Hi all,
I'm working in a new version of the proposal 2019-04 (Validation of
"abuse-mailbox").
In the last discussion phase, the only detailed response to this proposal that
I got was from Carlos Friacas (which I will respond in detail later-on, as this
may also help to revive the discussion).
Hi Michele,
(changing the subject so we can correctly track this and following emails)
The last version is available here:
https://www.ripe.net/participate/policies/proposals/2019-04
But the goal of this discussion is to understand what the community want, for
making a new version.
I think we
Hi Jordi, all,
On Mon, Jan 13, 2020 at 6:58 AM JORDI PALET MARTINEZ via anti-abuse-wg <
anti-abuse-wg@ripe.net> wrote:
> Hi all,
>
> I'm working in a new version of the proposal 2019-04 (Validation of
> "abuse-mailbox").
>
> In the last discussion phase, the only detailed response to this proposa
well, not exactly as i see it. abuse-c: is the op's way of saying
"please send any abuse related information here." it is not a legal or
social contract to act on it (and i suspect that next year the wannabe
net police will want to enumerate exactly *how* they must act in 93
different circumstanc
In message <6afc7d17-bac4-464c-8af8-2ad852d39...@consulintel.es>,
JORDI PALET MARTINEZ wrote:
>I'm happy to hear other inputs, stats, data, etc.
Having only just read the proposal, my comments are few:
I do not understand parst of this, specifically:
Section 2.0 bullet point #2. What's wron
Hi Leo,
El 13/1/20 18:16, "Leo Vegoda" escribió:
Hi Jordi, all,
On Mon, Jan 13, 2020 at 6:58 AM JORDI PALET MARTINEZ via anti-abuse-wg
wrote:
Hi all,
I'm working in a new version of the proposal 2019-04 (Validation of
"abuse-mailbox").
In the last discussion phase, the only de
Hi Ronald,
El 13/1/20 22:34, "Ronald F. Guilmette" escribió:
In message <6afc7d17-bac4-464c-8af8-2ad852d39...@consulintel.es>,
JORDI PALET MARTINEZ wrote:
>I'm happy to hear other inputs, stats, data, etc.
Having only just read the proposal, my comments are few:
Hi Randy,
As I just said, ideally we should ask for abuse-c reports to be procesed, but I
know many folks don't like it.
But at least, we need to make sure that if you have an abuse-c, it is a "real"
and "working" one so you're able to actually send the reports there. If
ignored, that's anothe
On Mon, Jan 13, 2020 at 1:50 PM JORDI PALET MARTINEZ via anti-abuse-wg
wrote:
[...]
> I will love to have in the policy that they must be investigated and acted
> upon, but what I heard from the inputs in previous versions is that having
> that in policy is too much and no way to reach consens
In message <55d65bf8-a430-4bdc-ae58-63ff3dca4...@consulintel.es>,
JORDI PALET MARTINEZ wrote:
>Section 2.0 bullet point #2. What's wrong with web forms?
>
>If I need to use a web form, which is not standard, for every abuse report...
OHHH! Your proposal did not make it at all clea
Well, I do see the value of an option (a magic email value?) meaning "this
entity supports the use of its network for abusive purposes and will take no
action on any abuse report".
That would save time for everyone involved, and would allow to easily block
those networks from accesing ours!
In message
,
Leo Vegoda wrote:
>> I will love to have in the policy that they must be investigated and acted
>upon, but what I heard from the inputs in previous versions is that having
>that in policy is too much and no way to reach consensus
>
>I don't understand the value of requiring organiz
In message
,
=?utf-8?B?w4FuZ2VsIEdvbnrDoWxleiBCZXJkYXNjbw==?=
wrote:
>Well, I do see the value of an option (a magic email value?) meaning "this
>entity supports the use of its network for abusive purposes and will take no
>action on any abuse report".
>
>That would save time for everyone invo
I agree, perhaps these internet companies would be happy if it took 15 days for
each credit card payment to take place between that company and the customer
when a new customer uses their services?
- Original Message - Subject: Re: [anti-abuse-wg] working in
new version
Hi,
On Mon, Jan 13, 2020 at 03:11:23PM -0800, Leo Vegoda wrote:
> On Mon, Jan 13, 2020 at 1:50 PM JORDI PALET MARTINEZ via anti-abuse-wg
> wrote:
>
> [...]
>
> > I will love to have in the policy that they must be investigated and acted
> > upon, but what I heard from the inputs in previous ve
Hi Leo
El 14/1/20 0:11, "Leo Vegoda" escribió:
On Mon, Jan 13, 2020 at 1:50 PM JORDI PALET MARTINEZ via anti-abuse-wg
wrote:
[...]
> I will love to have in the policy that they must be investigated and
acted upon, but what I heard from the inputs in previous versi
Hi Ronald,
El 14/1/20 0:17, "anti-abuse-wg en nombre de Ronald F. Guilmette"
escribió:
In message <55d65bf8-a430-4bdc-ae58-63ff3dca4...@consulintel.es>,
JORDI PALET MARTINEZ wrote:
>Section 2.0 bullet point #2. What's wrong with web forms?
>
>If I need to use a
I think if we try to agree on those ratings, we will never reach consensus ...
So it is not just easier to ask the abuse-c mailboxes that don't want to
process to setup an autoresponder with an specific (standard) text about that,
for example:
"This is an automated convirmation that you reached
Hi,
On Tue, Jan 14, 2020 at 10:36:10AM +0100, JORDI PALET MARTINEZ via
anti-abuse-wg wrote:
> So it is not just easier to ask the abuse-c mailboxes that don't want to
> process to setup an autoresponder with an specific (standard) text about
> that, for example:
>
> "This is an automated convi
Hi,
On Tue, Jan 14, 2020 at 10:38:28AM +0100, Gert Doering wrote:
> On Tue, Jan 14, 2020 at 10:36:10AM +0100, JORDI PALET MARTINEZ via
> anti-abuse-wg wrote:
> > So it is not just easier to ask the abuse-c mailboxes that don't want to
> > process to setup an autoresponder with an specific (stand
Looks fine to me.
If we really think that the operators should be free from taking abuse reports,
then let's make it optional.
As said, I personally think that an operator responsibility is to deal with
abuse cases, but happy to follow what we all decide.
Regards,
Jordi
@jordipalet
El 14
Well the operators are already free to decide if and when they respond to abuse
reports.
But this farcical system should not be legitimised by weak imbeciles such as
those on this list.
- Original Message - Subject: Re: [anti-abuse-wg] working in
new version of 2019-04
Hi,
On Tue, Jan 14, 2020 at 10:50:58AM +0100, JORDI PALET MARTINEZ via
anti-abuse-wg wrote:
> Looks fine to me.
>
> If we really think that the operators should be free from taking abuse
> reports, then let's make it optional.
>
> As said, I personally think that an operator responsibility is
Hi,
On Tue, Jan 14, 2020 at 03:10:53AM -0700, Fi Shing wrote:
> weak imbeciles such as those on this list.
Wow. That's a new one on my list of things I've been called.
So thankful.
Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?
SpaceNet AG
Gert Doering wrote on 14/01/2020 10:19:
And if it's not going to have the desired effect, do not waste time on it.
More to the point, the RIPE number registry should not be used as a
stick for threatening to beat people up if they don't comply with our
current favourite ideas about how to man
On Tue, 14 Jan 2020, Nick Hilliard wrote:
Gert Doering wrote on 14/01/2020 10:19:
And if it's not going to have the desired effect, do not waste time on it.
More to the point, the RIPE number registry should not be used as a stick for
threatening to beat people up if they don't comply wit
In message <671286eb-7fad-4d70-addd-efa0a680b...@consulintel.es>,
JORDI PALET MARTINEZ via anti-abuse-wg wrote:
>>Section 3.0 part 3. Why on earth should it take 15 days for
>>anyone to respond to an email?? Things on the Internet happen
>>in millseconds. If a provider
In message <30174d32-225f-467e-937a-5bc42650f...@consulintel.es>,
JORDI PALET MARTINEZ via anti-abuse-wg wrote:
>I think if we try to agree on those ratings, we will never reach consensus
Right, and that was a part of my point about eBay-like feedback ratings
for resource holders, i.e. "Let's n
On Tue, Jan 14, 2020 at 1:48 AM Gert Doering wrote:
[...]
> A much simpler approach would be to make abuse-c: an optional attribute
> (basically, unrolling the "mandatory" part of the policy proposal that
> introduced it in the first place)
This seems like a simple approach for letting network
Am 14.01.20 um 13:10 schrieb Ronald F. Guilmette:
> [...]
> So, my solution is just don't. Let the whole planet vote on whether
> they think this provider or that provider are ***heads, and let the
> chips fall where they may.
>
> I'm not saying that even this idea would neessarily be piece-of-cak
In message ,
Hans-Martin Mosner wrote:
>While this would probably paint a pretty solid picture of which network o=
>perators can be trusted and which can't,
>there's another point besides your valid concern about abusers gaming the=
> system: Whoever publishes the results of such
>user ratings w
Hi,
I obviously don't speak for the incident handling community, but i think
this (making it optional) would be a serious step back. The current
situation is already very bad when in some cases we know from the start
that we are sending (automated) messages/notices to blackholes.
To an ext
Hi,
On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
wrote:
> I obviously don't speak for the incident handling community, but i think
> this (making it optional) would be a serious step back. The current
> situation is already very bad when in some cases we know from
Hi All
So maybe a word from an "Incident Responder".
I do feel very much, that we should have an abuse conntact, and it
should be tested to wok, in the sense that some one reads the mail sent
there.
Here are my reasons:
- Having such a mailbox may increase the pressure for orgs to actually
do s
Hi,
On Wed, Jan 15, 2020 at 09:14:59AM +0100, Serge Droz via anti-abuse-wg wrote:
> I kind of don't buy into "There is no point on placing a burden on orgs
> that choose not to act".
This is not what I said. My stance on this is: placing extra burdens on
orgs *that do the right thing today* (wit
Hi Gert
Sorry I misunderstood you then. But honestly, this does not really place
a burden on you.
RIPE can automate this, and you simply reply to a message. We do this,
e.g. in TF-CSIRT twice a year, and it does help, event the good guys,
that realize they have an issue and did not receive their
Hi,
On Wed, Jan 15, 2020 at 09:24:21AM +0100, Serge Droz wrote:
> Sorry I misunderstood you then. But honestly, this does not really place
> a burden on you.
It does. Even if it's just 5 minutes per Mail - I need to train abuse
handlers what to do with this sort of message, etc.
> So I think t
Sent: 15 de janeiro de 2020 08:06
To: Carlos Friaças
Cc: Gert Doering ; anti-abuse-wg
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation
of "abuse-mailbox")
Hi,
On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
wrote:
> I obviousl
On Wed, 15 Jan 2020, Gert Doering wrote:
Hi,
Hi,
(please see inline)
On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
wrote:
I obviously don't speak for the incident handling community, but i think
this (making it optional) would be a serious step back. The cur
: Gert Doering ; anti-abuse-wg
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation
of "abuse-mailbox")
Hi,
On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
wrote:
I obviously don't speak for the incident handling community, but i
thi
In message <20200115080615.gq72...@space.net>,
Gert Doering wrote:
>So why is it preferrable to send mails which are not acted on, as
>opposed to "not send mail because you know beforehand that the other
>network is not interested"?
Not sure that I understand fully the context of the question h
In message <02d201d5cb84$89d6b950$9d842bf0$@makeitsimple.pt>,
"=?iso-8859-1?Q?S=E9rgio_Rocha?=" wrote:
>Maybe we can change the approach.
>If RIPE website had a platform to post abuse report, that send the email for
>the abuse contact, it will be possible to evaluate the responsiveness of the
>a
Serge Droz via anti-abuse-wg wrote on 15/01/2020 08:24:
So the extra work is what, 10 minutes / year, if the system is setup
properly?
Serge,
The policy proposal here is: if the registry doesn't comply, then it is
in explicit violation of RIPE policies.
According to the "Closure of Members,
Hi Nick,
Not really, I think you're reading a different text ... I'm not intending to
ask RIPE to verify if the operators resolve the abuse cases.
The point here is to amend the existing policy to do a *good* validation of the
abuse mailbox.
The actual policy only makes a "technical" validatio
JORDI PALET MARTINEZ via anti-abuse-wg wrote on 15/01/2020 12:38:
and allows sending abuse reports
You're demanding that resource holders handle abuse reports by email and
how to handle that mailbox, i.e. telling them how to run their businesses.
It's not appropriate for the RIPE NCC to get
nal Message-
> From: anti-abuse-wg On Behalf Of
> Ronald F. Guilmette
> Sent: Wednesday 15 January 2020 01:52
> To: anti-abuse-wg@ripe.net
> Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of
> "abuse-mailbox")
>
> In message ,
> Hans
In message <44130.1579053...@segfault.tristatelogic.com>, Ronald F.
Guilmette writes
>That comment, and that concern, certainly does not seem to apply in any
>country in which either eBay or TripAdvisor operate.
>
>Do you folks on your side of the pond not receive eBay? Are you not able to
>view
In message <02d201d5cb84$89d6b950$9d842bf0$@makeitsimple.pt>, =?iso-
8859-1?Q?S=E9rgio_Rocha?= writes
>Maybe we can change the approach.
>If RIPE website had a platform to post abuse report, that send the email for
>the abuse contact, it will be possible to evaluate the responsiveness of the
>abu
Applause.
--srs
From: anti-abuse-wg on behalf of Richard
Clayton
Sent: Wednesday, January 15, 2020 8:32 PM
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of
"abuse-mailbox")
In message <
, January 15, 2020 6:35 PM
To: Ronald F. Guilmette; anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of
"abuse-mailbox")
Folks,
While not attempting to discuss the merits or otherwise of a reputation system
(other than the fact I'
+1000
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
https://blacknight.blog/
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
---
On Wed, Jan 15, 2020 at 12:16 AM Serge Droz via anti-abuse-wg
wrote:
[...]
> - Lastly: It makes our life as Incident responders easier to have a
> uniform way of sending reports, even if not all of them are followed up.
This is an excellent point but e-mail is probably not the right medium
for
On Wed, Jan 15, 2020 at 9:25 AM Jeffrey Race wrote:
>
> e-mail must be allowed because most victims
> are not organizations but individual net users
E-mail does not scale well. It was great in the 1990s, when the
Internet was smaller and people knew each other. About half the
world's population n
> To an extreme, there should always be a known contact responsible for
> any network infrastructure.
there are, admin and tech
randy, not advocating for or against abuse-c
> The policy proposal here is: if the registry doesn't comply, then it
> is in explicit violation of RIPE policies.
>
> According to the "Closure of Members, Deregistration of Internet
> Resources and Legacy Internet Resources" document (currently RIPE
> 716), if you don't comply with RIPE policie
On Wed, Jan 15, 2020 at 11:02 AM Jeffrey Race wrote:
[...]
> Aside from the reciprocity issue, it's a basic engineering rule
> that systems target their goal only when a corrective
> feedback path exists.
That feedback path does not need to be a personally written e-mail.
Instead, it is possibl
Hi,
On Wed, Jan 15, 2020 at 11:45:10AM -0800, Leo Vegoda wrote:
> While I would accept Gert's proposal for making abuse-c an optional
> attribute, the reason I offered a counter proposal for publishing "a
> statement to the effect that the network operator does not act on
> abuse reports" is to ad
On Wed, Jan 15, 2020 at 2:46 PM Leo Vegoda wrote:
>
> On Wed, Jan 15, 2020 at 11:02 AM Jeffrey Race wrote:
>
> [...]
>
> > Aside from the reciprocity issue, it's a basic engineering rule
> > that systems target their goal only when a corrective
> > feedback path exists.
>
> That feedback path doe
This is the key point.
We already agreed to have a mandatory abuse-c.
We can change our mind and make it optional.
But one way or the other, should be a *real* one. A validation that can be
faked just using (for example) Carlos email, is not a good procedure. It
doesn't make sense at all.
We
I couldn't stop laughing for more than 30 minutes ... this is what they call
(and they pay for) laughter therapy ?
Tks!
El 14/1/20 12:52, "anti-abuse-wg en nombre de Ronald F. Guilmette"
escribió:
In message <671286eb-7fad-4d70-addd-efa0a680b...@consulintel.es>,
JORDI PALET MART
In message <9ew8xocpiyhef...@highwayman.com>,
Richard Clayton wrote:
>these (which are the most interesting parts of the Communications
>Decency Act that did not get invalidated by the application of the First
>Amendment which swept away much of it) provide a safe harbour for the
>people operati
Hi Ronald,
El 14/1/20 13:10, "anti-abuse-wg en nombre de Ronald F. Guilmette"
escribió:
In message <30174d32-225f-467e-937a-5bc42650f...@consulintel.es>,
JORDI PALET MARTINEZ via anti-abuse-wg wrote:
>I think if we try to agree on those ratings, we will never reach consensu
In my opinion, the actual situation is the worst. We are validating over
"nothing". We don't know how many of the "validated" mailboxes are real, or
even read, full, etc.
I will prefer a mandatory abuse-c which is validated in the way I'm proposing,
as it is being done in ARIN and APNIC and soo
Exactly 2 minutes a year (1 minute each time you click the link in the email
from RIPE NCC).
And because you invest 2 minutes a year, you will save a lot of time (many
hours/days) yourself, trying to report abuses to invalid mailboxes!
El 15/1/20 9:24, "anti-abuse-wg en nombre de Serge Droz
What we do today is not a validation if I can use Gert or Serge or any "null"
email in all my abuse contacts and nobody notice it, and then you start getting
abuse reports from other folks ... This is creating lots of wasted time to both
you and the abuse case reporters.
El 15/1/20 9:59, "an
Hi Leo,
El 15/1/20 18:09, "anti-abuse-wg en nombre de Leo Vegoda"
escribió:
On Wed, Jan 15, 2020 at 12:16 AM Serge Droz via anti-abuse-wg
wrote:
[...]
> - Lastly: It makes our life as Incident responders easier to have a
> uniform way of sending reports, even if
Hi,
On Wed, 15 Jan 2020, JORDI PALET MARTINEZ via anti-abuse-wg wrote:
In my opinion, the actual situation is the worst. We are validating over "nothing". We
don't know how many of the "validated" mailboxes are real, or even read, full, etc.
I will prefer a mandatory abuse-c which is vali
Hi Warren,
When some operators aren't responding to abuse cases, or when they are bouncing
emails, or you get a response from someone telling "sorry I'm not the right
contact for this, the email is mistaken", and many other similar situations ...
the operator is telling you "we don't care about
On Wed, Jan 15, 2020 at 10:41:54PM +0100, JORDI PALET MARTINEZ via
anti-abuse-wg wrote:
> Exactly 2 minutes a year (1 minute each time you click the link in the
> email from RIPE NCC).
>
> And because you invest 2 minutes a year, you will save a lot of time
> (many hours/days) yourself, trying to
Hi Job,
You need to have that process already for ARIN and APNIC, and once implemented
LACNIC.
The process is the same. You implement it once (I'm not counting the minutes
that can take to implement it) and it seems simple to me: the abuse-mailbox get
twice a year a verification email, a respo
In message
Leo Vegoda wrote:
>E-mail does not scale well. It was great in the 1990s, when the
>Internet was smaller and people knew each other. About half the
>world's population now has some sort of Internet connectivity.
>Expecting organizations to be able to understand reports from such a
>d
Hi Carlos,
El 15/1/20 22:58, "Carlos Friaças" escribió:
Hi,
On Wed, 15 Jan 2020, JORDI PALET MARTINEZ via anti-abuse-wg wrote:
> In my opinion, the actual situation is the worst. We are validating over
"nothing". We don't know how many of the "vali
crime, it cannot do it for non payment.
or is non-payment more serious than a DDoS attack?
- Original Message ----- Subject: Re: [anti-abuse-wg] working in
new version of 2019-04 (Validation of "abuse-mailbox")
From: "Gert Doering"
Date: 1/14/20 9:19 pm
To
t; on this list (probably cyber criminals
or are paid by cyber criminals to weaken policy) come here and say this garbage.
- Original Message - Subject: Re: [anti-abuse-wg] working in
new version of 2019-04 (Validation of "abuse-mailbox")
From: "Sérgio Rocha&quo
correction: year 2020*
- Original Message - Subject: Re: [anti-abuse-wg] working in
new version of 2019-04 (Validation of "abuse-mailbox")
From: "Fi Shing"
Date: 1/16/20 10:03 am
To: "anti-abuse-wg@ripe.net"
Sergio, that would make too much sen
In message <58ece9f6-4d64-4315-8ee5-88574f6b4...@consulintel.es>,
JORDI PALET MARTINEZ wrote:
>Right, and that was a part of my point about eBay-like feedback ratings
>for resource holders, i.e. "Let's not even try."
>Instead, let the people decide. Let anyone register a feedback po
In message <68c5238d-b796-45b9-8735-5849140dc...@consulintel.es>,
JORDI PALET MARTINEZ wrote:
>When some operators aren't responding to abuse cases, or when they are boun=
>cing emails, or you get a response from someone telling "sorry I'm not the =
>right contact for this, the email is mistaken
In message <20200115155949.af7f9f79718891d8e76b551cf73e1563.e548b98006.mailapi@
email19.asia.godaddy.com>, "Fi Shing" wrote:
>That is the most stupid thing i've read on this list.
Well, I think you shouldn't be quite so harsh in your judgement. It is
not immediately apparent that you have been
In message <49348.1579123...@segfault.tristatelogic.com>, Ronald F.
Guilmette writes
>I reiterate and slightly rehprase my question:
>
>Do you people in within the RIPE region see, or not see critical reviews
>on, for example, eBay, TripAdvisor, etc?
we do, but we do not see material which is li
In message ,
Richard Clayton wrote:
>bottom line is that if you want to run a reputation site and not be
>under an obligation to remove libellous material (not fair comment) you
>would be unwise to do it outside the USA
As much as I would like to claim, on behalf of my countrymen, an absolutely
Hi Jordi,
On Wed, Jan 15, 2020 at 1:54 PM JORDI PALET MARTINEZ
wrote:
[...]
> This is an excellent point but e-mail is probably not the right medium
> for that. Standardizing protocols for reporting abuse - and therefore
> acting on those reports more quickly - would be far more hel
e: [anti-abuse-wg] working in
new version of 2019-04 (Validation of "abuse-mailbox")
From: "Ronald F. Guilmette"
Date: 1/16/20 11:47 am
To: "anti-abuse-wg@ripe.net"
In message <20200115155949.af7f9f79718891d8e76b551cf73e1563.e548b98006.mailapi@
email19.asia.g
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of
"abuse-mailbox")
>> Best not to judge the race until it has been fully run.
I just do not understand how anyone on this list (other than a criminal or a
business owner that wants to reduce over heads
Hi All
I think we already spent way more executive time on this thread than it
would cost us to verify e-mail addresses.
I agree e-mail does not solve all the problems. It's hard to
automatically process, .
But it is simple to use, and from my work as an incident handler it did
do me good in
In message <4be52277-cecb-603f-6840-4ee76245b...@first.org>,
Serge Droz wrote:
>I think we already spent way more executive time on this thread than it
>would cost us to verify e-mail addresses.
I think that I may cut that out, print it in a 48-point type face, have
it framed, and hang it on my
- Original Message -----
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of
"abuse-mailbox")
From: "Ronald F. Guilmette" mailto:r...@tristatelogic.com> >
Date: 1/16/20 11:47 am
To: "anti-abuse-wg@ripe.net <mailto:anti-abuse-w
In message <077501d5cc69$d9427020$8bc75060$@makeitsimple.pt>,
"=?iso-8859-1?Q?S=E9rgio_Rocha?=" wrote:
>Agree, This anti-abuse list seems the blocking group to any anit-abuse
>response measure.
>
>It's amazing that nobody cant propose anything without receiving a
>shower of all sorts of argument
On Thu, Jan 16, 2020 at 12:38:26PM -, Srgio Rocha wrote:
It's amazing that nobody cant propose anything without receiving a shower of
all sorts of arguments against
It's called "democracy". As Chuchill said, it's an awful system
but better than any other that have been tried.
rgds,
Sasch
> It would be interesting if a large number of people who actually work
> for the security / infosec / abuse teams of various ripe members were
> to attend the aawg meetings instead of a clutch of mostly IP / dns /
> network people.
did. a couple of interesting presos, but the plural of anecdote
I'm completely with you.
For our US-AS i verify my contact once a year: open the mail, click the
link, verify my data and that's it. You don't even need 5 minutes for it.
If you have an automation fpr your abuse mails? Ok, you have to adjust
your configuration a little bit but you have to do this
Hi All
How about we just try this for a year and then take stock?
Best
Serge
On 16/01/2020 18:07, Andreas Worbs wrote:
> I'm completely with you.
>
> For our US-AS i verify my contact once a year: open the mail, click the
> link, verify my data and that's it. You don't even need 5 minutes for
@ripe.net
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of
"abuse-mailbox")
> It would be interesting if a large number of people who actually work
> for the security / infosec / abuse teams of various ripe members were
> to attend the aawg meetings ins
Re: [anti-abuse-wg] working in new version of 2019-04 (Validation
of "abuse-mailbox")
Hi,
On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
wrote:
> I obviously don't speak for the incident handling community, but i
> think this (making it opt
Hi,
a few points:
The “abuse-mailbox:” attribute must be available in an unrestricted way
via whois, APIs and future techniques.
I'd explicitly mention RDAP here. It's not a future technique any more
Confirm that the resource holder understands the procedure and the policy,
th
ges the reports
and even who does not respond at all.
Sérgio
-Original Message-
From: anti-abuse-wg [mailto:anti-abuse-wg-boun...@ripe.net] On Behalf Of
Gert Doering
Sent: 15 de janeiro de 2020 08:06
To: Carlos Friaças
Cc: Gert Doering ; anti-abuse-wg
Subject: Re: [anti-abuse-wg] working in
Hi Alessandro,
El 17/1/20 10:24, "anti-abuse-wg en nombre de Alessandro Vesely"
escribió:
Hi,
a few points:
The “abuse-mailbox:” attribute must be available in an unrestricted way
via whois, APIs and future techniques.
I'd explicitly mention RDAP h
wner. After
> some
> time with this evaluations we would easy to realize who manages the reports
> and even who does not respond at all.
>
> Sérgio
>
>
> -Original Message-
> From: anti-abuse-wg [mailto:anti-abuse-wg-boun...@ripe.net] On Behalf Of
> Gert Doering
use could assess not only the response but
> also the effectiveness of the actions taken by the network owner. After some
> time with this evaluations we would easy to realize who manages the reports
> and even who does not respond at all.
>
> Sérgio
>
>
> -Original
Sent: 15 de janeiro de 2020 08:06
To: Carlos Friaças
Cc: Gert Doering ; anti-abuse-wg
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation
of "abuse-mailbox")
Hi,
On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
wrote:
> I obviously don&
99 matches
Mail list logo
