >> > > > > Regards, >> > > > > rfg >> > > > > >> > > > >> > > >> > > >> > > >> > > >> > > >> > > >> > > ********************************************** >> > > IPv4 is over >> > > Are you ready for the new Internet ? >> > > http://www.consulintel.es >> > > The IPv6 Company >> > > >> > > This electronic message contains information which may be >> > > privileged or confidential. The information is intended >> > > to be for the exclusive use of the individual(s) named >> > > above and further non-explicilty authorized disclosure, >> > > copying, distribution or use of the contents of this >> > > information, even if partially, including attached files, >> > > is strictly prohibited and will be considered a criminal >> > > offense. If you are not the intended recipient be aware >> > > that any disclosure, copying, distribution or use of the >> > > contents of this information, even if partially, >> > > including attached files, is strictly prohibited, will be >> > > considered a criminal offense, so you must reply to the >> > > original sender to inform about this communication and >> > > delete it. >> > > >> > > >> > > >> > > >> > > >> > >> > >> > >> > >> > >> > >> > ********************************************** >> > IPv4 is over >> > Are you ready for the new Internet ? >> > http://www.consulintel.es >> > The IPv6 Company >> > >> > This electronic message contains information which may be >> > privileged or confidential. The information is intended to be >> > for the exclusive use of the individual(s) named above and >> > further non-explicilty authorized disclosure, copying, >> > distribution or use of the contents of this information, even >> > if partially, including attached files, is strictly prohibited >> > and will be considered a criminal offense. If you are not the >> > intended recipient be aware that any disclosure, copying, >> > distribution or use of the contents of this information, even >> > if partially, including attached files, is strictly prohibited, >> > will be considered a criminal offense, so you must reply to the >> > original sender to inform about this communication and delete >> > it. >> > >> > >> > >> > >> > >> >> >> >> >> >> >> ********************************************** >> IPv4 is over >> Are you ready for the new Internet ? >> http://www.consulintel.es >> The IPv6 Company >> >> This electronic message contains information which may be privileged >> or confidential. The information is intended to be for the exclusive >> use of the individual(s) named above and further non-explicilty >> authorized disclosure, copying, distribution or use of the contents >> of this information, even if partially, including attached files, is >> strictly prohibited and will be considered a criminal offense. If you >> are not the intended recipient be aware that any disclosure, copying, >> distribution or use of the contents of this information, even if >> partially, including attached files, is strictly prohibited, will be >> considered a criminal offense, so you must reply to the original >> sender to inform about this communication and delete it. >> >> >> >> >> > -- Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung. Mit freundlichen Grüßen, Volker A. Greimann - Rechtsabteilung - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann at key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: www.facebook.com/KeySystems www.twitter.com/key_systems Geschäftsführer: Alexander Siffrin Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen. -------------------------------------------- Should you have any further questions, please do not hesitate to contact us. Best regards, Volker A. Greimann - legal department - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann at key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Follow us on Twitter or join our fan community on Facebook and stay updated: www.facebook.com/KeySystems www.twitter.com/key_systems CEO: Alexander Siffrin Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
- Previous message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
- Next message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]