This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Abuse Report ignored. What to do as next?
- Previous message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?
- Next message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alessandro Vesely
vesely at tana.it
Thu Nov 30 13:15:58 CET 2023
On Thu 30/Nov/2023 12:40:46 +0100 Laura Atkins wrote: > What happens if / when someone doesn’t? A minimal, yet useful reaction would be to remove their abuse PoC from RDAP pages. If the convention is clear that network operators without abuse-c are non-responders, it is easy for all the others to add the corresponding IPs to their drop lists. Ripe NCC could even distribute non-responders lists. A motion to reclaim wasted resources can be set up at a later time. Best Ale >> On 30 Nov 2023, at 10:47, Matthias Merkel <matthias.merkel at staclar.com> wrote: >> >> The proposal is to send verification emails to abuse mailboxes and have a >> link in them clicked, right? I would have no objection to that. >> >> Is there more that is being proposed in this proposal specifically? >> >> — >> Maria Merkel >> >> This email was sent by [company]. Any statements contained in this email are >> personal to the author and are not necessarily the statements of the company >> unless specifically stated. >> >> Novecore and Staclar are collective trading names of Novecore Ltd., >> registered in England and Wales under company number 11748197, Novecore >> Licensing Ltd., registered in England and Wales under company number >> 11544982, Staclar Carrier Ltd., registered in England and Wales under company >> number 12219686, Staclar Financial Services Ltd., registered in England and >> Wales under company number 13843292 (registered offices 54 Portland Place, >> London, UK, W1B 1DY); Novecore Professional Services Ltd., registered in >> England and Wales under company number 13965912 (registered office 13 >> Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore (Estonia) OÜ, >> registered in Estonia under registry code 16543205 (local contact Baltic >> Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); Novecore (USA) >> Inc., registered in Delaware under file number 6707907, Novecore Licensing >> (USA) LLC, registered in Delaware under file number 4030866, and Staclar, >> Inc., registered in Delaware under file number 7413401 (registered agents The >> Corporation Trust Company, Corporation Trust Center, 1209 Orange St, >> Wilmington DE 19801, USA). Novecore Licensing Ltd. is registered for VAT in >> the United Kingdom under VAT registration number 347 4545 80. Novecore >> (Estonia) OÜ is registered for VAT in the European Union under VAT >> registration number EE102518979. Novecore Professional Services Ltd. is a >> trust or company service provider registered with and supervised by HM >> Revenue & Customs under the Money Laundering, Terrorist Financing and >> Transfer of Funds (Information on the Payer) Regulations 2017 (registration >> number XMML00000178208). Staclar Financial Services Ltd. is an Annex 1 >> financial institution registered with and supervised by the Financial Conduct >> Authority under the Money Laundering, Terrorist Financing and Transfer of >> Funds (Information on the Payer) Regulations 2017 (firm reference number >> 989521). Registration is not equivalent to authorisation and is not an >> endorsement to do business with a firm. Staclar Financial Services Ltd. is >> not an authorised person within the meaning of the Financial Services and >> Markets Act 2000 and does not review, approve, or endorse financial >> promotions for securities issues it is involved in or provide any form of >> investment advice. >> Sent from Front >>> On November 30, 2023 at 11:45 AM GMT+1 ops.lists at gmail.com >>> <mailto:ops.lists at gmail.com> wrote: >>> >>> There is somewhat more being proposed than that bare minimum of due >>> diligence but none of this makes ripe ncc a regulator any more than a >>> pharmacist verifying a prescription becomes the FDA >>> >>> --srs >>> ------------------------------------------------------------------------------- >>> *From:* Matthias Merkel <matthias.merkel at staclar.com >>> <mailto:matthias.merkel at staclar.com>> >>> *Sent:* Thursday, November 30, 2023 4:03:07 PM >>> *To:* Suresh Ramasubramanian <ops.lists at gmail.com >>> <mailto:ops.lists at gmail.com>>; Leo Vegoda <leo at vegoda.org >>> <mailto:leo at vegoda.org>> >>> *Cc:* anti-abuse-wg at ripe.net <mailto:anti-abuse-wg at ripe.net> >>> <anti-abuse-wg at ripe.net <mailto:anti-abuse-wg at ripe.net>> >>> *Subject:* Re: [anti-abuse-wg] Abuse Report ignored. What to do as next? >>> I have already noted that I have no objections to a proposal solely to >>> verify abuse mailbox functionality, but that we should be careful adding >>> anything further. Perhaps I wasn't clear enough in this: >>> >>> Arguably a proposal to simply require verification of the abuse mailbox >>> does not make the NCC a regulator (and, in fact, I think the NCC already >>> does this with ASNs), but I do not see how this would be an effective >>> measure. >>> >>> Making further requirements would make the NCC a regulator, and this may >>> be dangerous precedent. >>> >>> >>> Regarding the potential that government regulators will put rules in place >>> if we don't, I don't think this is a big concern here. Many governments >>> already do have those rules and already supervise network operators in their >>> countries. The issue in this specific case is that some countries simply >>> don't care, and do not have laws or regulations around the issue. >>> >>> — >>> Maria Merkel >>> >>> This email was sent by [company]. Any statements contained in this email are >>> personal to the author and are not necessarily the statements of the company >>> unless specifically stated. >>> >>> Novecore and Staclar are collective trading names of Novecore Ltd., >>> registered in England and Wales under company number 11748197, Novecore >>> Licensing Ltd., registered in England and Wales under company number >>> 11544982, Staclar Carrier Ltd., registered in England and Wales under >>> company number 12219686, Staclar Financial Services Ltd., registered in >>> England and Wales under company number 13843292 (registered offices 54 >>> Portland Place, London, UK, W1B 1DY); Novecore Professional Services Ltd., >>> registered in England and Wales under company number 13965912 (registered >>> office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore >>> (Estonia) OÜ, registered in Estonia under registry code 16543205 (local >>> contact Baltic Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); >>> Novecore (USA) Inc., registered in Delaware under file number 6707907, >>> Novecore Licensing (USA) LLC, registered in Delaware under file number >>> 4030866, and Staclar, Inc., registered in Delaware under file number 7413401 >>> (registered agents The Corporation Trust Company, Corporation Trust Center, >>> 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. is >>> registered for VAT in the United Kingdom under VAT registration number 347 >>> 4545 80. Novecore (Estonia) OÜ is registered for VAT in the European Union >>> under VAT registration number EE102518979. Novecore Professional Services >>> Ltd. is a trust or company service provider registered with and supervised >>> by HM Revenue & Customs under the Money Laundering, Terrorist Financing and >>> Transfer of Funds (Information on the Payer) Regulations 2017 (registration >>> number XMML00000178208). Staclar Financial Services Ltd. is an Annex 1 >>> financial institution registered with and supervised by the Financial >>> Conduct Authority under the Money Laundering, Terrorist Financing and >>> Transfer of Funds (Information on the Payer) Regulations 2017 (firm >>> reference number 989521). Registration is not equivalent to authorisation >>> and is not an endorsement to do business with a firm. Staclar Financial >>> Services Ltd. is not an authorised person within the meaning of the >>> Financial Services and Markets Act 2000 and does not review, approve, or >>> endorse financial promotions for securities issues it is involved in or >>> provide any form of investment advice. >>> Sent from Front >>>> On November 30, 2023 at 11:25 AM GMT+1 ops.lists at gmail.com >>>> <mailto:ops.lists at gmail.com> wrote: >>>> >>>> This is simply an ongoing verification that the justification and other >>>> paperwork which were used to allocate the numbers are reasonable and correct >>>> >>>> Consensus tends to work in strange ways - and room packing isn’t unknown if >>>> you see the example I cited >>>> >>>> --srs >>>> ------------------------------------------------------------------------------- >>>> *From:* anti-abuse-wg <anti-abuse-wg-bounces at ripe.net >>>> <mailto:anti-abuse-wg-bounces at ripe.net>> on behalf of Matthias Merkel >>>> <matthias.merkel at staclar.com <mailto:matthias.merkel at staclar.com>> >>>> *Sent:* Thursday, November 30, 2023 3:24:02 PM >>>> *To:* Leo Vegoda <leo at vegoda.org <mailto:leo at vegoda.org>>; Suresh >>>> Ramasubramanian <ops.lists at gmail.com <mailto:ops.lists at gmail.com>> >>>> *Cc:* anti-abuse-wg at ripe.net <mailto:anti-abuse-wg at ripe.net> >>>> <anti-abuse-wg at ripe.net <mailto:anti-abuse-wg at ripe.net>> >>>> *Subject:* Re: [anti-abuse-wg] Abuse Report ignored. What to do as next? >>>> Of course, this is not how consensus works. >>>> >>>> I also think you're misunderstanding my argument. I'm all for fighting >>>> abuse. A lot of my work is in abuse and fraud prevention and in the >>>> prevention of financial crime. I'm not arguing against preventing abuse, >>>> only against adding even more regulators where they aren't needed. >>>> >>>> The Gmail example still does not address my concern. They say what you can >>>> do with Gmail, which is the service. An IP address itself is not an >>>> abusable service, the systems addressed by them are. Gmail doesn't tell you >>>> what to do on third party services you sign up to with your gmail.com >>>> <http://gmail.com/> address. Google is responsible for Gmail. The RIPE NCC >>>> is responsible for the IP addresses. The network operator is responsible >>>> for the systems. >>>> >>>> — >>>> Maria Merkel >>>> >>>> This email was sent by [company]. Any statements contained in this email >>>> are personal to the author and are not necessarily the statements of the >>>> company unless specifically stated. >>>> >>>> Novecore and Staclar are collective trading names of Novecore Ltd., >>>> registered in England and Wales under company number 11748197, Novecore >>>> Licensing Ltd., registered in England and Wales under company number >>>> 11544982, Staclar Carrier Ltd., registered in England and Wales under >>>> company number 12219686, Staclar Financial Services Ltd., registered in >>>> England and Wales under company number 13843292 (registered offices 54 >>>> Portland Place, London, UK, W1B 1DY); Novecore Professional Services Ltd., >>>> registered in England and Wales under company number 13965912 (registered >>>> office 13 Freeland Park, Wareham Road, Poole, UK, BH16 6FA); Novecore >>>> (Estonia) OÜ, registered in Estonia under registry code 16543205 (local >>>> contact Baltic Business Services OÜ, Narva mnt 5, 10117 Tallinn, Estonia); >>>> Novecore (USA) Inc., registered in Delaware under file number 6707907, >>>> Novecore Licensing (USA) LLC, registered in Delaware under file number >>>> 4030866, and Staclar, Inc., registered in Delaware under file number >>>> 7413401 (registered agents The Corporation Trust Company, Corporation Trust >>>> Center, 1209 Orange St, Wilmington DE 19801, USA). Novecore Licensing Ltd. >>>> is registered for VAT in the United Kingdom under VAT registration number >>>> 347 4545 80. Novecore (Estonia) OÜ is registered for VAT in the European >>>> Union under VAT registration number EE102518979. Novecore Professional >>>> Services Ltd. is a trust or company service provider registered with and >>>> supervised by HM Revenue & Customs under the Money Laundering, Terrorist >>>> Financing and Transfer of Funds (Information on the Payer) Regulations 2017 >>>> (registration number XMML00000178208). Staclar Financial Services Ltd. is >>>> an Annex 1 financial institution registered with and supervised by the >>>> Financial Conduct Authority under the Money Laundering, Terrorist Financing >>>> and Transfer of Funds (Information on the Payer) Regulations 2017 (firm >>>> reference number 989521). Registration is not equivalent to authorisation >>>> and is not an endorsement to do business with a firm. Staclar Financial >>>> Services Ltd. is not an authorised person within the meaning of the >>>> Financial Services and Markets Act 2000 and does not review, approve, or >>>> endorse financial promotions for securities issues it is involved in or >>>> provide any form of investment advice. >>>> Sent from Front >>>>> On November 30, 2023 at 10:48 AM GMT+1 leo at vegoda.org >>>>> <mailto:leo at vegoda.org> wrote: >>>>> >>>>> On Thu, 30 Nov 2023 at 10:44, Suresh Ramasubramanian >>>>> <ops.lists at gmail.com <mailto:ops.lists at gmail.com>> wrote: >>>>>> >>>>>> > >>>>>> > The funny part is that the abuse teams of the very same companies will >>>>>> be out there in other conferences working earnestly and well on best >>>>>> practices. If they were to turn up at a ripe meeting and provide >>>>>> consensus .. >>>>>> > >>>>>> > And before you accuse me of packing the room to generate artificial >>>>>> consensus >>>>>> >>>>>> Consensus isn't a numbers thing. I think you've misunderstood the process. >>>>>> >>>>>> Regards, >>>>>> >>>>>> Leo >>>>>> >>>>>> -- >>>>>> >>>>>> To unsubscribe from this mailing list, get a password reminder, or change >>>>>> your subscription options, please visit: >>>>>> https://mailman.ripe.net/ >>>>>> <https://mailman.ripe.net/> >> -- >> >> To unsubscribe from this mailing list, get a password reminder, or change >> your subscription options, please visit: >> https://mailman.ripe.net/ > > -- > The Delivery Expert > > Laura Atkins > Word to the Wise > laura at wordtothewise.com > > Delivery hints and commentary: http://wordtothewise.com/blog > > > > > > >
- Previous message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?
- Next message (by thread): [anti-abuse-wg] Abuse Report ignored. What to do as next?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]