Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
How was ARIN able to reclaim 750k IPs showing fraud including shell company setup then? The USA is if anything even more litigious than Europe is. You also go to court with "clean hands", so if the invalid abuse contact is also accompanied by a proliferation of malware etc a judge may not react the same way they would when faced with a situation where the ripe contact was sick, on vacation or just plain negligent. --srs From: anti-abuse-wg on behalf of Alex de Joode Sent: Friday, May 17, 2019 11:02 AM To: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox") I beg to differ. The ripe membership set's the policy; Ripe enforces the policy; If a ripe member has it's resources withdrawn due the policy and the enforcement of the policy, the ripe member can go to court in The Netherlands (see contact between member and ripe); The Amsterdam court will apply the proportionality test to a case where the resources are withdrawn based only on the fact there was no reply to the abuse-mailbox validation email; The Amsterdam court will find this action is unreasonable; The Amsterdam court will force ripe to re-instate the resources; The Amsterdam court will be liable for any and all damages the ripe member suffered. -- IDGARA | Alex de Joode | +31651108221 On Fri, 17-05-2019 4h 49min, Fi Shing wrote: This "proportionality" test you speak of, has as much relevance to the regulating of internet resources, as "freedom of speech" does to regulating internet forum membership (no relevance at all). - Original Message - Subject: Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox") From: "Alex de Joode" Date: 5/16/19 4:56 pm To: "JORDI PALET MARTINEZ" Cc: anti-abuse-wg@ripe.net On Fri, 17-05-2019 1h 45min, JORDI PALET MARTINEZ via anti-abuse-wg wrote: Hi Nick, [..] Anyone failing in repetitive ocassions to comply with policies is subjected to further NCC scrutiny, including account closure. This is a different policy already in place. If we don't like that, we should change that policy, but then we don't need policies anymore. Policies are the rules for the community to be respected by all, and not having an administrative enforcement by the NCC is the wilde west. It is an illusion to think ripe can suspend/withdraw resources if an organisation does not reply to a abuse validation request. That simply will not pass the proportionality test needed under Dutch law. So you will have no recourse. (Only if you can prove the entity has registered with false creditials (Due Diligence by new members takes care of this) -and- the entity is active in a criminal enterprise, you might have a case) Cheers, Alex
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
I beg to differ. The ripe membership set's the policy; Ripe enforces the policy; If a ripe member has it's resources withdrawn due the policy and the enforcement of the policy, the ripe member can go to court in The Netherlands (see contact between member and ripe); The Amsterdam court will apply the proportionality test to a case where the resources are withdrawn based only on the fact there was no reply to the abuse-mailbox validation email; The Amsterdam court will find this action is unreasonable; The Amsterdam court will force ripe to re-instate the resources; The Amsterdam court will be liable for any and all damages the ripe member suffered. -- IDGARA | Alex de Joode | +31651108221 On Fri, 17-05-2019 4h 49min, Fi Shing wrote: > This "proportionality" test you speak of, has as much relevance to the regulating of internet resources, as "freedom of speech" does to regulating internet forum membership (no relevance at all). > - Original Message - Subject: Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox") > From: "Alex de Joode" > Date: 5/16/19 4:56 pm > To: "JORDI PALET MARTINEZ" > Cc: anti-abuse-wg@ripe.net > > On Fri, 17-05-2019 1h 45min, JORDI PALET MARTINEZ via anti-abuse-wg > wrote: > > Hi Nick, > > [..] > > Anyone failing in repetitive ocassions to comply with policies is subjected > to further NCC scrutiny, including account closure. This is a different > policy already in place. If we don't like that, we should change that policy, > but then we don't need policies anymore. Policies are the rules for the > community to be respected by all, and not having an administrative > enforcement by the NCC is the wilde west. It is an illusion to think ripe can suspend/withdraw resources if an organisation does not reply to a abuse validation request. That simply will not pass the proportionality test needed under Dutch law. So you will have no recourse. (Only if you can prove the entity has registered with false creditials (Due Diligence by new members takes care of this) -and- the entity is active in a criminal enterprise, you might have a case) Cheers, Alex
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
> Abuse mailboxes are already checked. What matters for abuse > management is whether reports are acted on. This policy doesn't > address that. > > If the RIPE NCC is instructed to send 6-monthly reminders to all abuse > contacts with the implicit threat that if they aren't acted on in the > way specified in this policy, that the organisation in question can > look forward to having their addressing resources vapourised, this > will aggravate the RIPE NCC membership and corrode community trust in > the organisation. The one thing it won't do is make abuse management > better. > > Internet abuse management is not something that you're going to fix by > beating LIRs with sticks, and if they don't react, that you threaten > to beat them harder. > > Separate to this, it's inappropriate to micromanage the NCC in RIPE > policy. It would be good if the RIPE working groups stopped trying to > tell the RIPE NCC people how to do their jobs. spot on, sad to say. randy
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
This "proportionality" test you speak of, has as much relevance to the regulating of internet resources, as "freedom of speech" does to regulating internet forum membership (no relevance at all). - Original Message - Subject: Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox") From: "Alex de Joode" Date: 5/16/19 4:56 pm To: "JORDI PALET MARTINEZ" Cc: anti-abuse-wg@ripe.net On Fri, 17-05-2019 1h 45min, JORDI PALET MARTINEZ via anti-abuse-wg wrote: Hi Nick, [..] Anyone failing in repetitive ocassions to comply with policies is subjected to further NCC scrutiny, including account closure. This is a different policy already in place. If we don't like that, we should change that policy, but then we don't need policies anymore. Policies are the rules for the community to be respected by all, and not having an administrative enforcement by the NCC is the wilde west. It is an illusion to think ripe can suspend/withdraw resources if an organisation does not reply to a abuse validation request. That simply will not pass the proportionality test needed under Dutch law. So you will have no recourse. (Only if you can prove the entity has registered with false creditials (Due Diligence by new members takes care of this) -and- the entity is active in a criminal enterprise, you might have a case) Cheers, Alex
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
On Fri, 17-05-2019 1h 45min, JORDI PALET MARTINEZ via anti-abuse-wg wrote: > Hi Nick, > > [..] > > Anyone failing in repetitive ocassions to comply with policies is subjected > to further NCC scrutiny, including account closure. This is a different > policy already in place. If we don't like that, we should change that policy, > but then we don't need policies anymore. Policies are the rules for the > community to be respected by all, and not having an administrative > enforcement by the NCC is the wilde west. > It is an illusion to think ripe can suspend/withdraw resources if an organisation does not reply to a abuse validation request. That simply will not pass the proportionality test needed under Dutch law. So you will have no recourse. (Only if you can prove the entity has registered with false creditials (Due Diligence by new members takes care of this) -and- the entity is active in a criminal enterprise, you might have a case) Cheers, Alex
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Hi Nick, As it has been observed several times, the actual validation system is extremely weak and very easy to avoid, so 99% useless. If I put in my abuse-c your email (just an example). The validation will pass, and you will never notice that I've used your email to fake the system. So, clearly is the wrong way. If two validations are done per year, I don't think this is significant overhead for any resource holder vs the benefits of the time saving for the same resource holders that need to use the abuse mailbox of a counterparty that today is escaping from a real validation and creating troubles with abuse emails to someone else. Anyone failing in repetitive ocassions to comply with policies is subjected to further NCC scrutiny, including account closure. This is a different policy already in place. If we don't like that, we should change that policy, but then we don't need policies anymore. Policies are the rules for the community to be respected by all, and not having an administrative enforcement by the NCC is the wilde west. Regards, Jordi El 16/5/19 23:38, "anti-abuse-wg en nombre de Nick Hilliard" escribió: Gert Doering wrote on 16/05/2019 21:47: > No positive effect, but lots of negative side-effects. Abuse mailboxes are already checked. What matters for abuse management is whether reports are acted on. This policy doesn't address that. If the RIPE NCC is instructed to send 6-monthly reminders to all abuse contacts with the implicit threat that if they aren't acted on in the way specified in this policy, that the organisation in question can look forward to having their addressing resources vapourised, this will aggravate the RIPE NCC membership and corrode community trust in the organisation. The one thing it won't do is make abuse management better. Internet abuse management is not something that you're going to fix by beating LIRs with sticks, and if they don't react, that you threaten to beat them harder. Separate to this, it's inappropriate to micromanage the NCC in RIPE policy. It would be good if the RIPE working groups stopped trying to tell the RIPE NCC people how to do their jobs. Nick ** IPv4 is over Are you ready for the new Internet ? http://www.theipv6company.com The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Peace, On Thu, May 16, 2019 at 3:21 PM Marco Schmidt wrote: > A new RIPE Policy proposal, 2019-04, "Validation of "abuse-mailbox"", is now > available for discussion. I support the proposal. Assuming the implementation by NCC would be carried out in a way when verification emails won't land in our abuse mailbox more frequently than ordinary proper abuse reports do (which is approximately a couple times in a quarter), I don't see how it can add any significant complexity to the way we handle those requests now. OTOH some benefits of the proposal could possibly be observed. -- Töma
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Are they is the question For example - ARIN just reclaimed a large number of IPs from an actor that created a large number of shell companies. http://m.slashdot.org/story/355802 --srs From: anti-abuse-wg on behalf of Nick Hilliard Sent: Friday, May 17, 2019 3:08 AM To: Gert Doering Cc: anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox") Gert Doering wrote on 16/05/2019 21:47: > No positive effect, but lots of negative side-effects. Abuse mailboxes are already checked. What matters for abuse management is whether reports are acted on. This policy doesn't address that. If the RIPE NCC is instructed to send 6-monthly reminders to all abuse contacts with the implicit threat that if they aren't acted on in the way specified in this policy, that the organisation in question can look forward to having their addressing resources vapourised, this will aggravate the RIPE NCC membership and corrode community trust in the organisation. The one thing it won't do is make abuse management better. Internet abuse management is not something that you're going to fix by beating LIRs with sticks, and if they don't react, that you threaten to beat them harder. Separate to this, it's inappropriate to micromanage the NCC in RIPE policy. It would be good if the RIPE working groups stopped trying to tell the RIPE NCC people how to do their jobs. Nick
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Gert Doering wrote on 16/05/2019 21:47: No positive effect, but lots of negative side-effects. Abuse mailboxes are already checked. What matters for abuse management is whether reports are acted on. This policy doesn't address that. If the RIPE NCC is instructed to send 6-monthly reminders to all abuse contacts with the implicit threat that if they aren't acted on in the way specified in this policy, that the organisation in question can look forward to having their addressing resources vapourised, this will aggravate the RIPE NCC membership and corrode community trust in the organisation. The one thing it won't do is make abuse management better. Internet abuse management is not something that you're going to fix by beating LIRs with sticks, and if they don't react, that you threaten to beat them harder. Separate to this, it's inappropriate to micromanage the NCC in RIPE policy. It would be good if the RIPE working groups stopped trying to tell the RIPE NCC people how to do their jobs. Nick
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Hi, On Thu, May 16, 2019 at 04:53:25PM +0200, Gert Doering wrote: > This will encourage me to build a robot that monitors our abuse mailbox > and clicks on everything that comes in. In case this was not obvious: I oppose this policy proposal. It will have no positive effect whatsoever but it will create lots of extra process and red tape and procedures and false alerts and escalations due to the way normal ISPs operate, people change, mistakes happens, ticket systems eat mails with funky URLs, and so on. Which can, of couse, be handled by even more processes, escalation stages, etc. Which then will lead to "those that already *act* on their abuse mail will be annoyed because it has more extra costs, and those that already do not care about their abuse mail will honour this policy, and still *not act*". No positive effect, but lots of negative side-effects. Strong opposition. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature
[anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Ola, It's unclear to me what you are trying to accomplish with this policy: * ensure ripe members have a working (as in receiving mail) abuse email address; * ensure ripe members have a working abuse email address and process incoming mails; * ensure ripe members have a working abuse email address and read it; * ensure ripe members have a working abuse email address and act responsibly on notices. It seems you want to verify that a human reads the abuse box. However this will tell you nothing about how an organisation actually deals with abuse. So it will only burden ripe members to no avail. It is my belief ripe should stick to technical verification that a abuse email box exists and is able to receive mail. Ripe is not the internet sheriff :) Cheers, Alex -- IDGARA | Alex de Joode | +31651108221
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Hi Angel, Thanks a lot for the inputs, see below in-line. Regards, Jordi El 16/5/19 16:36, "anti-abuse-wg en nombre de Ángel González Berdasco" escribió: Marco Schmidt writes: > Dear colleagues, > > A new RIPE Policy proposal, 2019-04, "Validation of "abuse-mailbox"", > is now available for discussion. > > This proposal aims to have the RIPE NCC validate "abuse-c:" > information more often, and introduces a new validation process that > requires manual input from resource holders. > > You can find the full proposal at: > https://www.ripe.net/participate/policies/proposals/2019-04 > (...) Looks good. A couple of notes. In addition to the first notice, it may be worth to add 'reminders' instead of escalating directly to the LIR, such as sending a reminder after one week (day 7), and another on the 14th day, prior to escalation. My original proposal had many additional details and complexity, including warnings, blocking the account, etc., but conversations with the staff bring down some my original ideas as they are considered "operational details", in the expectation to discuss them in the list and re-add them if the community may think they must be explicitly part of the policy proposal. *This should not be necessary,* as the resource owner should have put the means so that emails received on the abuse-c are not lost, and someone actually reviews them, without having to insist on them. But I foresee that would improve the response process. Clearly, I fully agree. Also, the resource holder should be able to manually request a new mailbox validation if the provided code is expired (eg. the main person in charge was on holiday and their backup did not handle it). I think this is not needed, because the NCC, after the validation fails, will be in touch with the resource holder, again may be an operational issue, but again, if the community think that it should be explicit in the proposal, I'm also happy about that. RIPE should log the time taken by the different holders to validate their abuse-c, so that those statistics can be used in the future to better understand the effectivity of this process. Very good point. Again, I think it is an operational aspect. I will suggest the impact analysis to consider if they already do this by default, or we need to explicitly say this. Many of those aspects can be part of the policy proposal as "other information", not necessarily as policy text. Finally, I have been thinking how to improve the phrase «Commonly, if a ticket number has been generated, it should be kept (typically as part of the subject) through successive communications.» I came out with replacing it with this new paragraph: «It is quite common to have ticket numbers/identifiers associated to abuse reports in order to be able to differentiate them, which are typically included as part of the subject. Replies (either manual or automated) by the resource holder should maintain any identifiers used by the reporter, optionally adding their own one. And any reply by the abuse reporter should keep as well the identifier holding the ticket number on the resource holder system.» Fine for me. Let's see what others believe. Best regards -- INCIBE-CERT - CERT of the Spanish National Cybersecurity Institute https://www.incibe-cert.es/ PGP Keys: https://www.incibe-cert.es/en/what-is-incibe-cert/pgp-public-keys INCIBE-CERT is the Spanish National CSIRT designated for citizens, private law entities, other entities not included in the subjective scope of application of the "Ley 40/2015, de 1 de octubre, de Régimen Jurídico del Sector Público", as well as digital service providers, operators of essential services and critical operators under the terms of the "Real Decreto-ley 12/2018, de 7 de septiembre, de seguridad de las redes y sistemas de información" that transposes the Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union. ** IPv4 is over Are you ready for the new Internet ? http://www.theipv6company.com The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Hi, On Thu, May 16, 2019 at 02:20:46PM +0200, Marco Schmidt wrote: > This proposal aims to have the RIPE NCC validate "abuse-c:" information more > often, and introduces a new validation process that requires manual input > from resource holders. This will encourage me to build a robot that monitors our abuse mailbox and clicks on everything that comes in. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Marco Schmidt writes: > Dear colleagues, > > A new RIPE Policy proposal, 2019-04, "Validation of "abuse-mailbox"", > is now available for discussion. > > This proposal aims to have the RIPE NCC validate "abuse-c:" > information more often, and introduces a new validation process that > requires manual input from resource holders. > > You can find the full proposal at: > https://www.ripe.net/participate/policies/proposals/2019-04 > (...) Looks good. A couple of notes. In addition to the first notice, it may be worth to add 'reminders' instead of escalating directly to the LIR, such as sending a reminder after one week (day 7), and another on the 14th day, prior to escalation. *This should not be necessary,* as the resource owner should have put the means so that emails received on the abuse-c are not lost, and someone actually reviews them, without having to insist on them. But I foresee that would improve the response process. Also, the resource holder should be able to manually request a new mailbox validation if the provided code is expired (eg. the main person in charge was on holiday and their backup did not handle it). RIPE should log the time taken by the different holders to validate their abuse-c, so that those statistics can be used in the future to better understand the effectivity of this process. Finally, I have been thinking how to improve the phrase «Commonly, if a ticket number has been generated, it should be kept (typically as part of the subject) through successive communications.» I came out with replacing it with this new paragraph: «It is quite common to have ticket numbers/identifiers associated to abuse reports in order to be able to differentiate them, which are typically included as part of the subject. Replies (either manual or automated) by the resource holder should maintain any identifiers used by the reporter, optionally adding their own one. And any reply by the abuse reporter should keep as well the identifier holding the ticket number on the resource holder system.» Best regards -- INCIBE-CERT - CERT of the Spanish National Cybersecurity Institute https://www.incibe-cert.es/ PGP Keys: https://www.incibe-cert.es/en/what-is-incibe-cert/pgp-public-keys INCIBE-CERT is the Spanish National CSIRT designated for citizens, private law entities, other entities not included in the subjective scope of application of the "Ley 40/2015, de 1 de octubre, de Régimen Jurídico del Sector Público", as well as digital service providers, operators of essential services and critical operators under the terms of the "Real Decreto-ley 12/2018, de 7 de septiembre, de seguridad de las redes y sistemas de información" that transposes the Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union.
[anti-abuse-wg] Agenda Update - Anti-Abuse WG Session @ RIPE78
Colleagues, Here is the latest agenda for the AA-WG Session, taking place in the Main Room at 09:00 GMT on Thursday 23rd May. Remote participation will be available, all of the details on ripe78.ripe.net A. Administrative Matters * Welcome * Scribe, Jabber, Stenography * Microphone Etiquette * Approve Minutes from RIPE 77 * Finalise agenda B. Update * B1. Recent List Discussion C. Policies - *C.1. RIPE NCC Update on 2017-02, Angela Dall'Ara - RIPE NCC *C.2. Policy Proposal 2019-03 - BGP Hijacking is a RIPE Policy Violation, Carlos Friacas, FCT | FCCN & Jordi Palet Martinez, The IPv6 Company *C.3. Policy Proposal 2019-04 - Validation of "abuse-mailbox", Jordi Palet Martinez, The IPv6 Company D. Interactions - E. Presentation - * E1. The Curious Case of Fake UK LIRs - Gaith Taha * E2. Domain Abuse Activity Reporting - Samaneh Tajalizadehkhoob X. A.O.B. Z. Agenda for RIPE 79 Brian Nisbet Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nis...@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270
Re: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Marco, Thanks for this, and thanks to Jordi for proposing it. We will be discussing this next week at RIPE 78, but time is tight and, of course, the important comments need to be on the mailing list, where the decision is made. As always the Co-Chairs hope for a respectful discussion on the proposal and we would ask everyone to be as clear as possible as to why they do or do not support it. Thanks, Brian Co-Chair, RIPE AA-WG Brian Nisbet Service Operations Manager HEAnet CLG, Ireland's National Education and Research Network 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland +35316609040 brian.nis...@heanet.ie www.heanet.ie Registered in Ireland, No. 275301. CRA No. 20036270 > -Original Message- > From: anti-abuse-wg On Behalf Of > Marco Schmidt > Sent: Thursday 16 May 2019 13:21 > To: anti-abuse-wg@ripe.net > Subject: [anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse- > mailbox") > > Dear colleagues, > > A new RIPE Policy proposal, 2019-04, "Validation of "abuse-mailbox"", is now > available for discussion. > > This proposal aims to have the RIPE NCC validate "abuse-c:" information > more often, and introduces a new validation process that requires manual > input from resource holders. > > You can find the full proposal at: > https://www.ripe.net/participate/policies/proposals/2019-04 > > As per the RIPE Policy Development Process (PDP), the purpose of this four- > week Discussion Phase is to discuss the proposal and provide feedback to the > proposer. > > At the end of the Discussion Phase, the proposer, with the agreement of the > Anti-Abuse Working Group Chairs, decides how to proceed with the > proposal. > > We encourage you to review this proposal and send your comments to abuse...@ripe.net> before 14 June 2019. > > Kind regards, > > Marco Schmidt > Policy Officer > RIPE NCC > > Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum
[anti-abuse-wg] 2019-04 New Policy Proposal (Validation of "abuse-mailbox")
Dear colleagues, A new RIPE Policy proposal, 2019-04, "Validation of "abuse-mailbox"", is now available for discussion. This proposal aims to have the RIPE NCC validate "abuse-c:" information more often, and introduces a new validation process that requires manual input from resource holders. You can find the full proposal at: https://www.ripe.net/participate/policies/proposals/2019-04 As per the RIPE Policy Development Process (PDP), the purpose of this four-week Discussion Phase is to discuss the proposal and provide feedback to the proposer. At the end of the Discussion Phase, the proposer, with the agreement of the Anti-Abuse Working Group Chairs, decides how to proceed with the proposal. We encourage you to review this proposal and send your comments to before 14 June 2019. Kind regards, Marco Schmidt Policy Officer RIPE NCC Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum