[anti-abuse-wg] So many idiots. So little time.

Am 13.08.22 um 14:13 schrieb jeroen at hackersbescherming.nl:
> I would say perfect for that anti abuse training!

Training is useful if you want to learn and achieve the training subject matter. Serverius (like many other 
hosting/colocation providers) is in the business of deflecting trouble from their customers. In an old antispam forum 
post I found this quote without exact source, which could be used verbatim by most of them:

> Serverius IT infrastructure is providing underlying infrastructure services without any hosting activities. Serverius 
> is not a hosting provider as it has no data carrier hardware like servers or disk storage services under management 
> (only our clients do). Serverius is only providing the parent data center colocation of client hardware and/or IP 
> connectivity services that are used by clients to build their own infrastructure. Their services are used by millions 
> of companies in the world. Therefore Serverius does not know what Serverius network users are hosting (it's 
> technically impossible for us to see and forbidden by law) and Serverius is therefore not liable for what our customer 
> hosts behind its own network and/or on his own infrastructure. 
Legally, they may be right (of course they are not allowed to peek into their customer's servers). However, there's 
something more to it - you could have contract and AUP clauses which prohibit spamming/abuse and give the provider 
leverage to enforce that prohibition. But some providers apparently prefer to keep such clauses out of their contracts 
and don't want to waste money on abuse desk training because a well-paying customer is a well-paying customer after all. 
"Pecunia non olet", as Vespasian is reported to have said.

Those are not the target group for anti abuse training. They would probably need it, but first they would need the will 
to stop network abuse emanating from their infrastructure.

Cheers,
Hans-Martin