This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] 2019-04 Discussion Phase (Validation of "abuse-mailbox")
- Previous message (by thread): [anti-abuse-wg] 2019-04 Discussion Phase (Validation of "abuse-mailbox")
- Next message (by thread): [anti-abuse-wg] 2019-04 Discussion Phase (Validation of "abuse-mailbox")
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ángel González Berdasco
angel.gonzalez at incibe.es
Thu Apr 30 01:11:11 CEST 2020
Nick Hilliard wrote: > > and must not force the sender to use a form. > > It's not the job of the RIPE NCC to tell its members how to handle > abuse reports, and it is beyond inappropriate for this working group > to expect the RIPE NCC to withdraw numbering resources if member > organisations don't comply with an arbitrary policy which forces the > use of SMTP email like this. This is not how to *handle* abuse reports, but how to *receive* them. Given that the resource holder needs to provide an email mailbox for abuse contact, it doesn't seem so unreasonable to ask that it is possible to *gasp* send abuse reports using that abuse mailbox. Many autoreplies suggest you to use a form, as a way to speedy the request. However, if an abuse mailbox replies: > Your abuse request has NOT been proceed amd mpt tramsitted to our > team. > This automatic answer is NOT an acknowledge. > Your request MUST be report on httos;//... (a real case from a RIPE member), is it a working mailbox? What if abuse-c: pointed to abuse at example.com, then an autoreply told you to email instead bob at example.com, that john at example.com, that one jane at example.com, which replies that she is no longer and example.com and please could you send that to mary at example.com... Is that a "working mailbox"? Note we could have instead a abuse-uri rather than a mailbox, so that it could be reported via a mailto:, https://, gopher://... Ultimately, though, the real problem is to standardise the communication. That could be by using a mail compliant to x-arf (or anything else we might come up with), stating a set of fields needed by a REST abuse form, etc. And getting everyone to agree on such set of fields would be difficult. But once the information is structured, the next steps should be quite straightforward. According to whatever procedures you may have to handle these issues. Also, I should note that handling abuse _should_ be desirable for a member that *cares*. It may be a compromised host, an abusive customer... but a timely report would avoid, rather than just finding out when they find themselves on a third-party blacklist since nobody bothered to jump through the needed jumps just to tell them they needed to password reset a compromised account. Regards
- Previous message (by thread): [anti-abuse-wg] 2019-04 Discussion Phase (Validation of "abuse-mailbox")
- Next message (by thread): [anti-abuse-wg] 2019-04 Discussion Phase (Validation of "abuse-mailbox")
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]