[anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

Hi Jordi,

Indeed. However, it’s exactly what policies like the abuse –c and this new iteration of your proposal are trying to solve. Apparently, in a sea of denial/counterarguments/gaslighting. I do indeed hope more “security” people from ISPs and CERTs can join the discourse and make it proceed in the right direction.

Fingers crossed.

Kind regards,

Sara M

Europol - O3 European Cyber Crime Centre (EC3)

Eisenhowerlaan 73, 2517 KK
The Hague, The Netherlands
www.europol.europa.eu<http://www.europol.europa.eu>



From: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> On Behalf Of JORDI PALET MARTINEZ via anti-abuse-wg
Sent: 16 January 2020 14:54
To: 'anti-abuse-wg at ripe.net' <anti-abuse-wg at ripe.net>
Subject: Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

Hi Sara,

While I fully agree with Sergio and yourself, the issue here is that this part of your text

“Complete, accurate information goes hand in hand with a duty of care, of promptly taking actions against abuse, and should be accompanied by a social responsibility of trying to make the Internet a safe and secure place for everyone, thus not enabling actively DDoS, spammers, and criminals in general”

Is not documented, so not “obvious” (as legal text) to everyone or I’m missing something?

Of course, I fail to see that any operator can deny that … but is not in the text.

Regards,
Jordi
@jordipalet



El 16/1/20 14:24, "anti-abuse-wg en nombre de Marcolla, Sara Veronica" <anti-abuse-wg-bounces at ripe.net<mailto:anti-abuse-wg-bounces at ripe.net> en nombre de Sara.Marcolla at europol.europa.eu<mailto:Sara.Marcolla at europol.europa.eu>> escribió:

Very well put, Sérgio. Thank you for voicing clearly the concern of (at least a part of) the community.

We should not forget that, according to the provisions of RIPE NCC audits, “every party that has entered into an agreement with the RIPE NCC is contractually obliged to provide the RIPE NCC with complete, updated and accurate information necessary for the provision of the RIPE NCC services and to assist the RIPE NCC with audits and security checks”.  Complete, accurate information goes hand in hand with a duty of care, of promptly taking actions against abuse, and should be accompanied by a social responsibility of trying to make the Internet a safe and secure place for everyone, thus not enabling actively DDoS, spammers, and criminals in general.

If the community does not agree that everyone has the right to a safe, spam free, crime free Internet, maybe we have some issue to solve here first.


Kind regards,

Sara

Europol - O3 European Cyber Crime Centre (EC3)

Eisenhowerlaan 73, 2517 KK
The Hague, The Netherlands
www.europol.europa.eu<http://www.europol.europa.eu>


From: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net<mailto:anti-abuse-wg-bounces at ripe.net>> On Behalf Of Sérgio Rocha
Sent: 16 January 2020 13:38
To: anti-abuse-wg at ripe.net<mailto:anti-abuse-wg at ripe.net>
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

Hi,

Agree, This anti-abuse list seems the blocking group to any anit-abuse response measure.
It's amazing that nobody cant propose anything without receiving a shower of all sorts of arguments against

There is an idea that everyone has to hold, if as a community we cannot organize a policy, one of these days there will be a problem that will make governments take the opportunity to legislate and we will no longer have the free and open internet.

There are a feew ideas that is simple to understand:

1 - If you have been assigned a network you have responsibilities, paying should not be the only one.
2 - There is no problem with email, since ever are made solutions to integrate with emails. There is no need to invent a new protocol. Who has a lot of abuse, invests in integrating these emails.
3 - If you have no ability to manage abuse should not have addressing, leave it to professionals.

The internet is critical for everyone, the ability for actors to communicate with each other to respond to abuse must exist and RIPE must ensure that it exists.
It’s like the relation with local governments, there is a set of information that has to be kept up to date to avoid problems, in RIPE it must be the same.

Sergio



From: anti-abuse-wg [mailto:anti-abuse-wg-bounces at ripe.net] On Behalf Of Fi Shing
Sent: 16 de janeiro de 2020 04:55
To: anti-abuse-wg at ripe.net<mailto:anti-abuse-wg at ripe.net>
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")


>> Best not to judge the race until it has been fully run.

I just do not understand how anyone on this list (other than a criminal or a business owner that wants to reduce over heads by abolishing an employee who has to sit and monitor an abuse desk) could be talking about making it easier for abuse to flourish.

It is idiotic and is not ad hominem.

This list is filled with people who argue for weeks, perhaps months, about the catastrophic world ending dangers of making an admin verify an abuse address ONCE a year .... and then someone says "let's abolish abuse desk all together" and these idiots emerge from the wood work like the termites that they are and there's no resistance?

The good news is that nothing talked about on this list is ever implemented, so .. talk away you criminals.





--------- Original Message ---------
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")
From: "Ronald F. Guilmette" <rfg at tristatelogic.com<mailto:rfg at tristatelogic.com>>
Date: 1/16/20 11:47 am
To: "anti-abuse-wg at ripe.net<mailto:anti-abuse-wg at ripe.net>" <anti-abuse-wg at ripe.net<mailto:anti-abuse-wg at ripe.net>>

In message <20200115155949.af7f9f79718891d8e76b551cf73e1563.e548b98006.mailapi@
email19.asia.godaddy.com<mailto:20200115155949.af7f9f79718891d8e76b551cf73e1563.e548b98006.mailapi@%0bemail19.asia.godaddy.com>>, "Fi Shing" <phishing at storey.xxx<mailto:phishing at storey.xxx>> wrote:

>That is the most stupid thing i've read on this list.

Well, I think you shouldn't be quite so harsh in your judgement. It is
not immediately apparent that you have been on the list for all that long.
So perhaps you should stick around for awhile longer before making such
comments. If you do, I feel sure that there will be any number of
stupider things that may come to your attention, including even a few
from your's truly.

Best not to judge the race until it has been fully run.

>Which criminal is paying you to say this nonsense, because no ordinary person
>that has ever received a spam email would ever say such crap.

I would also offer the suggestion that such inartful commentary, being as
it is, ad hominem, is not at all likely to advance your agenda. It may
have felt good, but I doubt that you have changed a single mind, other
than perhaps one or two who will now be persuaded to take the opposing
position, relative to whatever it was that you had hoped to achieve.


Regards,
rfg
*******************

DISCLAIMER : This message is sent in confidence and is only intended for the named recipient. If you receive this message by mistake, you may not use, copy, distribute or forward this message, or any part of its contents or rely upon the information contained in it.
Please notify the sender immediately by e-mail and delete the relevant e-mails from any computer. This message does not constitute a commitment by Europol unless otherwise indicated.

*******************

**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
*******************

DISCLAIMER : This message is sent in confidence and is only intended for the named recipient. If you receive this message by mistake, you may not use, copy, distribute or forward this message, or any part of its contents or rely upon the information contained in it.
Please notify the sender immediately by e-mail and delete the relevant e-mails from any computer. This message does not constitute a commitment by Europol unless otherwise indicated.

*******************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/anti-abuse-wg/attachments/20200116/2b6a465d/attachment.html>