Re: [anti-spam-wg] Non-cooperation of RIPE ISP in investigating report of email abuse (spam)
-
From: peter h peter@localhost
-
Date: Sun, 13 Jan 2008 12:28:06 +0100
On Sunday 13 January 2008 11.02, John Draper wrote:
> der Mouse wrote:
> >> That aside, however, currently there is no policy or procedures for
> >> RIPE to follow up on incorrect contact information in the database.
> >> [...]
> >> In addition while RIPE has produced a number of documents [...]
> >> neither the NCC nor this WG are empowered to act to stop an ISP or
> >> their customers from [emitting abuse].
> >>
> >
> > And there you have in a nutshell the reason why the net is so
> > abuse-ridden - RIPE should hever have had even so much as one address
> > assigned for them to delegate as long as either of those is true.
> >
> > Authority without responsibility. Bad news wherever it's found.
> >
> > RIPE's authority needs to be revoked (their allocations yanked) until
> > they accept responsibility concomitant with it. Of course, that won't
> > happen - and, as a result, we'll see abuse from RIPE space continue to
> > escalate.
> >
> >
> >> So, in short, we are not the right people to whom to report this
> >> issue.
> >>
> >
> > You are *exactly* the right people to report it to. That you are
> > determined to wash your hands of the responsibility that goes with your
> > authority is in large part why RIPE space is so abuse-ridden; that
> > ICANN and the IANA are letting you get away with it is why it has
> > continued that way for so long (and, because they do the same nothing
> > with other RIRs, why the rest of the world has similar problems).
> >
> > /~\ The ASCII der Mouse
> > \ / Ribbon Campaign
> > X Against HTML mouse@localhost
> > / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
> >
> >
> >
> I totally agree - when I was running SpamCrunchers, I very aggressively
> went after RIPE, APNIC and bitterly complained about some of their
> database updating policies. Eventually, after really hitting them hard
> with "Bogus Whois" complaints, I started to get SOME action, but that
> was back in 2004. No telling HOW irresponsible they are now, and it
> almost gives me the impression they RIPE and others, are on the take and
> helping spammers.
>
> Upstream providers can also help identify the spammers if one comes
> across a BOGUS WHOIS. I have UNIX Daemons that automatically deal with
> BOGUS WHOIS complaining, as it automatically checks every 3 weeks,
> after a 3rd time, it automatically sends another BOGUS WHOIS
> complaint... then sends one to the upstream provider.
>
> I definately agree that RIPE, ARIN, and other IP Block assignment
> agencies HAVE to take a good part of the responsibility for making it
> very difficult to track down hostile traffic.
>
> WHOIS queries were designed to allow security folks to track down
> network problems of all sorts, and they (RIPE, ARIN) have the
> responsibiity to keep their data updated. So they should be part of the
> solution instead of being part of the problem.
>
> John
>
>
Even if RIPE pulled these netranges from spammers, how can advertized BGP-rotes
be enforced ? I was under the impression that routing at BGP-level
is a more or less "gentlemens aggreement(and subject to arbitrary
route injections from time to time)
Pulling the ranges without authority to enforce the redrawal ia a moot.
--
Peter Håkanson
There's never money to do it right, but always money to do it
again ... and again ... and again ... and again.
( Det är billigare att göra rätt. Det är dyrt att laga fel. )