On Sun, Mar 1, 2015 at 3:42 PM, Alessandro Vesely <ves...@tana.it> wrote:
> On Fri 27/Feb/2015 15:26:03 +0100 Jan Ingvoldstad wrote:
> > On Fri, Feb 27, 2015 at 12:05 PM, Alessandro Vesely <ves...@tana.it>
> wrote:
> >>
> >> but would it be worth?
> >>
> > Use case 1:
> >
> > Hi, this is $customer,
> >
> > could you please provide a log for which IP addresses have tried to logon
> > as $user?
>
> The complete list of IP addresses would do. You cannot tell whether the
> password, the userid, or both were wrong. IME, intrusion attempts --where
> both
> tokens are being guessed-- are somewhat more frequent than honest
> mistyping,
> but discerning which is which is not always obvious, and needs human
> judgment.
>
There are numerous reasons why a customer might be interested in this data,
and why we should provide either that, or at least the name of the ISP
and/or geolocation of the IP address.
I find this constant "you don't need this information" kind of response
extremely frustrating.
Could you please try to at least respect that while you personally cannot
see the use for this, that there might be someone else who does?
> > Use case 2:
> >
> > Dear $customer,
> >
> > we have regretfully had to block your IMAP account $user due to too many
> > invalid login attempts. The login attempts came from the following IP
> > addresses:
> >
> > $IP1
> > $IP2
> > ...
> > IPn
>
> I had thought something similar myself. However, the IP list is not going
> to
> be meaningful for most customer.
That's why I'm bringing up three use cases, to point out various instances
where it might be useful.
It doesn't have to be most customers.
Most customers don't have problems!
Most customers don't contact support!
Most customers' accounts are not abused, either by botnets, or by a
misbehaving employee, or a malfunctioning webmail service somewhere.
These "most customers" are _utterly_ uninteresting.
> Use case 3:
> >
> > Dear $abusedept,
> >
> > your IP address $IP has been involved in multiple login attempts to
> > numerous IMAP accounts, and we have therefore been forced to block access
> > from it.
>
> Just block them. ISP's abuse teams don't even reply, except for automated
> stuff. They're usually unable to contact their users, and do nothing even
> with
> zombie reports.
>
As someone who deals with such abuse reports on a daily basis, I find your
remark offensive.
Serious ISPs respond to abuse reports.
Don't assume that these negligent ISPs should be the standard we all are
held to.
If you do, you're working to kill Internet e-mail.
--
Jan
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
