William Herrin wrote:
On Tue, Apr 15, 2008 at 8:49 PM, Martin Hannigan <[EMAIL PROTECTED]> wrote:
Abuse desk is a $0 revenue operation. Is it not obvious what the issue is?
Martin,
So is marketing, yet marketing does have an impact on revenue.
It can be useful to explain the abuse desk as
On Wed, Apr 16, 2008 at 03:39:05PM -0400, Joe Abley wrote:
>
> On 16 Apr 2008, at 13:33 , Simon Waters wrote:
>
> > Ask anyone in the business "if I want a free email account who do I
> > use.." and you'll get the almost universal answer Gmail.
>
> I think amongst those not in the business the
> Subject: Re: Abuse response [Was: RE: Yahoo Mail Update]
> From: [EMAIL PROTECTED]
> Date: Wed, 16 Apr 2008 12:02:02 -0400
>
> On Wed, 16 Apr 2008 00:38:33 CDT, Chris Boyd said:
>
> > - I'd like to see an actual response beyond an autoreply saying that you
> >
On 16 Apr 2008, at 13:33 , Simon Waters wrote:
Ask anyone in the business "if I want a free email account who do I
use.." and
you'll get the almost universal answer Gmail.
I think amongst those not in the business there are regional trends,
however. Around this neck of the woods (for som
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- [EMAIL PROTECTED] wrote:
> So what sort of response did you actually *want*?
Actually, I'm more concerned with alerting you that someone
inserted a nasty .js or iFrame on one of your websites and I'd
like to you to clean it up, thanks. ;-)
I'm
Dave Pooser wrote:
Handling the abuse desk well (or poorly) builds (or damages) the brand.
...among people who are educated among such things. Unfortunately, people
with clue are orders of magnitude short of a majority, and the rest of the
world (ie: potential customers) wouldn't know an abuse
On Wednesday 16 April 2008 17:47, Dave Pooser wrote:
>
> > It can be useful to explain the abuse desk as being just another form
> > of marketing, another form of reputation management that happens to be
> > specific to Internet companies.
>
> Is it?
.. SNIP good points about abuse desks ..
In
> It can be useful to explain the abuse desk as being just another form
> of marketing, another form of reputation management that happens to be
> specific to Internet companies.
Is it? I mean, I may know that (a hypothetical) example.com is a
pink-contract-signing batch of incompetents who spew
On Tue, Apr 15, 2008 at 8:49 PM, Martin Hannigan <[EMAIL PROTECTED]> wrote:
> Abuse desk is a $0 revenue operation. Is it not obvious what the issue is?
Martin,
So is marketing, yet marketing does have an impact on revenue.
It can be useful to explain the abuse desk as being just another form
On Wed, 16 Apr 2008 00:38:33 CDT, Chris Boyd said:
> - I'd like to see an actual response beyond an autoreply saying that you
> can't tell me who the customer is or what actions were taken.
Well, let's see. If you're reporting abuse coming from my AS, it's almost
certainly one of 2 things:
1)
edu
Subject: RE: Abuse response [Was: RE: Yahoo Mail Update]
> So how do the little guys play in this sandbox?
3rd-party aggregation. Where do RBLs get there data?
They act as a 3rd party to aggregate data from many others.
Consider this. Any single point source of abuse, say a single broadb
On Wed, Apr 16, 2008 at 11:07:42AM +0100, [EMAIL PROTECTED] wrote:
> If people had succeeded in cleaning up the abuse problems in 1995
> when the human touch was still feasible, we would not have the
> situation that we have today. Automation is the only way to address
> the flood of abuse email,
On Tue, Apr 15, 2008 at 08:49:39PM -0400, Martin Hannigan wrote:
> Abuse desk is a $0 revenue operation. Is it not obvious what the issue is?
Two points, the first of which is addressed to this and the second
of which is more of a recommended attitude.
1. There is no doubt that many operations
> So how do the little guys play in this sandbox?
3rd-party aggregation. Where do RBLs get there data?
They act as a 3rd party to aggregate data from many others.
> - It needs to be simple to use. Web forms are a non-starter.
If you have the ability to accept reports via an HTTP REST
applicati
On Tue, 2008-04-15 at 10:56 +0530, Suresh Ramasubramanian wrote:
> If you have high enough numbers of the stuff to report, do what large
> ISPs do among themselves, set up and offer an ARF'd / IODEF feedback
> loop or some other automated way to send complaints, that is machine
> parseable, and th
> Abuse desk is a $0 revenue operation. Is it not obvious what the issue is?
They're too busy spamming and phishing to respond to abuse reports?
brandon
Abuse desk is a $0 revenue operation. Is it not obvious what the issue is?
Some of the folks that are complaining about abuse response generate
revenue addressing these issues. Give me some of that. I'll give you
a priority line to the NOC.
Disclaimer; No offense intended to security providers
On Tue, 15 Apr 2008 19:14:52 EDT, Joe Abley said:
> The downside to such a plan from the customer's perspective is that
> I'm pretty sure most of us would have been really bad helpdesk people.
> There's a lot of skill in dealing with end-users that is rarely
> reflected in the org chart or p
On 15 Apr 2008, at 11:22 , William Herrin wrote:
There's a novel idea. Require incoming senior staff at an email
company to work a month at the abuse desk before they can assume the
duties for which they were hired.
At a long-previous employer we once toyed with the idea of having
everybod
> So, to bring this closer to nanog territory, it's a bit like
> saying that all the sales and customer support staff should
> be given enable access to your routers and encouraged to run
> them on a rotating basis, so that they understand the
> complexities of BGP and will better understand t
On Apr 15, 2008, at 11:54 AM, William Herrin wrote:
On Tue, Apr 15, 2008 at 2:04 PM, Steve Atkins <[EMAIL PROTECTED]>
wrote:
Unfortunately many of the skills required to be a competent abuse
desk
worker are quite specific to an abuse desk, and are not typically
possessed
by random techn
On Tue, Apr 15, 2008 at 2:04 PM, Steve Atkins <[EMAIL PROTECTED]> wrote:
> Unfortunately many of the skills required to be a competent abuse desk
> worker are quite specific to an abuse desk, and are not typically possessed
> by random technical staff.
Steve,
You don't, per chance, mean to su
On Tue, Apr 15, 2008 at 10:56:02AM +0530, Suresh Ramasubramanian wrote:
>
> On Tue, Apr 15, 2008 at 10:16 AM, Paul Ferguson <[EMAIL PROTECTED]> wrote:
> > As I mentioned in my presentation at NANOG 42 in San Jose, the
> > biggest barrier we face in shrinking the "time-to-exploit" window
> > wi
On Apr 15, 2008, at 10:33 AM, Rich Kulawiec wrote:
On Tue, Apr 15, 2008 at 11:22:59AM -0400, William Herrin wrote:
There's a novel idea. Require incoming senior staff at an email
company to work a month at the abuse desk before they can assume the
duties for which they were hired.
My hunch s
On Tue, Apr 15, 2008 at 11:22:59AM -0400, William Herrin wrote:
> There's a novel idea. Require incoming senior staff at an email
> company to work a month at the abuse desk before they can assume the
> duties for which they were hired.
>
> My hunch says that's a non-starter. It also doesn't keep
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- Joe Provo <[EMAIL PROTECTED]> wrote:
>It cannot be understated that even packet pushers and code grinders
who care get stranded in companies where abuse handling is deemed
by management to be a cost center that only saps resources. Paul,
you
William Herrin wrote:
Without conceding the garbage collection issue, let me ask you
directly: how do you propose to motivate qualified folks to keep
working the abuse desk?
Ask AOL?
-Jack
On Tue, Apr 15, 2008 at 10:55 AM, Marshall Eubanks
<[EMAIL PROTECTED]> wrote:
> On Apr 15, 2008, at 10:31 AM, William Herrin wrote:
> > how do you propose to motivate qualified folks to keep
> > working the abuse desk?
>
> That is a good question. (I feel sure that many actually doing the job
>
On Apr 15, 2008, at 10:31 AM, William Herrin wrote:
On Tue, Apr 15, 2008 at 10:00 AM, Marshall Eubanks
<[EMAIL PROTECTED]> wrote:
On Apr 15, 2008, at 9:43 AM, William Herrin wrote:
That is one place that modern antispam efforts fall apart. It's the
same problem that afflicts tech support in
On Tue, Apr 15, 2008 at 10:00 AM, Marshall Eubanks
<[EMAIL PROTECTED]> wrote:
>
> On Apr 15, 2008, at 9:43 AM, William Herrin wrote:
> > That is one place that modern antispam efforts fall apart. It's the
> > same problem that afflicts tech support in general. The problem exists
> > for the same
On Apr 15, 2008, at 9:43 AM, William Herrin wrote:
On Tue, Apr 15, 2008 at 8:34 AM, Rich Kulawiec <[EMAIL PROTECTED]> wrote:
- Automation is far less important than clue. Attempting to
compensate
for lack of a sufficient number of sufficiently-intelligent,
experienced,
diligent staff wit
On Tue, Apr 15, 2008 at 8:34 AM, Rich Kulawiec <[EMAIL PROTECTED]> wrote:
> - Automation is far less important than clue. Attempting to compensate
> for lack of a sufficient number of sufficiently-intelligent, experienced,
> diligent staff with automation is a known-losing strategy, as anyone
I largely concur with the points that Paul's making, and would
like to augment them with these:
- Automation is far less important than clue. Attempting to compensate
for lack of a sufficient number of sufficiently-intelligent, experienced,
diligent staff with automation is a known-losing strate
On Tue, Apr 15, 2008 at 12:31:33PM +0530, Suresh Ramasubramanian wrote:
>
> On Tue, Apr 15, 2008 at 11:55 AM, Paul Ferguson <[EMAIL PROTECTED]> wrote:
[snip]
> > It should be simple -- not require a freeking full-blown "standard".
>
> Its a standard. And it allows automated parsing of these com
do you remember the days when some of us would only take routing table
updates
from andrew partan, because we trusted him?
that's what it's like now wrt takedowns.
do not minimize the use of malicious takedowns by twits and bad guys,
who fabricate a report
of misfeasance to get their enem
Frank Bulk - iNAME wrote:
Yes, internet service providers and operators don't need to listen, but I
can't see how Yahoo's e-mail and abuse handling history arises out of good
business decisions.
How would Yahoo benefit from better staffing of their abuse desk? What
do they gain, besides th
On Tue, Apr 15, 2008 at 11:55 AM, Paul Ferguson <[EMAIL PROTECTED]> wrote:
> Really.
>
> How many people are actually doing IODEF?
>
> http://www.terena.org/activities/tf-csirt/iodef/
AISI - for example - and AISI feeds the top 25 australian ISPs - takes
IODEF as an input
And MAAWG does ARF,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Suresh Ramasubramanian" <[EMAIL PROTECTED]> wrote:
>Do ARF, do IODEF etc. You will find it much easier for abuse desks
>that care to process your reports. You will also find it easier to
>feed these into nationwide incident response / alert s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Suresh Ramasubramanian" <[EMAIL PROTECTED]> wrote:
>Do ARF, do IODEF etc. You will find it much easier for abuse desks
>that care to process your reports. You will also find it easier to
>feed these into nationwide incident response / alert s
On Tue, Apr 15, 2008 at 11:04 AM, Paul Ferguson <[EMAIL PROTECTED]> wrote:
> In fact, we have done just that -- develop a standard boilerplate
> very similar to what PIRT uses in its notification(s) to the
> stakeholders in phishing incidents.
The boilerplate is no damned use. PIRT - and you
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Suresh Ramasubramanian" <[EMAIL PROTECTED]> wrote:
>If you send reports with lots of legal boilerplate, or reports with
>long lectures on why you expect an INSTANT TAKEDOWN, and send them to
>a busy abuse queue, there is no way - and zero reaso
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Suresh Ramasubramanian" <[EMAIL PROTECTED]> wrote:
>If you send reports with lots of legal boilerplate, or reports with
>long lectures on why you expect an INSTANT TAKEDOWN, and send them to
>a busy abuse queue, there is no way - and zero reaso
On Tue, Apr 15, 2008 at 10:16 AM, Paul Ferguson <[EMAIL PROTECTED]> wrote:
> As I mentioned in my presentation at NANOG 42 in San Jose, the
> biggest barrier we face in shrinking the "time-to-exploit" window
> with regards to contacting people responsible for assisting in
> mitigating maliciou
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Paul Ferguson" <[EMAIL PROTECTED]> wrote:
>Mow, this has no bearing on the original subject (which I have now
>forgotten what it is -- oh yeah, something about Yahoo! mail), but
>it should be additional proof that the Bad Guys know how to
>mani
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- "Frank Bulk - iNAME" <[EMAIL PROTECTED]> wrote:
>72 hours to respond to e-mail sent to the abuse account? That's much too
long -- it should be at least a 4 hour response time during business hours,
and for service providers and operators large
y, April 13, 2008 4:11 PM
To: Rob Szarka
Cc: nanog@merit.edu
Subject: Re: Yahoo Mail Update
You can tell Earthlink whatever you want but it doesn't mean they need
to follow it. Please read my previous reply about business decisions.
I would agree that it is good for business to try and foll
On Mon, Apr 14, 2008 at 6:18 AM, Rich Kulawiec <[EMAIL PROTECTED]> wrote:
> On Sun, Apr 13, 2008 at 03:55:13PM -0500, Ross wrote:
> > Again I disagree with the principle that this list should be used for
> > mail operation issues but maybe I'm just in the wrong here.
>
> I don't think you're g
On Sun, Apr 13, 2008 at 03:55:13PM -0500, Ross wrote:
> Again I disagree with the principle that this list should be used for
> mail operation issues but maybe I'm just in the wrong here.
I don't think you're getting what I'm saying, although perhaps I'm
not saying it very well.
What I'm saying
On Sun, Apr 13, 2008 at 5:27 AM, Rob Szarka <[EMAIL PROTECTED]> wrote:
>
> At 01:58 AM 4/13/2008, you wrote:
>
> > Why should large companies participate here about mail issues? Last I
> > checked this wasn't the mailing list for these issues:
> >
>
> True, though some aspects of mail service ar
On Sun, Apr 13, 2008 at 3:24 PM, Rich Kulawiec <[EMAIL PROTECTED]> wrote:
>
> On Sun, Apr 13, 2008 at 12:58:59AM -0500, Ross wrote:
> > On Thu, Apr 10, 2008 at 8:54 PM, Rich Kulawiec <[EMAIL PROTECTED]> wrote:
>
> > > I heartily second this. Yahoo (and Hotmail) (and Comcast and Verizon)
> > >
On Sun, Apr 13, 2008 at 12:58:59AM -0500, Ross wrote:
> On Thu, Apr 10, 2008 at 8:54 PM, Rich Kulawiec <[EMAIL PROTECTED]> wrote:
> > I heartily second this. Yahoo (and Hotmail) (and Comcast and Verizon)
> > mail system personnel should be actively participating here, on mailop,
> > on spam-l,
At 08:49 AM 4/13/2008, Suresh Ramasubramanian wrote:
There are other lists, far more relevant than spam-l or nanae.
Feel free to suggest some that you feel would be more appropriate or
effective. Since reaching them via [EMAIL PROTECTED] or any of their
published phone numbers doesn't seem
On Sun, Apr 13, 2008 at 10:09 PM, Joel Jaeggli <[EMAIL PROTECTED]> wrote:
> MAAWG, is fine but the requirements for participation are substantially
> higher than the nanog list.
* Quite a lot of ISPs who already attend nanog are also maawg members
* Lots of independent tech experts (Dave Crocke
Suresh Ramasubramanian wrote:
On Sun, Apr 13, 2008 at 3:57 PM, Rob Szarka <[EMAIL PROTECTED]> wrote:
True, though some aspects of mail service are inextricably tied to broader
networking issues, and thus participation here might still benefit them. But
sadly Yahoo doesn't even seem to particip
On Sun, Apr 13, 2008 at 8:24 PM, Martin Hannigan <[EMAIL PROTECTED]> wrote:
> Having some provider or group(MAAWG?) explain the new and improved
> overhead driven mail/abuse desk would make an excellent NANOG
> presentation, IMHO, and it could include a V6 slant like "and to
> handle V6 abuse
On Sun, Apr 13, 2008 at 1:58 AM, Ross <[EMAIL PROTECTED]> wrote:
[ clip ]
> > I heartily second this. Yahoo (and Hotmail) (and Comcast and Verizon)
> > mail system personnel should be actively participating here, on mailop,
> > on spam-l, etc. A lot of problems could be solved (and some a
On Sun, Apr 13, 2008 at 3:57 PM, Rob Szarka <[EMAIL PROTECTED]> wrote:
> True, though some aspects of mail service are inextricably tied to broader
> networking issues, and thus participation here might still benefit them. But
> sadly Yahoo doesn't even seem to participate in more relevant forums
At 01:58 AM 4/13/2008, you wrote:
Why should large companies participate here about mail issues? Last I
checked this wasn't the mailing list for these issues:
True, though some aspects of mail service are inextricably tied to
broader networking issues, and thus participation here might still
On Thu, Apr 10, 2008 at 8:54 PM, Rich Kulawiec <[EMAIL PROTECTED]> wrote:
>
> On Thu, Apr 10, 2008 at 05:51:23PM -0700, chuck goolsbee wrote:
> > Thanks for the update Jared. I can understand your request to not be used
> > as a proxy, but it exposes the reason why Yahoo is thought to be cluele
On 4/10/08, chuck goolsbee <[EMAIL PROTECTED]> wrote:
> >An anonymous source at Yahoo told me that they have pushed
> > a config update sometime today out to their servers to help with these
> > deferral issues.
> >
> >Please don't ask me to play proxy on this one of any
> > other
On Thu, Apr 10, 2008 at 05:51:23PM -0700, chuck goolsbee wrote:
> Thanks for the update Jared. I can understand your request to not be used
> as a proxy, but it exposes the reason why Yahoo is thought to be clueless:
> They are completely opaque.
>
> They can not exist in this community without
ally pretty helpful and
quick to resolve issues.
-Ray
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of chuck goolsbee
Sent: Thursday, April 10, 2008 8:51 PM
To: nanog@merit.edu
Subject: Re: Yahoo Mail Update
> An anonymous source at Yahoo told me th
An anonymous source at Yahoo told me that they have pushed
a config update sometime today out to their servers to help with these
deferral issues.
Please don't ask me to play proxy on this one of any
other issues you may have, but take a look at your queues and
they should be ge
63 matches
Mail list logo