This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
- Previous message (by thread): [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
- Next message (by thread): [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Carlos Friaças
cfriacas at fccn.pt
Wed Jan 15 22:58:17 CET 2020
Hi, On Wed, 15 Jan 2020, JORDI PALET MARTINEZ via anti-abuse-wg wrote: > In my opinion, the actual situation is the worst. We are validating over "nothing". We don't know how many of the "validated" mailboxes are real, or even read, full, etc. > > I will prefer a mandatory abuse-c which is validated in the way I'm proposing, as it is being done in ARIN and APNIC and soon in LACNIC. This detail is interesting... > If this can't reach consensus, I prefer to know in advance "this > operator doesn't handle abuses" that wasting time in reporting them. I > will have the choice to just block their network and when several folks > block them and their customers complain, then they may change their > mind. I was wondering if this "block" would mean blocking all prefixes announced by the same ASN, or just the prefix where the abuse originated from. > Better 50% of good and *real* validated abuse contacts than 100% from which I don't know how may are for real. As i already stated, i'm more worried about someone using real e-mail addresses of real unrelated people than the /dev/null or unattended mailboxes. When someone uses a 3rd party address without authorization+knowledge, i think it's reasonable to allow for a fix, instead of directly running to ripe-716. Cheers, Carlos > El 15/1/20 8:24, "anti-abuse-wg en nombre de Carlos Friaças via anti-abuse-wg" <anti-abuse-wg-bounces at ripe.net en nombre de anti-abuse-wg at ripe.net> escribió: > > > Hi, > > I obviously don't speak for the incident handling community, but i think > this (making it optional) would be a serious step back. The current > situation is already very bad when in some cases we know from the start > that we are sending (automated) messages/notices to blackholes. > > To an extreme, there should always be a known contact responsible for > any network infrastructure. If this is not the case, what's the purpose > of a registry then? > > Regards, > Carlos > > > > On Tue, 14 Jan 2020, Leo Vegoda wrote: > > > On Tue, Jan 14, 2020 at 1:48 AM Gert Doering <gert at space.net> wrote: > > > > [...] > > > >> A much simpler approach would be to make abuse-c: an optional attribute > >> (basically, unrolling the "mandatory" part of the policy proposal that > >> introduced it in the first place) > > > > This seems like a simple approach for letting network operators > > indicate whether or not they will act on abuse reports. If there's no > > way of reporting abuse then the operators clearly has no processes for > > evaluating reports, or acting on them. This helps everyone save time. > > > > Regards, > > > > Leo Vegoda > > > > > > > > ********************************************** > IPv4 is over > Are you ready for the new Internet ? > http://www.theipv6company.com > The IPv6 Company > > This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. > > > > >
- Previous message (by thread): [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
- Next message (by thread): [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]