Re: [anti-abuse-wg] Proposal: Publish effective users' abuse-c
> This bit is not possible. The "abuse-c:" attribute is 'single'. So the > resource object can only ever reference one abuse contact. Thanks Denis. abuse-c arity is a point I was dubious about. Thus, it is not currently possible to publish an abuse-c with the customer address and keep the ISP copied at the same time, as desired. In order to know what is being sent thete, the ISP needs to provide its own address and (if appropriate) forward complaints received there to the customer. Best regards -- INCIBE-CERT - Spanish National CSIRT https://www.incibe-cert.es/ PGP keys: https://www.incibe-cert.es/en/what-is-incibe-cert/pgp-public-keys INCIBE-CERT is the Spanish National CSIRT designated for citizens, private law entities, other entities not included in the subjective scope of application of the "Ley 40/2015, de 1 de octubre, de Régimen Jurídico del Sector Público", as well as digital service providers, operators of essential services and critical operators under the terms of the "Real Decreto-ley 12/2018, de 7 de septiembre, de seguridad de las redes y sistemas de información" that transposes the Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union. In compliance with the General Data Protection Regulation of the EU (Regulation EU 2016/679, of 27 April 2016) we inform you that your personal and corporate data (as well as those included in attached documents); and e-mail address, may be included in our records for the purpose derived from legal, contractual or pre-contractual obligations or in order to respond to your queries. You may exercise your rights of access, correction, cancellation, portability, limitationof processing and opposition under the terms established by current legislation and free of charge by sending an e-mail to d...@incibe.es. The Data Controller is S.M.E. Instituto Nacional de Ciberseguridad de España, M.P., S.A. More information is available on our website: https://www.incibe.es/proteccion-datos-personales and https://www.incibe.es/registro-actividad. -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
Re: [anti-abuse-wg] Proposal: Publish effective users' abuse-c
Hi Angel On Sat, 22 Jan 2022 at 21:47, Ángel González Berdasco wrote: > > Alessandro Vesely wrote: > > > > And, if yes, would it be acceptable by the resource holder or are > > > > there > > > > contractual impediments? Finally, if feasibility is ok, would > > > > operators > > > > take advantage of it or is it only me? > > > > > > > If you are talking about adding extra abuse addresses to assignment > > > objects by agreement with the resource holder, as I explained, that > > > is > > > possible now by simply adding an abuse-c to the assignment . > > > > > > Except that I don't have write access to the assignment object. > > > > > > Best > > Ale > > > I'm not an expert on all the supported RIPE db details, but I think you > could have an abuse contact object, that you could modify, This bit is possible. The ROLE object containing the "abuse-mailbox:" can be maintained by the end user so they can set their own email address and change it whenever they wish. > with the > main resource linking to your abuse contact plus the ISP one. This bit is not possible. The "abuse-c:" attribute is 'single'. So the resource object can only ever reference one abuse contact. cheers denis co-chair DB-WG > > I find that abuse contacts are fairly static ones (if not directly > following rfc2142), so the client need to write to it is probably not a > very relevant use case. Maybe some weird setup, such as if you wanted > to present a dynamic abuse contact that changed every day- > > -- > INCIBE-CERT - Spanish National CSIRT > https://www.incibe-cert.es/ > > PGP keys: https://www.incibe-cert.es/en/what-is-incibe-cert/pgp-public-keys -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
Re: [anti-abuse-wg] Proposal: Publish effective users' abuse-c
Alessandro Vesely wrote: > > > And, if yes, would it be acceptable by the resource holder or are > > > there > > > contractual impediments? Finally, if feasibility is ok, would > > > operators > > > take advantage of it or is it only me? > > > > > If you are talking about adding extra abuse addresses to assignment > > objects by agreement with the resource holder, as I explained, that > > is > > possible now by simply adding an abuse-c to the assignment . > > > Except that I don't have write access to the assignment object. > > > Best > Ale I'm not an expert on all the supported RIPE db details, but I think you could have an abuse contact object, that you could modify, with the main resource linking to your abuse contact plus the ISP one. I find that abuse contacts are fairly static ones (if not directly following rfc2142), so the client need to write to it is probably not a very relevant use case. Maybe some weird setup, such as if you wanted to present a dynamic abuse contact that changed every day- -- INCIBE-CERT - Spanish National CSIRT https://www.incibe-cert.es/ PGP keys: https://www.incibe-cert.es/en/what-is-incibe-cert/pgp-public-keys INCIBE-CERT is the Spanish National CSIRT designated for citizens, private law entities, other entities not included in the subjective scope of application of the "Ley 40/2015, de 1 de octubre, de Régimen Jurídico del Sector Público", as well as digital service providers, operators of essential services and critical operators under the terms of the "Real Decreto-ley 12/2018, de 7 de septiembre, de seguridad de las redes y sistemas de información" that transposes the Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union. In compliance with the General Data Protection Regulation of the EU (Regulation EU 2016/679, of 27 April 2016) we inform you that your personal and corporate data (as well as those included in attached documents); and e-mail address, may be included in our records for the purpose derived from legal, contractual or pre-contractual obligations or in order to respond to your queries. You may exercise your rights of access, correction, cancellation, portability, limitationof processing and opposition under the terms established by current legislation and free of charge by sending an e-mail to d...@incibe.es. The Data Controller is S.M.E. Instituto Nacional de Ciberseguridad de España, M.P., S.A. More information is available on our website: https://www.incibe.es/proteccion-datos-personales and https://www.incibe.es/registro-actividad. -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
Re: [anti-abuse-wg] Proposal: Publish effective users' abuse-c
On Fri 21/Jan/2022 14:21:41 +0100 Hans-Martin Mosner wrote: Am 20.01.22 um 13:37 schrieb Alessandro Vesely: However, it is the ISPs' customers who are the effective users of those IPs. Any complaint, whether reporting spam or botnet activity, can probably be handled more effectively by the people who run the systems connected to a given IP than the actual owner. In a considerable amount of cases, the ISP's customer is also the spammer. I would prefer not to talk to them when complaining about their behavior - in the best case, they will ignore me, in the worst case, they might do something in revenge. That makes sense when you're reporting spam. Botnet activity differs. If RDAP data allows to recognize which abuse contact belongs to which kind of operator, tools can accept options to output either one or both. The IP owner is the one who can pull the plug on misbehaving customers. As it is much easier to identify IP owners, I can collect reputation data about who I can trust to handle my abuse complaint responsibly, who will just ignore it, who will forward it unedited to their customer. Depending on this assessment of their trustworthiness, I will or won't report. Wow! I just collect those which bounce. Some send some feedback, and in a minority of those cases I seem to be able to grasp that they actually do something to mitigate reported abuse. There are very few cases where reporting to end users makes much sense. Either they operate their system responsibly including monitoring the mail rejects and bounces, then they already know there's something that needs to be fixed, or they don't, and most often don't care, and my complaint will probably not change that. Some operators say they refuse abuse reporting by email because they want complainants to fill web forms. Of course, web forms have fields that provide for better handling. However, the only handling I can think of is to associate the IP field to the corresponding customer and automatically forward the complaint there. That could be done by RDAP. Best Ale -- -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg
Re: [anti-abuse-wg] Proposal: Publish effective users' abuse-c
Hi, On Fri 21/Jan/2022 19:40:40 +0100 denis walker wrote: On Fri, 21 Jan 2022 at 13:03, Alessandro Vesely wrote: The idea is to add extra addresses to assignment objects, irrespective of the resource holder, based on the wish of its customer who is actually connected to the resource. Would that be at all possible? When you say " irrespective of the resource holder, based on the wish of its customer" do you mean without their consent or control? That is not possible as they maintain the assignment object. I would also say it is not desirable. That would allow an abuser to override the resource holders abuse-c and ignore all abuse reports. Yes, I meant extra attributes linked to the assignment object. If it's not possible let's just forget it. And, if yes, would it be acceptable by the resource holder or are there contractual impediments? Finally, if feasibility is ok, would operators take advantage of it or is it only me? > If you are talking about adding extra abuse addresses to assignment objects by agreement with the resource holder, as I explained, that is possible now by simply adding an abuse-c to the assignment . Except that I don't have write access to the assignment object. Best Ale -- -- To unsubscribe from this mailing list, get a password reminder, or change your subscription options, please visit: https://lists.ripe.net/mailman/listinfo/anti-abuse-wg