[anti-abuse-wg] 2019-04 Discussion Phase (Validation of "abuse-mailbox")

Hello Jordi,

Allow me to respond as this is a more an operational topic.

I agree with you that RIPE policies should provide the general 
framework, while the RIPE NCC works out the best operational details to 
apply the policies.

In the mentioned example the procedure has worked, as the contact was 
identified and marked as invalid.
Ed has clarified already that after the RIPE 80 meeting, we will work on 
adding this information also to the RIPE RDAP service.

Thank you and Angel once more for bringing this to our attention.

Kind regards,
Marco Schmidt
RIPE NCC


On 13/05/2020 09:05, JORDI PALET MARTINEZ via anti-abuse-wg wrote:
> Clearly something that RIPE NCC should improve in their procedures (or at least explain if there is any issue doing so), but I don't think we need to include those procedural details in the policy proposal.
>
> What do you think Petrit?
>
> Regards,
> Jordi
> @jordipalet
>   
>   
>
> El 13/5/20 0:46, "anti-abuse-wg en nombre de Ángel González Berdasco" <anti-abuse-wg-bounces at ripe.net en nombre de angel.gonzalez at incibe.es> escribió:
>
>      El mar, 12-05-2020 a las 22:21 +0200, JORDI PALET MARTINEZ via anti-
>      abuse-wg escribió:
>      >     You misunderstood me.  I'm not advocating de-registration of IP
>      > resources.  I
>      >     meant to remove just the abuse-c email address, since it does not
>      > work.  As an
>      >     alternative, as Àngel noted, there could be a tag saying that the
>      > email address
>      >     is not valid, without actually removing it.
>      >
>      > [Jordi] I got your point now, thanks!
>      >
>      > I think it is more useful instead of removing the address, marking
>      > the record as invalid, and this is being done if I recall correctly
>      > from RIPE NCC presentations.
>
>      5.135.48.50is one of such IP addresses.
>      It has as abuse-c abuse at for-ns.com, which is trivially invalid: for-
>      ns.com mail is handled by 10 mail.for-ns.com. mail.for-ns.com has
>      address 176.9.154.142 Yet, there is no mail server on 176.9.154.142:25
>
>      Port 43 access provides:
>      > % Information related to '5.135.48.48 - 5.135.48.51'
>      >
>      > % Abuse contact for '5.135.48.48 - 5.135.48.51' is 'abuse at for-ns.com'
>      > % Abuse-mailbox validation failed. Please refer to ORG-OS3-RIPE for
>      > further information.
>
>
>      I am unable to see such piece of information on the RDAP view, though:
>      https://rdap.db.ripe.net/ip/5.135.48.48
>
>
>      Best regards
>
>      --
>      INCIBE-CERT - CERT of the Spanish National Cybersecurity Institute
>      https://www.incibe-cert.es/
>
>      PGP Keys:
>      https://www.incibe-cert.es/en/what-is-incibe-cert/pgp-public-keys
>
>      ========================================================================
>
>      INCIBE-CERT is the Spanish National CSIRT designated for citizens,
>      private law entities, other entities not included in the subjective
>      scope of application of the "Ley 40/2015, de 1 de octubre, de Régimen
>      Jurídico del Sector Público", as well as digital service providers,
>      operators of essential services and critical operators under the terms
>      of the "Real Decreto-ley 12/2018, de 7 de septiembre, de seguridad de
>      las redes y sistemas de información" that transposes the Directive (EU)
>      2016/1148 of the European Parliament and of the Council of 6 July 2016
>      concerning measures for a high common level of security of network and
>      information systems across the Union.
>
>      ========================================================================
>
>      Disclaimer:
>      This message may contain confidential information, within the framework
>      of the corporate Security Management System.If you are not the intended
>      recipient, please notify the sender and delete this message without
>      forwarding or retaining a copy, since any unauthorized use is strictly
>      prohibited by law.
>
>      ========================================================================
>
>
>
>
> **********************************************
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.theipv6company.com
> The IPv6 Company
>
> This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
>
>
>
>
>