<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Times New Roman \(Cuerpo en alfa";
panose-1:2 2 6 3 5 4 5 2 3 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EstiloCorreo19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 3.0cm 70.85pt 3.0cm;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=ES link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span lang=ES-TRAD style='font-size:12.0pt;mso-fareast-language:EN-US'><o:p> </o:p></span></p><div><div><p class=MsoNormal style='margin-left:35.4pt'>El 29/4/20 13:18, "anti-abuse-wg en nombre de Elad Cohen" <<a href="mailto:anti-abuse-wg-bounces@ripe.net">anti-abuse-wg-bounces@ripe.net</a> en nombre de <a href="mailto:elad@netstyle.io">elad@netstyle.io</a>> escribió:<o:p></o:p></p></div></div><div><p class=MsoNormal style='margin-left:35.4pt'><o:p> </o:p></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'>What is this ?<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'><o:p> </o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'>"However, the community should report any situation to the RIPE NCC, which can provide (anonymous) periodical statistics to the community, which can take further decisions about that."<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'><o:p> </o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'>Ripe members are informers?<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'><o:p> </o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'>"divide and conquer" strategy ?<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US>[Jordi] I’ve explained the intent before. The reporting to the RIPE NCC (and all the other RIRs) of anything which may be relevant is not acting as “informer”, but collaboration in order to discover isues and improve. Can you suggest a better wording?</span><span lang=EN-US style='font-size:12.0pt'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt'><o:p> </o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'>Abuse email addresses (just like any other email address) are being spammed, not only by non-relevant spammers but also by automatic useless services that are installed at servers that don't take themselves any measure of proper configuration to avoid the automatic useless services.<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'><o:p> </o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'>To my opinion, Ripe should create its own anti-abuse system, each LIR will have login access to it (LIR will be able to choose to receive notifications through sms / email) and to mark each abuse complaint as resolved or not (that system can also have an API so LIR's will be able to pull their abuse complaints), the main issue is that complaints to that system will not be able to be done automatically or by email - only manually by form filling with captcha. (after the LIR will mark an abuse complain as resolved - the complainer will receive an email address also to confirm with him if issue is resolved or not, non-detailed statistics will be able to be displayed to the whole community - to see the percentage of how many manual complaints weren't handled by each LIR)<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US>[Jordi] Maybe you could submit a proposal for that?<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt'><o:p> </o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'>---<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'><o:p> </o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'>Besides the above, I also believe that we as a community should not accept complainers which are not taking the most basic configuration actions to protect their systems, and would consider these complaints as spam. In order for abuse complaints not to be abused.<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US>[Jordi] I disagree here. Is like you tell a shop owner, you’re guilty because you didn’t took enough measures. Too many measures sometimes avoid getting real customers coming in.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:12.0pt'><o:p> </o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'>Respectfully,<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'>Elad<o:p></o:p></span></p></div><div><div><p class=MsoNormal style='margin-left:35.4pt'><o:p> </o:p></p></div><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'><o:p> </o:p></span></p><div class=MsoNormal align=center style='margin-left:35.4pt;text-align:center'><span style='font-size:12.0pt;color:black'><hr size=0 width="100%" align=center></span></div><p class=MsoNormal style='margin-left:35.4pt'><b><span style='font-size:12.0pt;color:black'>From:</span></b><span style='font-size:12.0pt;color:black'> anti-abuse-wg on behalf of Serge Droz via anti-abuse-wg<br><b>Sent:</b> Wednesday, April 29, 2020 11:22 AM<br><b>To:</b> anti-abuse-wg@ripe.net<br><b>Subject:</b> Re: [anti-abuse-wg] 2019-04 Discussion Phase (Validation of "abuse-mailbox") <o:p></o:p></span></p><div><p class=MsoNormal style='margin-left:35.4pt'><span style='font-size:12.0pt;color:black'><o:p> </o:p></span></p></div></div><div><div><p class=MsoNormal style='mso-margin-top-alt:0cm;margin-right:0cm;margin-bottom:12.0pt;margin-left:35.4pt'>Hi All<br><br>I think this is a good policy.<br><br>We can always find use cases where it fails, but it will help in some<br>cases.<br><br>And if some one is not able to answer an e-mail every six month, there<br>are probably underlying issues. Also the argument, that the bad guys<br>flood the mailbox is not really acceptable. It just means you can't<br>filter spam.<br><br>The proposal does not check how the reports are used. But it helps us to<br>enumerate organizations, that don't act, coming up with various excuses,<br>along the lines the best problems are some one else's problems, so let's<br>make it some on else's problem.<br><br>The fact is: Most mature organizations are perfectly capable of handling<br>such mail boxes, even if they have a high load.<br><br>Coming from the incident response side, I'm tiered of people constantly<br>telling me, that issues are not their problem<br><br>Best<br>Serge<br><br><br><br><br><br>On 28.04.20 16:01, Petrit Hasani wrote:<br>> Dear colleagues,<br>> <br>> A new version of RIPE policy proposal, 2019-04, "Validation of<br>> "abuse-mailbox"", is now available for discussion.<br>> <br>> This proposal aims to have the RIPE NCC validate "abuse-c:" information<br>> more often and introduces a new validation process.<br>> <br>> Most of the text has been rewritten following the last round of<br>> discussion and the proposal is now at version 3.0. Some key points in<br>> this version:<br>> <br>> - The abuse-mailbox should not force the sender to use a form<br>> - The validation process must ensure that the abuse mailbox is able to<br>> receive messages<br>> - The validation should happen at least every six months<br>> <br>> You can find the full proposal at:<br>> <a href="https://www.ripe.net/participate/policies/proposals/2019-04" target="_blank">https://www.ripe.net/participate/policies/proposals/2019-04</a><br>> <br>> As per the RIPE Policy Development Process (PDP), the purpose of this<br>> four-week Discussion Phase is to discuss the proposal and provide<br>> feedback to the proposer.<br>> <br>> At the end of the Discussion Phase, the proposer, with the agreement of<br>> the Anti-Abuse Working Group Chairs, will decide how to proceed with the<br>> proposal.<br>> <br>> We encourage you to review this proposal and send your comments to<br>> <anti-abuse-wg@ripe.net> before 27 May 2020.<br>> <br>> Kind regards,<br>> --<br>> Petrit Hasani<br>> Policy Officer<br>> RIPE NCC<br>> <br>> <br>> <br>> <br>> <br><br>-- <br>Dr. Serge Droz<br>Chair of the FIRST Board of Directors<br><a href="https://www.first.org" target="_blank">https://www.first.org</a><o:p></o:p></p></div></div></div></div><br>**********************************************<br>
IPv4 is over<br>
Are you ready for the new Internet ?<br>
http://www.theipv6company.com<br>
The IPv6 Company<br>
<br>
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.<br>
<br>
</body></html>