This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] GDPR - positive effects on email abuse
- Previous message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
- Next message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Carlos Friaças
cfriacas at fccn.pt
Tue May 29 16:33:08 CEST 2018
Hi Jordi, I guess his point is the mail server, to communicate, needs an IP address. Then, that IP address belongs to a netblock, and should be registered (also on whois, but on a different database...). And he is ranting about the lack of abuse contacts related to IP netblocks -- unfortunately there are a lot missing or incorrect... Carlos On Tue, 29 May 2018, JORDI PALET MARTINEZ via anti-abuse-wg wrote: > Well, we disagree in the definition of abuse maybe? > > You can find many definitions of this: > > "Spamming is the abuse of electronic messaging systems to send unsolicited bulk messages, which are generally undesired" > > So, spam is abuse, and I don't need to know IPs to send spam. The mail server will use DNS to find them. > > Regards, > Jordi > > > > -----Mensaje original----- > De: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> en nombre de ox <andre at ox.co.za> > Organización: ox.co.za > Fecha: martes, 29 de mayo de 2018, 15:57 > Para: JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg at ripe.net> > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse > > > I am so happy that you are asking this question :) > > This is what causes much confusion with people, including experienced > netadmins, sysadmins and many very technically advanced people. > > You can use any email address as an example: anti-abuse-wg at ripe.net > > Please think about it for a second: > > How would you go about sending spam to this email address without using > an IP number? > > It is not possible for Internet abuse to exist - without an IP number. > > So, for this wg : EVERYTHING that is abuse is powered by IP numbers. > > Andre > > On Tue, 29 May 2018 15:51:38 +0200 > JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg at ripe.net> wrote: > > > How come you can't send spam without the IP? > > > > I can look for new registered domains, use whois for catching the > > emails that appear there, and then spam them. > > > > This is something that I experience everytime I register a new > > domain, tons of spams to the whois recently created email contacts. > > > > Regards, > > Jordi > > > > > > > > -----Mensaje original----- > > De: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> en nombre de ox > > <andre at ox.co.za> Organización: ox.co.za > > Fecha: martes, 29 de mayo de 2018, 15:39 > > Para: <anti-abuse-wg at ripe.net> > > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email abuse > > > > > > Please correct me if you think I am wrong: > > > > 1. > > You cannot send spam without an IP number. > > > > 2. > > You cannot do any abuse without an IP number. > > > > > > I can do a whois on any.com or some.eu and have a tech or abuse > > email address and WORKING registrar contact information. > > > > I cannot do a whois on ALL ripe assigned ipv4 resources and get > > accurate and/or working resource contact information. > > > > > > So, where the problem is - is easy to see, no? > > > > Andre > > > > > > On Tue, 29 May 2018 15:12:27 +0200 > > JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg at ripe.net> > > wrote: > > > I consider an abuse the fact of collecting emails and sending > > > spam. Also, if you have a domain, you can see what IPs are > > > related to it for other kinds of abuses. > > > > > > Regards, > > > Jordi > > > > > > > > > > > > -----Mensaje original----- > > > De: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> en nombre de > > > ox <andre at ox.co.za> Organización: ox.co.za > > > Fecha: martes, 29 de mayo de 2018, 14:32 > > > Para: <anti-abuse-wg at ripe.net> > > > Asunto: Re: [anti-abuse-wg] GDPR - positive effects on email > > > abuse > > > > > > > > > Abuse has nothing to do with a domain name. > > > > > > Nobody can abuse anyone armed only with a domain name. > > > > > > Without using an actual IP number, a domain name can do > > > nothing. > > > Protecting the privacy of a domain registrant is absolutely > > > correct. > > > The trouble is that network operators are resistant to > > > accept the responsibility (costs, issues, trouble) of managing > > > abuse > > > Even if you do a whois right now, you will find a functional > > > registrar abuse email address. > > > > > > The same cannot yet be said for the resources assigned by > > > this RR > > > Andre > > > > > > > > > On Tue, 29 May 2018 14:00:44 +0200 > > > JORDI PALET MARTINEZ via anti-abuse-wg > > > <anti-abuse-wg at ripe.net> wrote: > > > > Whois, as everything in the life, has good and bad things. > > > > Against: Privacy invaded. In fact, when you register a new > > > > domain and you associate a visible email to it, in a > > > > matter of hours, you get spam. > > > > Pro: If it is a real email with humans behind, it > > > > facilitates the resolution of abuse cases. > > > > The balance is always difficult ... > > > > Regards, > > > > Jordi > > > > > > > > > > > De: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> en > > > > nombre de Volker Greimann <vgreimann at key-systems.net> > > > > Fecha: martes, 29 de mayo de 2018, 13:49 Para: Suresh > > > > Ramasubramanian <ops.lists at gmail.com>, > > > > "anti-abuse-wg at ripe.net" <anti-abuse-wg at ripe.net> Asunto: > > > > Re: [anti-abuse-wg] GDPR - positive effects on email abuse > > > > > > > > > > > > > > > > Even in those cases, whois is but one tool that helps > > > > identify bad actors by means of violating privacy rights > > > > of millions. There are other tools, like DNS traces, > > > > reviews of hosting infrastructures used, etc. all of > > > > which will continue to be available for the uses you > > > > refer to. > > > > > > > > And maybe it is time to ensure law enforcement is better > > > > equipped to deal with such issues earlier and faster. Up > > > > to now, governments have been afforded the luxury of > > > > being able to underfund such efforts as others were doing > > > > their jobs for them. Maybe this will lead to better law > > > > enforcement and international cooperation. > > > > > > > > Best, > > > > > > > > Volker > > > > > > > > > > > > > > > > Am 29.05.2018 um 13:34 schrieb Suresh Ramasubramanian: > > > > > > > > This unfortunately is entirely wrong and short sighted > > > > > > > > > > > > > > > > All security practitioners protect our respective > > > > services and networks against a wide variety of threats > > > > including malware and phish campaigns. > > > > > > > > > > > > > > > > Very few of those go on to be referred to law enforcement > > > > and that only after an extensive dossier is built > > > > internally to show that the perps in question justify a - > > > > frequently cross border - law enforcement action. > > > > > > > > > > > > > > > > Security and protecting user privacy go hand in hand and > > > > I wish more people realised that, and maybe also realised > > > > the resource and administrative lconstraints and limits > > > > law enforcement is saddled with > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > From: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> on > > > > behalf of Volker Greimann <vgreimann at key-systems.net> > > > > Sent: Tuesday, May 29, 2018 4:06:18 PM To: > > > > anti-abuse-wg at ripe.net Subject: Re: [anti-abuse-wg] GDPR > > > > - positive effects on email abuse > > > > > > > > > > > > > > > > Wow, the level of narrowmindedness and fearmongering is > > > > high with this one. > > > > > > > > Crime online will likely not increase due to GDPR. It may > > > > be more difficult to detect and take action against due > > > > to the loss of one tool amongst many, but ultimately that > > > > tool was illegal to begin with as it violated the rights > > > > to privacy of millions of domain owners. > > > > > > > > "Private researchers" and other vigilantes or rent-a-cops > > > > will indeed have a more difficult time to obtain such > > > > data as they will finally have to do so by legal means, > > > > but then they are in an untenable position anyway, taking > > > > upon themselves functions that should be fulfilled by > > > > actual law enforcement. > > > > > > > > Ultimately, private data if internet users no longer being > > > > public will lead to better registration data for those > > > > with a right to access it. Those with no such rights will > > > > have to figure out alternate routes to do their jobs that > > > > does not violate the rights of millions. > > > > > > > > Best, > > > > > > > > Volker > > > > > > > > > > > > > > > > Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette: > > > > > ox <andre at ox.co.za> wrote: > > > > > > > > > >> Firstly I would like to comment that the > > > > >> multinationals and their funded trade groups (and > > > > >> their lobby orgs) shouted from the rooftops that if > > > > >> the GDPR came into effect, Internet in the EU would > > > > >> collapse and there would be digital doom and > > > > >> gloom. > > > > > I am not a multinational. I am an individual volunteer > > > > > anti-abuse researcher. And yet even -I- have told > > > > > everyone I know that the disappearance of public WHOIS > > > > > is and will be an epic catastrophy. If there was > > > > > cybercrime on the Internet before, it will be > > > > > increased, going forward, by tenfold. > > > > >> How wrong they were (hindsight is perfect - as we can > > > > >> all clearly see) > > > > > Be patient. The change has only just occurred. > > > > > > > > > >> The EU has truly become a world and global leader in > > > > >> the reclamation of individual rights and the free > > > > >> Internet. > > > > > Here on this side of the pond, one usually has to turn > > > > > on Fox News in order to be treated to this level of > > > > > rubbish. > > > > > > > > > > The only thing that has happened is that private > > > > > researchers the world over have been effectively > > > > > blinded due to the supreme arogance and idiocy of > > > > > europeans... europeans who, in their religious fervor, > > > > > have come to view it as their holy obligation to foist > > > > > their demented notions onto the rest of the world, > > > > > whether any of the rest of us like it or not. > > > > > > > > > > Meanwhile the malevolent forces of state-sponsored > > > > > intrigue and violation of human rights are and shall > > > > > remain totally unfettered and unaffected by GDPR, as > > > > > they will be the first ones to obtain special > > > > > exemptions allowing them to continue to see WHOIS data. > > > > > The CIA, NSA, BDN, and FSB are undoubtedly celebrating > > > > > the arrival of GDPR, as it further entrenches their > > > > > special status at the expense of the great unwashes > > > > > masses. > > > > > > > > > > Friday was a sad day for both transparency and > > > > > democracy, but all across the globe both criminals and > > > > > statists undoubtedly celebrated it with toasts of > > > > > champaign. > > > > > > > > > > > > > > > Regards, > > > > > rfg > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ********************************************** > > > IPv4 is over > > > Are you ready for the new Internet ? > > > http://www.consulintel.es > > > The IPv6 Company > > > > > > This electronic message contains information which may be > > > privileged or confidential. The information is intended to be > > > for the exclusive use of the individual(s) named above and > > > further non-explicilty authorized disclosure, copying, > > > distribution or use of the contents of this information, even > > > if partially, including attached files, is strictly prohibited > > > and will be considered a criminal offense. If you are not the > > > intended recipient be aware that any disclosure, copying, > > > distribution or use of the contents of this information, even > > > if partially, including attached files, is strictly prohibited, > > > will be considered a criminal offense, so you must reply to the > > > original sender to inform about this communication and delete > > > it. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ********************************************** > > IPv4 is over > > Are you ready for the new Internet ? > > http://www.consulintel.es > > The IPv6 Company > > > > This electronic message contains information which may be privileged > > or confidential. The information is intended to be for the exclusive > > use of the individual(s) named above and further non-explicilty > > authorized disclosure, copying, distribution or use of the contents > > of this information, even if partially, including attached files, is > > strictly prohibited and will be considered a criminal offense. If you > > are not the intended recipient be aware that any disclosure, copying, > > distribution or use of the contents of this information, even if > > partially, including attached files, is strictly prohibited, will be > > considered a criminal offense, so you must reply to the original > > sender to inform about this communication and delete it. > > > > > > > > > > > > > > > > > ********************************************** > IPv4 is over > Are you ready for the new Internet ? > http://www.consulintel.es > The IPv6 Company > > This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. > > > > >
- Previous message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
- Next message (by thread): [anti-abuse-wg] GDPR - positive effects on email abuse
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]