> -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Shmuel Metz > Sent: Monday, January 23, 2012 10:50 AM > To: Message Abuse Report Format working group > Subject: [marf] draft-ietf-marf-as Section 5 Solicited and Unsolicited Reports > > I believe that 5. Solicited and Unsolicited Reports should list the > abuse address from the whois record of the source IP as a reasonable > candidate for receiving feedback.
I have some concerns about doing this, since the reply from a WHOIS query is non-standard. Do we really want to say "apply some unspecified heuristic to the WHOIS reply to get that address"? > If there is a PTR for that address, would an associated abuse address > be a reasonable candidate for receiving feedback? If so, would it only > be reasonable for FCrDNS? I don't think so. I don't think we want to start encouraging people to try to find any domain to which to prepend "abuse@" to start sending reports. DKIM is the exception, because a valid DKIM signature makes a strong statement the likes of "Yes, we handled this message." A PTR record, for example, does not. -MSK _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
