This seems way, way, over-detailed for an Appliability Statement. As I understand it, and AS is intented to answer basic questions about "what do you use this for"? In the case of ARF, the answer is that mostly you use it in private FBLs, but we've found that you can also use it for normal abuse reports. That's it.
When we have more experience with using ARF in abuse reports, we might put some of this stuff in a BCP, but since I don't know anyone other than me who has much experience using them in abuse reprots, that seems rather premature. R's, John > Mailbox Providers SHOULD perform any possible checks to ascertain > that the messages reported by their users, that they are about to > report in turn, really originated at the domain they intend to > forward it to. This includes checking that the reporting user did > not inadvertently or maliciously alter the reported message. Mailbox > Providers MAY digitally sign received messages on delivery in order > to perform this check. > > Mailbox Providers SHOULD manually inspect the messages reported by > their users if their spam score is noticeably low --which might > indicate that the user hit the spam-button by mistake. > > Mailbox Providers should evaluate the trustworthiness of the target > abuse team, possibly using external reputation providers. It is not > worth to send any information to domains that exist for the sole > purpose of spamming. Mailbox Providers MAY redact the reported > message, according to its policy and to the reputation of the > destination. Redacting techniques are discussed in [REDACT]. > > The obvious correction for an acknowledged policy contravention is to > remove the email address of the original recipient from whatever > storage it was retrieved from for sending the reported message, > including mailing lists. An abuse team may need to investigate > whether email addresses are stored legitimately on their customer's > systems, or if any malware is running there. _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
