If any odf you happen to get a phishing spam that looks anything like
this one:
https://pastebin.com/raw/1MJGMbUK
then please do report it to ab...@orange-business.com since the source
IP (212.234.232.249) belongs to Orange, as does the domain name
gmessaging.net (which someone @ Orange
Well if it's a fundamental right to do business, and someone can't do
business because their network is subject to a DDoS or their communication
medium (email) is spammed by someone from a network where the network
operator "ignores" abuse emails, and has to spend money sorting through
spam
Why would I ask about something I am posting as an individual in my personal
capacity?
I see great pains being taken to have NCC stay hands off and arms length from
abuse issues at its members. I understand the motivation.
However, being in a fiduciary role - with IPv4 being traded like
Nick Hilliard wrote:
> > and must not force the sender to use a form.
>
> It's not the job of the RIPE NCC to tell its members how to handle
> abuse reports, and it is beyond inappropriate for this working group
> to expect the RIPE NCC to withdraw numbering resources if member
> organisations
Suresh Ramasubramanian wrote on 29/04/2020 17:26:
Is there anything that stops NCC from doing additional due diligence
such as validating abuse issues along with the invalid contact
information etc, before taking such a decision?
Did you ask your corporate legal counsel for their opinion on
Hi,
On Wed, 29 Apr 2020, Nick Hilliard wrote:
Serge Droz via anti-abuse-wg wrote on 29/04/2020 16:55:
So, it's the security guys, saying
This may help a bit, but won't solve all problems.
+1 here.
versus the infrastructure operators saying
Beware! This it creating huge costs
Is there anything that stops NCC from doing additional due diligence
such as validating abuse issues along with the invalid contact
information etc, before taking such a decision?
On Wed, Apr 29, 2020 at 9:52 PM Nick Hilliard wrote:
>
> Serge Droz via anti-abuse-wg wrote on 29/04/2020 16:55:
> >
Serge Droz via anti-abuse-wg wrote on 29/04/2020 16:55:
So, it's the security guys, saying
This may help a bit, but won't solve all problems.
versus the infrastructure operators saying
Beware! This it creating huge costs and will not help at all, and
answering two mails a year will be
Elad
You are entitled to your opinion however while what you describe might be
attractive to you it is not attractive or anyway useful to companies such as
ourselves.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com
Elad
I strongly oppose this concept.
It’s not up to RIPE to run this and we don’t pay RIPE fees to have them waste
resources on this kind of thing.
It’s an extra overhead for RIPE, for our staff and for reporters and it would
be bring little to no value.
Regards
Michele
--
Mr Michele
So, it's the security guys, saying
This may help a bit, but won't solve all problems.
versus the infrastructure operators saying
Beware! This it creating huge costs and will not help at all, and
answering two mails a year will be our ruin.
Sadly, this list is run by Naj sayers.
Serge
No No,
Ripe, within the yearly ~30M Euros expenses of it, is able to create such
system (an organization with expenses of 1% of it is able to create such system
with a small part of its expenses budget).
That kind of system can be over bgp anycast with multiple worldwide locations
and
Hi,
With this solution how to you propose that sub-allocated networks manage
the complaints? These networks are not typically and LIR so would have
no such access to an LIR based system.
The sub-allocated prefixes carry their own abuse-c which as pointed out
by Gert, already gets validated by
I like this approach, should be like what Elad Wrote:
To my opinion, Ripe should create its own anti-abuse system, each LIR will
have login access to it (LIR will be able to choose to receive notifications
through sms / email) and to mark each abuse complaint as resolved or not
(that system
... and all from a group of people who complain about having to check their
email account once every 12 months.
---
On Wed, Apr 29, 2020 at 10:34 PM Elad Cohen wrote:
> No No,
>
> Ripe, within the yearly ~30M Euros expenses of it, is able to create such
> system (an organization with expenses
Hi,
On Wed, Apr 29, 2020 at 01:44:42PM +0200, Serge Droz via anti-abuse-wg wrote:
> >> Coming from the incident response side, I'm tiered of people constantly
> >> telling me, that issues are not their problem
> >
> > How would this proposal help with said problem?
>
> - It will catch the cases
RIPE etc. are the ones themselves who refuse to introduce a centralised
system, because of related concerns.
It would be great, but then imagine if the spammers etc. DDoS that system
for as long as they want to abuse resources.
--
On Wed, Apr 29, 2020 at 9:18 PM Elad Cohen wrote:
> What
>> Coming from the incident response side, I'm tiered of people constantly
>> telling me, that issues are not their problem
>
> How would this proposal help with said problem?
>
- It will catch the cases where some miss configuration happened indeed
- It will make it impossible for orgs to
Hi,
On Wed, Apr 29, 2020 at 10:22:13AM +0200, Serge Droz via anti-abuse-wg wrote:
> Coming from the incident response side, I'm tiered of people constantly
> telling me, that issues are not their problem
How would this proposal help with said problem?
It wouldn't.
If people *want* to handle
What is this ?
"However, the community should report any situation to the RIPE NCC, which can
provide (anonymous) periodical statistics to the community, which can take
further decisions about that."
Ripe members are informers?
"divide and conquer" strategy ?
Abuse email addresses (just like
Hi All
I think this is a good policy.
We can always find use cases where it fails, but it will help in some
cases.
And if some one is not able to answer an e-mail every six month, there
are probably underlying issues. Also the argument, that the bad guys
flood the mailbox is not really
No point repeating Nick's points, but I agree.
The current proposal should be abandoned - it's not getting better with each
iteration
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com
https://blacknight.blog /
Hi,
On Wed, Apr 29, 2020 at 12:31:39PM +1000, No No wrote:
> I would also like to make another suggestion:
>
> That where the RIPE has to manually verify an abuse mailbox, the costs of
> that verification should be levelled against the resource holder as a fee,
> for example: $2 per IPv4 address
Hi,
On Wed, Apr 29, 2020 at 12:25:08PM +1000, No No wrote:
> So, what are you seriously suggesting? Because these people that become
> offended at the suggestion that it's unreasonable for someone to ensure an
> email address is valid once per year (very onerous i'm sure), never really
> say what
24 matches
Mail list logo