Re: [anti-abuse-wg] Someone on this list has been hacked

2022-04-14 Thread Rob Evans 
Hi Hans-Martin,

> looks like someone on this list had their PC and/or mailbox hacked, I got a 
> "reply" to one of my mails trying to make me open some link (probably 
> malware). This stuff is pretty common, but it feels a bit weird that it 
> happened through someone who's active in anti-abuse and presumably not a noob 
> :-)

I received a similar message on Monday supposedly ‘in reply to’ a message I 
sent to the list nearly two years ago.

It may not be a list subscriber’s mailbox that has been hacked, it may just be 
using a public archive of the list.  Whilst the “real name” in the From: field 
was indeed the person I was replying to at the time (Suresh), the sender’s 
email address did not match the name.

In my case the spam message originated from:
> Received: from beatingart.com ([62.113.107.99])

The sending IP address matches the SPF record for beatingart.com and from a 
quick check doesn’t seem to be on the major block lists, so it could well be a 
user in that domain has been compromised via phishing or some other means…

I must admit I had just deleted the message at the time, but perhaps worth 
following up with , assuming your message matches the details 
of mine.

Cheers,
Rob

-- 

To unsubscribe from this mailing list, get a password reminder, or change your 
subscription options, please visit: 
https://lists.ripe.net/mailman/listinfo/anti-abuse-wg

Re: [anti-abuse-wg] 2019-04 Discussion Phase (Validation of "abuse-mailbox")

2020-05-11 Thread Rob Evans 
Hi Suresh,

> All I am asking is that cobblers stick to their last. People with
> backgrounds in routing and networking are not necessarily the people
> in their organizations that handle abuse issues.

As I'm sure you're aware, the RIPE working groups are open to all
(regardless of any organisation's membership of the RIPE NCC or not,
or location in the traditional service area of the RIPE NCC), and I
would expect the Anti-Abuse Working Group to have reasonable
representation from those dealing with abuse issues.

I don't wish to speak for the co-chairs, but if those people aren't
represented I am sure they'd be welcome to take part in the working
group!

Equally, people working in dealing with abuse issues are welcome to
contribute to discussions on routing, networking, and re-soling shoes.

Cheers,
Rob

Re: [anti-abuse-wg] Status of Proposal 2017-02

2018-03-06 Thread Rob Evans 
Hi, “Name”,

> and when does the outcome become decided?

As the young lad said, he’d get back to the WG with the decision about whether 
consensus has been reached at the end of the review phase this week.

The remaining timetable is described here:


In short, if Brian decides that consensus has been reached it moves to a four 
week “concluding” phase.  If consensus hasn’t been reached it can either be 
withdrawn, or returned to one of the earlier phases.

Cheers,
Rob



signature.asc
Description: Message signed with OpenPGP

Re: [anti-abuse-wg] anti-abuse-wg Digest, Vol 63, Issue 12

2017-02-13 Thread Rob Evans 
Marilson,

> How do you know what I wrote considering that my message about "Why SPAM 
> exists" has not been published? If so, why did not I get it in my mail?

Either we are all exceptionally good at extra-sensory perception, or your 
emails are coming through to the list.  However, you appear to be subscribed to 
the ‘digest’ version rather than the main discussion list, which will result in 
a delay to you (and the rest of the subscribers) receiving your own messages, 
and often makes it difficult to understand which message in particular you’re 
replying to.

You can, of course, manage your subscription:


Regards,
Rob

Re: [anti-abuse-wg] DNS Abuse, Abuse of Privacy & Legitimizing Criminal Activity

2017-01-04 Thread Rob Evans 

Hi,


The presumed draft you're unhappy about
(https://datatracker.ietf.org/doc/draft-vixie-dns-rpz/) is
informational. It is not a standard.


not yet a standard. operational word, I guess, is yet. so there is
still time to create awareness and to speak out.


More than that, it hasn't yet been adopted by the dnsop working group in 
the IETF, where a similar discussion is happening, and I don't believe 
the authors have stated an aim for an individual submission RFC.


Raising awareness of RPZ is good, however it's an operational tool that 
many service providers and enterprises might want in their arsenal (even 
if as an opt-in).


The best place to discuss furthering (or otherwise) RPZ is likely to be 
on the IETF's dnsop list.


Cheers,
Rob

Re: [anti-abuse-wg] Definition of Abuse

2016-08-17 Thread Rob Evans 
> When anyone commits fraud to obtain a resource from RIPE, RIPE has the
> responsibility to file criminal charges against that criminal.
> 
> I am not saying that I think RIPE should file criminal charges, I am
> saying that not doing so is in itself a questionable action.

Well, to be pedantic, *criminal* charges are filed by the police
or other law-enforcment body, not by companies. :)

Rob

Re: [anti-abuse-wg] Abusive behavior by Google Inc

2016-04-14 Thread Rob Evans 
> so... exam...@gmail.com sends an email to mich...@blacknight.com
> 
> who bounces - "no such user"
> 
> Gmail sends bounce to exam...@gmail.com --- blacknight.com -- technical
> read error / technical failure blacknight.com

Isn't this more likely to be a bug or a mishandled error rather
than malevolence?

Rob