This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
- Previous message (by thread): [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
- Next message (by thread): [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
JORDI PALET MARTINEZ
jordi.palet at consulintel.es
Wed Jan 15 23:09:41 CET 2020
Hi Carlos, El 15/1/20 22:58, "Carlos Friaças" <cfriacas at fccn.pt> escribió: Hi, On Wed, 15 Jan 2020, JORDI PALET MARTINEZ via anti-abuse-wg wrote: > In my opinion, the actual situation is the worst. We are validating over "nothing". We don't know how many of the "validated" mailboxes are real, or even read, full, etc. > > I will prefer a mandatory abuse-c which is validated in the way I'm proposing, as it is being done in ARIN and APNIC and soon in LACNIC. This detail is interesting... In my opinion it reached consensus also in the last AFRINIC meeting, but chairs didn't agree, and I don't want to start an appeal. So, I will retry in the next meeting. > If this can't reach consensus, I prefer to know in advance "this > operator doesn't handle abuses" that wasting time in reporting them. I > will have the choice to just block their network and when several folks > block them and their customers complain, then they may change their > mind. I was wondering if this "block" would mean blocking all prefixes announced by the same ASN, or just the prefix where the abuse originated from. Well, this is up to each operator ... If it is my network, I will definitively block the complete ASN, because a network that doesn't process abuse, is not something I want to get traffic from. But is just my personal view. > Better 50% of good and *real* validated abuse contacts than 100% from which I don't know how may are for real. As i already stated, i'm more worried about someone using real e-mail addresses of real unrelated people than the /dev/null or unattended mailboxes. When someone uses a 3rd party address without authorization+knowledge, i think it's reasonable to allow for a fix, instead of directly running to ripe-716. Cheers, Carlos > El 15/1/20 8:24, "anti-abuse-wg en nombre de Carlos Friaças via anti-abuse-wg" <anti-abuse-wg-bounces at ripe.net en nombre de anti-abuse-wg at ripe.net> escribió: > > > Hi, > > I obviously don't speak for the incident handling community, but i think > this (making it optional) would be a serious step back. The current > situation is already very bad when in some cases we know from the start > that we are sending (automated) messages/notices to blackholes. > > To an extreme, there should always be a known contact responsible for > any network infrastructure. If this is not the case, what's the purpose > of a registry then? > > Regards, > Carlos > > > > On Tue, 14 Jan 2020, Leo Vegoda wrote: > > > On Tue, Jan 14, 2020 at 1:48 AM Gert Doering <gert at space.net> wrote: > > > > [...] > > > >> A much simpler approach would be to make abuse-c: an optional attribute > >> (basically, unrolling the "mandatory" part of the policy proposal that > >> introduced it in the first place) > > > > This seems like a simple approach for letting network operators > > indicate whether or not they will act on abuse reports. If there's no > > way of reporting abuse then the operators clearly has no processes for > > evaluating reports, or acting on them. This helps everyone save time. > > > > Regards, > > > > Leo Vegoda > > > > > > > > ********************************************** > IPv4 is over > Are you ready for the new Internet ? > http://www.theipv6company.com > The IPv6 Company > > This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. > > > > > ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.theipv6company.com The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
- Previous message (by thread): [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
- Next message (by thread): [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]