[anti-abuse-wg] Question about spam to abuse inbox

Jordi

At least you are consistent in your belief that you can dictate how we all run our businesses

I can’t and won’t comment on providers who are unresponsive etc., but I sincerely doubt that the medium of the reports has any impact on that.

I will note, however, that other providers who use forms do so in order that they can collect all the evidence they need in one place at one time.

However you cannot dictate to me how we will accept reports. If we decide that all reports need to go via form so that they can be routed to the correct place then that is our decision and you can either cooperate or not.

Regards

Michele

--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
https://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

From: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> on behalf of JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg at ripe.net>
Date: Thursday, 18 February 2021 at 15:59
To: anti-abuse-wg at ripe.net <anti-abuse-wg at ripe.net>
Subject: Re: [anti-abuse-wg] Question about spam to abuse inbox
I see it in the other way around. Forms are not useful at all. You need to manually fill in the form, unless you modify the automated reporting tools for “each” “form-holder”. Many of them also ask you to create an account in their ticketing system, but because you’re not their customer, you actually can’t do it, or can’t use it, etc. … When I tried to follow the steps, with major datacenters, such as OVH (one very common hoster of “bad” customers, not to say criminals), they never solve the issues, or you can’t see the “results” of the investigation (I tend to think that never investigated in fact …).

Most of the abuse reports that we send by email are responded, typically automatically, and there is a reaction to them *when* we have already attached the relevant logs.

The problem continues to be those that don’t get the emails, bounce, don’t read them, etc., or force to fill the forms. In those case, we just permanently ban the full ranges, if the abuse continues. No other way. We keep records of all that, in case of legal issues, so to be able to probe the ignorance of the abuse-mailbox.

Regards,
Jordi
@jordipalet



El 18/2/21 16:41, "anti-abuse-wg en nombre de Javier Martín" <anti-abuse-wg-bounces at ripe.net<mailto:anti-abuse-wg-bounces at ripe.net> en nombre de javier.martin at centrored.net<mailto:javier.martin at centrored.net>> escribió:

Hello.

The subject of abuse emails are, with few exceptions, a useless thing, it depends on the good faith of the recipient.
For our part, we continue to have servers from large companies attacking us for more than 6 months and after dozens of emails no one has helped us.

Regards.
Javier

Sobre 18/02/2021 16:33:07, Michele Neylon - Blacknight via anti-abuse-wg <anti-abuse-wg at ripe.net> escribió:
Hans-Martin

I’d disagree

For larger companies the types of abuse reported will go to different places and teams. They’re also better for collecting the data you need to be able to act on a report.

Abuse reports are a nuisance – anyone who thinks otherwise needs to get their head examined.

However a lot of us will deal with abuse reports, but will not put up with people telling us how we should receive them.

Regards

Michele


--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
https://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

From: anti-abuse-wg <anti-abuse-wg-bounces at ripe.net> on behalf of Hans-Martin Mosner <hmm at heeg.de>
Date: Thursday, 18 February 2021 at 15:27
To: anti-abuse-wg at ripe.net <anti-abuse-wg at ripe.net>
Subject: Re: [anti-abuse-wg] Question about spam to abuse inbox
Am 18.02.21 um 15:02 schrieb Michele Neylon - Blacknight via anti-abuse-wg:

I know quite a few companies now use specific forms for handling reports of different types of reports and have moved away from email almost entirely, which makes a lot of sense.


At the risk of derailing this interesting and useful topic, I have to disagree with the use of forms to report abuse. In the cases I've seen, those forms are hard to find, are a burden to fill out, require me to add information that is completely irrelevant to the abuse incident, and don't allow me to add relevant information (such as a complete mail header). Not getting a response only adds to the feeling that I've wasted my time...

It may make a lot of sense for companies who see abuse reports as a nuisance, though :-)

There are better ways to increase the quality of abuse reports received. The best is to respond positively to informative and verifiable abuse reports with timely and appropriate replies and, above all, actions.

Cheers,
Hans-Martin


**********************************************
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </ripe/mail/archives/anti-abuse-wg/attachments/20210218/ebe929b1/attachment.html>