This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Question about spam to abuse inbox
- Previous message (by thread): [anti-abuse-wg] Question about spam to abuse inbox
- Next message (by thread): [anti-abuse-wg] Question about spam to abuse inbox
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alessandro Vesely
vesely at tana.it
Sun Feb 28 11:54:00 CET 2021
On Sat 27/Feb/2021 01:40:01 +0100 Ángel González Berdasco wrote: > Cynthia Revström writes: >> >> if you want a human to read your emails, you shouldn't automate the >> sending so you end up with potential situations like that. > > No. You should actually love automated reports. > > [...automated classification of automated abuse reports...] > [...held in esteem but not quoted...] > > Note I'm not covering the quality of the information. In either cases, > Joe notifications could generally be either good or bad. If you find > Joe to provide reliable information, you may even want to trust their > reports automatically. If they have a lot of noise, you probably will > want to prioritize them at the bottom of your queue. It's also to be noted that abuse teams do reply. If the quality isn't good, the human who read the report replies and points out what is missing in order to make it actionable. Some replies are fully automated and repetitive, some are based on a template on which the operator on duty can add manually written text. Thus, while reports are generated automatically, replies have to be handled by hands, possibly deploying regexes or eyeballs to classify them. That begs the question of whether abuse reports have valid reply addresses. >> Don't assume people are lacking in basic knowledge, rather consider >> that some people might have requirements other than yours, and that >> it might not be as simple as you suggest. > > Sadly, problems often lie at the management level, out of the hands of > the technicians which suffer them. How much to invest in abuse handling is obviously a management decision. It shapes an ISP's characteristics, quality, and costs. From my POV, the best way to implement a couldn't-give-a-damn attitude is to not register an abuse address at all. Having an automated abuse reporting system driven by firewall events, it is straightforward to multiply the banning period by months when the abuse address is empty. Unfortunately, RIPE seems to have it mandatory to fill abuse-c, so one has to manually track bounces, distinguishing temporary hiccups from permanent failures, and equate the latter to empty addresses. Best Ale --
- Previous message (by thread): [anti-abuse-wg] Question about spam to abuse inbox
- Next message (by thread): [anti-abuse-wg] Question about spam to abuse inbox
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]