<html><body><span style="font-family:Verdana; color:#000; font-size:12pt;"><div><i>"<span style="">IMHO the policy should only check if emails to the abuse contact are delivered, which can bei done with some HELO, MAIL FROM and RCPT TO magic on port 25."</span></i></div><div><i><span style=""><br></span></i></div><div>Except that firstly, you get idiots who forward abuse complaints to distribution lists, and then shut down email accounts attached to that distribution list without updating the distribution list. </div><div><br></div><div>And secondly, you have anti-spam solutions (yes, there are admins who actually install anti-spam solutions on abuse inboxes!) that can potentially delete it after it's received (because it looks like a spam message..!! I wonder why a spam message would be sent to an abuse inbox?)</div><div><br></div><div><br></div><div><br></div><div><br></div><div><br></div><div><span style=""><br></span></div>
<blockquote id="replyBlockquote" webmail="1" style="border-left: 2px solid blue; margin-left: 8px; padding-left: 8px; font-size:10pt; color:black; font-family:verdana;">
<div id="wmQuoteWrapper">
-------- Original Message --------<br>
Subject: Re: [anti-abuse-wg] [policy-announce] 2017-02 Review Phase<br>
(Regular abuse-c Validation)<br>
From: Wolfgang Tremmel <<a href="mailto:wolfgang.tremmel@de-cix.net">wolfgang.tremmel@de-cix.net</a>><br>
Date: Fri, January 19, 2018 9:21 pm<br>
To: "<a href="mailto:anti-abuse-wg@ripe.net">anti-abuse-wg@ripe.net</a>" <<a href="mailto:anti-abuse-wg@ripe.net">anti-abuse-wg@ripe.net</a>><br>
<br>
Do you want to solve a problem or create one?<br>
<br>
I can imagine as the "click here and solve captcha" emails will be standardized that a carefully crafted attack might lure fist line helpdesk people onto shady websides and making them click stuff.<br>
<br>
So if I were a helpdesk manager I would order my team not to click on these....<br>
<br>
IMHO the policy should only check if emails to the abuse contact are delivered, which can bei done with some HELO, MAIL FROM and RCPT TO magic on port 25.<br>
<br>
<br>
best regards<br>
Wolfgang<br>
<br>
> On 19. Jan 2018, at 10:58, ox <<a href="mailto:andre@ox.co.za">andre@ox.co.za</a>> wrote:<br>
> <br>
> you mean in practical "real life" work?<br>
> <br>
> practically, abuse admins and people that actually deal with abuse are<br>
> able to solve a capcha and tick a box.<br>
<br>
-- <br>
Wolfgang Tremmel <br>
<br>
Phone +49 69 1730902 26 | Fax +49 69 4056 2716 | Mobile +49 171 8600 816 | <a href="mailto:wolfgang.tremmel@de-cix.net">wolfgang.tremmel@de-cix.net</a><br>
Geschaeftsfuehrer Harald A. Summa | Registergericht AG Köln HRB 51135<br>
DE-CIX Management GmbH | Lindleystrasse 12 | 60314 Frankfurt am Main | Germany | <a href="http://www.de-cix.net">www.de-cix.net</a><br>
<br>
<br>
</div>
</blockquote></span></body></html>