RIPE etc. are the ones themselves who refuse to introduce a centralised system, because of $$$$ related concerns.
It would be great, but then imagine if the spammers etc. DDoS that system for as long as they want to abuse resources. -- On Wed, Apr 29, 2020 at 9:18 PM Elad Cohen <e...@netstyle.io> wrote: > What is this ? > > "However, the community should report any situation to the RIPE NCC, which > can provide (anonymous) periodical statistics to the community, which can > take further decisions about that." > > Ripe members are informers? > > "divide and conquer" strategy ? > > Abuse email addresses (just like any other email address) are being > spammed, not only by non-relevant spammers but also by automatic useless > services that are installed at servers that don't take themselves any > measure of proper configuration to avoid the automatic useless services. > > To my opinion, Ripe should create its own anti-abuse system, each LIR will > have login access to it (LIR will be able to choose to receive > notifications through sms / email) and to mark each abuse complaint as > resolved or not (that system can also have an API so LIR's will be able to > pull their abuse complaints), the main issue is that complaints to that > system will not be able to be done automatically or by email - only > manually by form filling with captcha. (after the LIR will mark an abuse > complain as resolved - the complainer will receive an email address also to > confirm with him if issue is resolved or not, non-detailed statistics will > be able to be displayed to the whole community - to see the percentage of > how many manual complaints weren't handled by each LIR) > > --- > > Besides the above, I also believe that we as a community should not accept > complainers which are not taking the most basic configuration actions to > protect their systems, and would consider these complaints as spam. In > order for abuse complaints not to be abused. > > Respectfully, > Elad > > > ------------------------------ > *From:* anti-abuse-wg on behalf of Serge Droz via anti-abuse-wg > *Sent:* Wednesday, April 29, 2020 11:22 AM > *To:* anti-abuse-wg@ripe.net > *Subject:* Re: [anti-abuse-wg] 2019-04 Discussion Phase (Validation of > "abuse-mailbox") > > Hi All > > I think this is a good policy. > > We can always find use cases where it fails, but it will help in some > cases. > > And if some one is not able to answer an e-mail every six month, there > are probably underlying issues. Also the argument, that the bad guys > flood the mailbox is not really acceptable. It just means you can't > filter spam. > > The proposal does not check how the reports are used. But it helps us to > enumerate organizations, that don't act, coming up with various excuses, > along the lines the best problems are some one else's problems, so let's > make it some on else's problem. > > The fact is: Most mature organizations are perfectly capable of handling > such mail boxes, even if they have a high load. > > Coming from the incident response side, I'm tiered of people constantly > telling me, that issues are not their problem > > Best > Serge > > > > > > On 28.04.20 16:01, Petrit Hasani wrote: > > Dear colleagues, > > > > A new version of RIPE policy proposal, 2019-04, "Validation of > > "abuse-mailbox"", is now available for discussion. > > > > This proposal aims to have the RIPE NCC validate "abuse-c:" information > > more often and introduces a new validation process. > > > > Most of the text has been rewritten following the last round of > > discussion and the proposal is now at version 3.0. Some key points in > > this version: > > > > - The abuse-mailbox should not force the sender to use a form > > - The validation process must ensure that the abuse mailbox is able to > > receive messages > > - The validation should happen at least every six months > > > > You can find the full proposal at: > > https://www.ripe.net/participate/policies/proposals/2019-04 > > > > As per the RIPE Policy Development Process (PDP), the purpose of this > > four-week Discussion Phase is to discuss the proposal and provide > > feedback to the proposer. > > > > At the end of the Discussion Phase, the proposer, with the agreement of > > the Anti-Abuse Working Group Chairs, will decide how to proceed with the > > proposal. > > > > We encourage you to review this proposal and send your comments to > > <anti-abuse-wg@ripe.net> before 27 May 2020. > > > > Kind regards, > > -- > > Petrit Hasani > > Policy Officer > > RIPE NCC > > > > > > > > > > > > -- > Dr. Serge Droz > Chair of the FIRST Board of Directors > https://www.first.org > >
