<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-IE" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Morning,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">The verification system that is being implemented is the one that comes from the policy that was approved by the RIPE community. While I, personally, believe it is what is possible right now, the
opportunity exists for everyone in the community to propose a different policy. The Anti-Abuse WG Chairs and the RIPE Policy Development team stand ready to assist anyone with this.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Thanks,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Brian<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US">Co-Chair, RIPE AA-WG<o:p></o:p></span></p>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal">Brian Nisbet <o:p></o:p></p>
<p class="MsoNormal">Service Operations Manager<o:p></o:p></p>
<p class="MsoNormal">HEAnet CLG, Ireland's National Education and Research Network<o:p></o:p></p>
<p class="MsoNormal">1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland<o:p></o:p></p>
<p class="MsoNormal">+35316609040 brian.nisbet@heanet.ie www.heanet.ie<o:p></o:p></p>
<p class="MsoNormal">Registered in Ireland, No. 275301. CRA No. 20036270<o:p></o:p></p>
</div>
<p class="MsoNormal"><span style="mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> anti-abuse-wg <anti-abuse-wg-bounces@ripe.net>
<b>On Behalf Of </b>Fi Shing<br>
<b>Sent:</b> Tuesday 5 March 2019 11:28<br>
<b>To:</b> Ronald F. Guilmette <rfg@tristatelogic.com>; anti-abuse-wg@ripe.net<br>
<b>Subject:</b> Re: [anti-abuse-wg] Verification of abuse contact addresses ?<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black">Yes, the verification mechanism they chose to implement was a flop, with no input required from address owners.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black">In reality, it should be "verify your email address by clicking this link once a week or your resources are decommissioned within 24 hours" but alas, that would
make too much sense.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><a href="http://abuse.net">abuse.net</a> lists these contacts for mesh digital:<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><a href="mailto:abuse@meshdigital.com">abuse@meshdigital.com</a> (for
<a href="http://meshdigital.com">meshdigital.com</a>)<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><a href="mailto:noc@meshdigital.com">noc@meshdigital.com</a> (for
<a href="http://meshdigital.com">meshdigital.com</a>)<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><a href="mailto:ripe@netsumo.com">ripe@netsumo.com</a> (for
<a href="http://meshdigital.com">meshdigital.com</a>)<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:12.0pt;font-family:"Verdana",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<blockquote style="border:none;border-left:solid blue 1.5pt;padding:0cm 0cm 0cm 6.0pt;margin-left:6.0pt;margin-top:5.0pt;margin-bottom:5.0pt" id="replyBlockquote">
<div id="wmQuoteWrapper">
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:black">-------- Original Message --------<br>
Subject: [anti-abuse-wg] Verification of abuse contact addresses ?<br>
From: "Ronald F. Guilmette" <<a href="mailto:rfg@tristatelogic.com">rfg@tristatelogic.com</a>><br>
Date: Tue, March 05, 2019 8:55 am<br>
To: <a href="mailto:anti-abuse-wg@ripe.net">anti-abuse-wg@ripe.net</a><br>
<br>
<br>
Sorry folks, when this topic was discussed, I confess that I wasn't<br>
really paying much attention. So now I am forced to ask: Was someone<br>
going to verify the abuse contact addresses listed in the RIPE WHOIS<br>
data base?<br>
<br>
If so, how is that project coming along?<br>
<br>
I'll tell you why I ask. It's quite simple really. Some jerk, probably<br>
Mexican, just sent me a spam wherein he was advertising for sale his<br>
list of 18 million "business" email addreses. (I can't quite tell if<br>
those are all supposed to be specifically Mexican email addrses or what...<br>
because the spam was written in Spanish, and I don't speak Spanish.)<br>
<br>
<a href="https://pastebin.com/raw/dT11krpN">https://pastebin.com/raw/dT11krpN</a><br>
<br>
Note that the specific email address of mine that was spammed was one that<br>
I only used in ancient times, and only in conjunction with my activities<br>
on one specific web site. (It obviously leaked somehow.)<br>
<br>
The envelope sender address was forged to be my own.<br>
<br>
The source IP was 109.68.33.19 as you can see. So naturally, I performed<br>
a RIPE WHOIS query on that IP address and the results I got back indicated<br>
that the contact email address for spam reports was <<a href="mailto:abuse@meshdigital.com">abuse@meshdigital.com</a>>.<br>
So I emailed off a report to that address.<br>
<br>
Of course, it bounced back to me immediately as undeliverable.<br>
<br>
This causes me to suspect that either (a) that stuff that I thought that<br>
I has seen previously about a project to verify abuse addresses was all<br>
just a bunch of malarkey, or else (b) that project is still unfinished<br>
and perhaps not going all that well.<br>
<br>
Could someone please enlighten me and tell me which possibility actually<br>
applies?<br>
<br>
<br>
Regards,<br>
rfg<br>
<br>
<br>
P.s. It is annoying enough to have to lookup who the bleep should<br>
receive a report about spamming from their network _and_ to have to<br>
even write such reports, when 9 time sout of ten, the sending network<br>
could have easly prevented the spam from even going out. It is just<br>
adding insult to injury when the bloody "official" abuse reporting<br>
address doesn't even actually exist.<br>
<br>
And of course, neither <a href="http://meshdigital.com">meshdigital.com</a> nor <a href="http://meshdigital.net">
meshdigital.net</a> even have<br>
functioning web sites.<br>
<br>
Apparently this is all the work of some dolts at a company called <a href="http://heg.com">
heg.com</a>,<br>
in Germany. Do any of you happen to know any of the clueless nitwits<br>
who work there? If so, maybe you could put me in direct touch so that<br>
I could personally apply a much needed clue-by-four.<o:p></o:p></span></p>
</div>
</blockquote>
</div>
</div>
</body>
</html>