This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[db-wg] abuse-c

Previous message (by thread): [db-wg] abuse-c
Next message (by thread): [db-wg] abuse-c

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

MarcoH marcoh at marcoh.net
Tue Jan 13 12:46:32 CET 2004

On Tue, Jan 13, 2004 at 12:27:58PM +0100, Ulrich Kiermayr wrote:

> >Let's just limit it to be syntactically correct accoording to whatever the
> >rfc at that moment specify as 'syntactically correct'.
> >
> >There is no other way of ensuring that it's valid on a certain moment.
> >There is still some form of 'trust' involved as to the point that the LIR
> >inserting the address takes abuse serious. And I hope the majority still
> >does, so the system would work and people don't have to use other things
> >like mailing all addresses they can find related to an address upto and
> >including hostmaster at ripe.net.
> 
> Sorry to be picky, but I still do not get it: then what is the advantage of
> 
> abuse-c: abuse at here.there.nl
> 
> over
> 
> remarks: abuse-c: abuse at here.there.nl

You can't enforce the second form, it will become BCP and you will end up
with the same situation as the irt objects.

> as you stated trust is required and you can't ensure anything; so having 
> it mandatory is basically worthless, because someone who has to fill in 
> something but does not want to will put in trash_my_abuse at hotmail.com, 
> which is also perfectly valid, but does not buy you anything either.
> 
> And for having a usable, maintainable automated system, it is easier to 
> take what is there (IRT is not really hard to figure out - it _is_ 
> basically like a maintainer), and write the apprpriate tools for that; 
> since you would have to write tools anyway.
> 
> I hope that makes sense.

It makes sense, but I have the feeling that the irt carries to much
information or is to difficult for the average database user to use.

That's why I proposed the alternative of creating more awarness of the irt
object, what it does and how to use it, especially from the perspective of
the bulk of the database users who just want some basic information on
where to complain about a certain ip address.

I don't know how others handle this, but the company I work for has some
seperation between 'security' and 'abuse'. The irt object will probably
point to our security department who handle the more serious incidents or
things which need a fast response. Our abuse dept only works during office
hours but takes care of all spammers, virusses and other stuff as from
experience most of the spam is done batchwise mostly the damage is already
done and the only thing the abuse dept does is taking care it won't happen
again by disconneting the user and make sure they fix their security
holes.

The irt object doesn't allow for this seperation, you can create multiple
objects and use remarks to explain where to send the complaint. This is
the mechanism we already use on the inetnum and it doesn't work very well.

MarcoH

Previous message (by thread): [db-wg] abuse-c
Next message (by thread): [db-wg] abuse-c

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ db-wg Archives ]