RE: [anti-spam-wg] Non-cooperation of RIPE ISP in investigating report of email abuse (spam)

["brett" brett@localhost]

> -----Original Message-----
> From: anti-spam-wg-admin@localhost [
	    
	    
]
On
> Behalf Of John Draper
> Sent: Sunday, January 13, 2008 10:02 AM
> To: der Mouse
> Subject: Re: [anti-spam-wg] Non-cooperation of RIPE ISP in
investigating
> report of email abuse (spam)
> 
> der Mouse wrote:
> >
> > You are *exactly* the right people to report it to.  That you are
> > determined to wash your hands of the responsibility that goes with
your
> > authority is in large part why RIPE space is so abuse-ridden; that
> > ICANN and the IANA are letting you get away with it is why it has
> > continued that way for so long (and, because they do the same
nothing
> > with other RIRs, why the rest of the world has similar problems).
> >
> > /~\ The ASCII				der Mouse
> > \ / Ribbon Campaign
> >  X  Against HTML	       mouse@localhost
> > / \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
> >
> >
> >
> I totally agree - when I was running SpamCrunchers,  I very
aggressively
> went after RIPE, APNIC and bitterly complained about some of their
> database updating policies.  Eventually,  after really hitting them
hard
> with "Bogus Whois" complaints,  I started to get SOME action,  but
that
> was back in 2004.   No telling HOW irresponsible they are now,  and it
> almost gives me the impression they RIPE and others, are on the take
and
> helping spammers.


C'mon do you seriously believe that these people could be on the take or
can I hear the sound of a troll from the bridge I am stood on :) I can't
speak for APNIC but I can tell you that the RIPE NCC are most definitley
not in league with spammmers.



> 
> Upstream providers can also help identify the spammers if one comes
> across a BOGUS WHOIS.   I have UNIX Daemons that automatically deal
with
> BOGUS WHOIS complaining,  as it automatically checks every 3 weeks,
> after a 3rd time,  it automatically sends another BOGUS WHOIS
> complaint... then sends one to the upstream provider.
> 
> I definately agree that RIPE,  ARIN, and other IP Block assignment
> agencies HAVE to take a good part of the responsibility for making it
> very difficult to track down hostile traffic.
> 

Yes I agree the RIPE community (that's us folks) should bear the
responsibility for not putting a policy in place that tells the RIPE NCC
what to do.


> WHOIS queries were designed to allow security folks to track down
> network problems of all sorts,  and they (RIPE,  ARIN) have the
> responsibiity to keep their data updated.  So they should be part of
the
> solution instead of being part of the problem.
> 

Aha another common mis-conception AFAIK the data within the RIPE whois
database does not belong to the RIPE NCC and hence they cannot change it
without express instruction from the RIPE community. I do concede that
this (and some of the other things mentioned within this thread) may be
a broken model, but that is the model we currently have if the communtiy
is unhappy about that model they of course have the power to change it.

Brett