On 23/Jun/11 21:29, John Levine wrote: > My experience, which may or may not be typical of what other people > would find, is that sending reports in ARF format works fine, but > figuring out where to send them is a big challenge.
Yes. > In particular, getting the addresses from WHOIS works poorly both > because of the iffy quality of WHOIS data, and because WHOIS > servers don't have the capacity to handle high volume scraping. I don't agree. WHOIS is trying and getting better. IIRC, I found an abuse POC in Arin saying something like they haven't been able to verify such address for a while. A rather non-formal statement that suggests they do routinely check those email addresses. https://www.arin.net/policy/nrpm.html#three6 The abuse contact is mandatory in Apnic http://www.apnic.net/policy/proposals/prop-079 Ripe has an abuse finder tool, and a task force is discussing the introduction of an abuse-c. http://apps.db.ripe.net/search/abuse-finder.html http://www.ripe.net/ripe/groups/tf/abuse-contact I think a document is needed in order to state the "obvious" facts that RIRs don't have the scope for discussing. Since JD said it cannot be part of the FBL AS, we'd probably better write a new one. Is it possible to do so? _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
