date:20200117

Re: [anti-abuse-wg] Periodic Reminder: List Conduct

2020-01-17 Thread Fi Shing

It appears you missed the point of my email.
 
How can you say rules apply to this list, but not RIPE itself?
 
Given the logic of many on this list:
 
 
+ You are not the internet police, 
+ Some people may not agree with a rule, so therefore there are no rules at 
all, 
+ you, as an administrator enforcing this rule of "no personal attacks" would 
require you to open your emails, which is too much to ask of you as an 
administrator. 

  

 
- Original Message - Subject: RE: [anti-abuse-wg] Periodic 
Reminder: List Conduct
From: "Brian Nisbet" 
Date: 1/17/20 10:42 pm
To: "Fi Shing" , "anti-abuse-wg@ripe.net" 


  Honestly, you can disagree all you want, but there are rules of conduct in 
the RIPE community and on this list. My email served as a polite reminder of 
those rules. If a member of the list chooses not to follow them, then steps 
will be taken in regards to direct communication, then moderation of postings 
if it is felt necessary and on from there.
  
 The Co-Chairs would greatly prefer not to have to deal with any of this, nor 
impose any restrictions on engagement with the working group, but if we must, 
we must, because such attacks do not help the list discussion nor the policy 
development process.
  
 Thanks,
  
 Brian
 Co-Chair, RIPE AA-WG
  
 Brian Nisbet
 Service Operations Manager
 HEAnet CLG, Ireland's National Education and Research Network
 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
 +35316609040 brian.nis...@heanet.ie www.heanet.ie
 Registered in Ireland, No. 275301. CRA No. 20036270
  
From: anti-abuse-wg  On Behalf Of Fi Shing
 Sent: Friday 17 January 2020 11:33
 To: anti-abuse-wg@ripe.net
 Subject: Re: [anti-abuse-wg] Periodic Reminder: List Conduct
 


  >> but we can tell you not to do it here, so please don't.
 

 
Well... no, i disagree.
 

 
Brian Nisbet, i would like to remind you, that ... You are not the Internet 
Police.
 

 
In fact, what you consider to be a rule, might not be something that every 
single person on this planet also considers to be a rule, and so therefore, we 
have no rules at all, nor is there any basis for you to impose any rules on 
this list such as that which you have said.
 

 
To enforce this rule of "no personal attacks", would require you to open you 
email and read it once every year. That is too much for RIPE to envisage. It's 
too much resources. It's something that no administrator such as you SHOULD 
HAVE TO DO.
 

 
So therefore, let us discuss, in meaningless circular fashion, similar to what 
you find inside an insane asylum, this idea of yours.
 

 

 

 
SOUND FAMILIAR, ANYONE?
 

 

 

 
 - Original Message -
  Subject: [anti-abuse-wg] Periodic Reminder: List Conduct
 From: "Brian Nisbet" 
 Date: 1/17/20 8:23 pm
 To: "anti-abuse-wg@ripe.net" 
 
 Colleagues,
 
 It seems that at some point in every large list discussion I am compelled to 
send a mail of this type. This is not in response to any single mail, rather it 
is a reminder to all.
 
 Please remember to conduct yourselves well on this list, to discuss the matter 
at hand and not to attack the person writing the email. Most of the list 
discussion takes place in the appropriate manner, but I realise that when we're 
discussing matters about which any of us are passionate we can forget this.
 
 Ad hominem attacks, general slights, unfounded accusations, and many other 
things do not contribute to the list discussion. The Co-Chairs can't tell you 
not to send them by private mail (albeit we'd greatly prefer you didn't) nor to 
act in this manner in other for a (albeit we'd prefer if you didn't do that 
either), but we can tell you not to do it here, so please don't.
 
 Thank you all for your interest and passion for this subject.
 
 Brian
 Co-Chair, RIPE AA-WG
 
 Brian Nisbet 
 Service Operations Manager
 HEAnet CLG, Ireland's National Education and Research Network
 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
 +35316609040 brian.nis...@heanet.ie  www.heanet.ie
 Registered in Ireland, No. 275301. CRA No. 20036270

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread Richard Clayton

In message <1609071e-bf44-4e1d-9c81-98616f11b...@consulintel.es>, JORDI
PALET MARTINEZ via anti-abuse-wg  writes

>El 16/1/20 21:37, "anti-abuse-wg en nombre de Richard Clayton" boun...@ripe.net en nombre de rich...@highwayman.com> escribió:
>
>In message , JORDI
>PALET MARTINEZ via anti-abuse-wg  writes
>
>> I'm sure if the 
>>service provider tries to avoid being "informed" by not looking at 
>notifications 
>>(email, postal, fax, etc.), they will also be liable in front of courts.
>
>correct, but that's a "Hosting" aspect and that's not necessarily the
>issue when considering spam (which is certainly some of what is being
>considered under the generic "abuse" label)
>
>I'm not sure to understand what do you mean. In my opinion, if the hosting 
>provider is the resource-holder of the addresses being used for any abuse 
>(including spam), he is the responsible against the law and he is consequently 
>liable of possible damages.

The ECommerce Directive gives a free pass to companies that just pass
packets around ("Mere Conduit") ... so if you complain to AS that
there is a spammer using their network and they do nothing then suing
them is unlikely to be productive.

You need, in such a matter, to take proceedings against the spammer (and
the Court may assist you in compelling the network provider to reveal
what they know about the spammer).

The ECommerce Directive also gives a free pass to a hosting company in
respect of material they publish such as (where this thread started) a
website claiming the people operating AS are pondscum and regularly
rape their mothers ... but once the hosting company has "actual
knowledge" of this defamatory material then they must act to remove it.
If they do not do so then you can take legal proceedings against them
for continuing to publish the libel.

You may have some opinion of your own as to whether this is right (and
this, as covered earlier, is not the same in the USA) ...

... but until you explain exactly the legal basis on which you intend to
proceed against a resource holder and exactly the sort of harm which
they are facilitating (not all abuse is the same in law) then it's
impossible to say whether some special situation applies (and your
opinion about liability is correct) or whether the overarching
provisions of the ECommerce Directive (which override laws that appear
to say something else) mean that you cannot proceed against a network
provider at all or a hosting company that does not have actual
knowledge.

IANAL, jurisdictions differ (but Directives bind all EU Member States)

-- 
richard   Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

[anti-abuse-wg] Fw: working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread ripedenis--- via anti-abuse-wg

  Yes of course it would have to be an automated process. A benefit of 
encrypting all the data is that it keeps the RIPE NCC out of any legal actions 
that may follow. They are simply a forwarding service and have no other details.
cheers
denis
co-chair DB-WG
On Friday, 17 January 2020, 11:59:51 CET, JORDI PALET MARTINEZ via 
anti-abuse-wg  wrote:  

I will be fine with this (having RIPE NCC as an intermediator just to send the 
abuse report), if instead of a web form (or in addition to it), it is possible 
to automate it, for example RIPE NCC also accepts x-arf via email.

RIPE NCC has the obligation to keep the information without disclosing it, so 
why we need to have a way to encypt it so RIPE NCC can’t read it? Furthermore, 
this should be an automated process. The staff is not going to handle every 
report manually. And moreover, in case of a bigger dispute, even if going to 
the courts, RIPE NCC can provide in a neutral way all the info of what happened.

However, I’ve the feeling that in order to get this working, the policy must 
mandate that all the responser from the operator which customer is producing 
the abuse, also follow the same path, so:

Abuse reporter (Victim or its ISP) -> RIPE NCC -> abuser operator -> RIPE NCC 
-> abuse reporter

Otherwise, there will not be a way for RIPE to have stats of who is responding 
to abuse cases and who is not, or even simpler than that, what abuse mailboxes 
get bounced (which will be a policy violation if happens all the time with the 
same operator). Never mind we decide or not that not-responding is an abuse-c 
violation. Stats are good, even if not published with operator names.

El 17/1/20 1:12, "anti-abuse-wg en nombre de ripedenis--- via anti-abuse-wg" 
 escribió:

Hi Sergio

As I read through this thread similar ideas came to my mind. The question I 
would ask is "Is it too late to take a completely different approach to abuse 
contacts and reporting via the RIPE Database?"

Suppose we had a standard form available via the ripe.net website for providing 
details of abuse. If you are able to find the "abuse-c:" details in the 
database now then you must know the IP address involved. The RIPE NCC could 
send the report to the abuse contact taken from the database via the specified 
IP address. This does not have to be an email interface either. We could look 
at other options. The RIPE NCC would then at least know if the report was 
successfully delivered. Using a standard form would make it much easier for the 
resource holder to interpret the information.

Someone said:

"Making such a scheme compulsory would be unacceptable to people who wish to 
interact with network owners without disclosing that in public ..."

I have no understanding of the technology involved here, but when I send you a 
message on WhatsApp it is encrypted end to end. WhatsApp have no idea (they 
say) of the content of the message. Would it be possible to submit a form on 
ripe.net in a way that the content of that form is encrypted and sent to the 
resource holder so the RIPE NCC have no idea of the content of the form? That 
would satisfy this concern.

Regardless of the outcome of the RIPE Database Requirements Task Force, 
something like this could still be implemented as it is external to the RIPE 
Database.

Food for thought...

cheers

denis

co-chair DB-WG

On Wednesday, 15 January 2020, 10:22:28 CET, Sérgio Rocha 
 wrote: 

Hi,

Maybe we can change the approach.
If RIPE website had a platform to post abuse report, that send the email for
the abuse contact, it will be possible to evaluate the responsiveness of the
abuse contact.

This way anyone that report an abuse could assess not only the response but
also the effectiveness of the actions taken by the network owner. After some
time with this evaluations we would easy to realize who manages the reports
and even who does not respond at all.

Sérgio 

-Original Message-
From: anti-abuse-wg [mailto:anti-abuse-wg-boun...@ripe.net] On Behalf Of
Gert Doering
Sent: 15 de janeiro de 2020 08:06
To: Carlos Friaças 
Cc: Gert Doering ; anti-abuse-wg 
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation
of "abuse-mailbox")

Hi,

On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
wrote:
> I obviously don't speak for the incident handling community, but i 
> think this (making it optional) would be a serious step back. The 
> current situation is already very bad when in some cases we know from 
> the start that we are sending (automated) messages/notices to blackholes.

So why is it preferrable to send mails which are not acted on, as opposed to
"not send mail because you know beforehand that the other network is not
interested"?

I can see that it is frustrating - but I still cannot support a policy
change which will not help dealing with irresponsible networks in any way,
but at the same time increases

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread JORDI PALET MARTINEZ via anti-abuse-wg

Maybe I’m not using the right wording.

What I’m suggesting is and “intermediation” but automated. NCC staff doesn’t 
“see” anything, just goes thru a system that logs everything and forwards to 
each other party.

 

El 17/1/20 13:04, "Volker Greimann"  escribió:

 

Hmm, if you include RIPE NCC in all responses, you will greatly increase the 
overhead and noise to signal ratio it has to deal with. It may be better to 
maintain the ability to audit the responses. instead of receiving them all.
-- 
Volker A. Greimann
General Counsel and Policy Manager
KEY-SYSTEMS GMBH

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net

Key-Systems GmbH is a company registered at the local court of Saarbruecken, 
Germany with the registration no. HR B 18835
CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in England 
and Wales with company number 8576358.

 

 

On Fri, Jan 17, 2020 at 12:00 PM JORDI PALET MARTINEZ via anti-abuse-wg 
 wrote:

I will be fine with this (having RIPE NCC as an intermediator just to send the 
abuse report), if instead of a web form (or in addition to it), it is possible 
to automate it, for example RIPE NCC also accepts x-arf via email.

RIPE NCC has the obligation to keep the information without disclosing it, so 
why we need to have a way to encypt it so RIPE NCC can’t read it? Furthermore, 
this should be an automated process. The staff is not going to handle every 
report manually. And moreover, in case of a bigger dispute, even if going to 
the courts, RIPE NCC can provide in a neutral way all the info of what happened.

However, I’ve the feeling that in order to get this working, the policy must 
mandate that all the responser from the operator which customer is producing 
the abuse, also follow the same path, so:

Abuse reporter (Victim or its ISP) -> RIPE NCC -> abuser operator -> RIPE NCC 
-> abuse reporter

Otherwise, there will not be a way for RIPE to have stats of who is responding 
to abuse cases and who is not, or even simpler than that, what abuse mailboxes 
get bounced (which will be a policy violation if happens all the time with the 
same operator). Never mind we decide or not that not-responding is an abuse-c 
violation. Stats are good, even if not published with operator names.

 

El 17/1/20 1:12, "anti-abuse-wg en nombre de ripedenis--- via anti-abuse-wg" 
 escribió:

 

Hi Sergio

 

As I read through this thread similar ideas came to my mind. The question I 
would ask is "Is it too late to take a completely different approach to abuse 
contacts and reporting via the RIPE Database?"

 

Suppose we had a standard form available via the ripe.net website for providing 
details of abuse. If you are able to find the "abuse-c:" details in the 
database now then you must know the IP address involved. The RIPE NCC could 
send the report to the abuse contact taken from the database via the specified 
IP address. This does not have to be an email interface either. We could look 
at other options. The RIPE NCC would then at least know if the report was 
successfully delivered. Using a standard form would make it much easier for the 
resource holder to interpret the information.

 

Someone said:

"Making such a scheme compulsory would be unacceptable to people who wish to 
interact with network owners without disclosing that in public ..."

I have no understanding of the technology involved here, but when I send you a 
message on WhatsApp it is encrypted end to end. WhatsApp have no idea (they 
say) of the content of the message. Would it be possible to submit a form on 
ripe.net in a way that the content of that form is encrypted and sent to the 
resource holder so the RIPE NCC have no idea of the content of the form? That 
would satisfy this concern.

 

Regardless of the outcome of the RIPE Database Requirements Task Force, 
something like this could still be implemented as it is external to the RIPE 
Database.

 

Food for thought...

 

cheers

 

denis

 

co-chair DB-WG

 

 

On Wednesday, 15 January 2020, 10:22:28 CET, Sérgio Rocha 
 wrote: 

 

 

Hi,

Maybe we can change the approach.
If RIPE website had a platform to post abuse report, that send the email for
the abuse contact, it will be possible to evaluate the responsiveness of the
abuse contact.

This way anyone that report an abuse could assess not only the response but
also the effectiveness of the actions taken by the network owner. After some
time with this evaluations we would easy to realize who manages the reports
and even who does not respond at all.

Sérgio 


-Original Message-
From: anti-abuse-wg [mailto:anti-abuse-wg-boun...@ripe.net] On Behalf Of
Gert Doering
Sent: 15 de janeiro de 2020 08:06
To: Carlos Friaças 
Cc: Gert Doering ; anti-abuse-wg 
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation
of "abuse-mailbox")

Hi,

On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread Briaut René

STOP SPAM

Envoyé de mon iPhone par René Briaut 

Le 17 janv. 2020 à 13:04, Volker Greimann  a écrit :

Hmm, if you include RIPE NCC in all responses, you will greatly increase the 
overhead and noise to signal ratio it has to deal with. It may be better to 
maintain the ability to audit the responses. instead of receiving them all.
-- 
Volker A. Greimann
General Counsel and Policy Manager
KEY-SYSTEMS GMBH

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net

Key-Systems GmbH is a company registered at the local court of Saarbruecken, 
Germany with the registration no. HR B 18835
CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in England 
and Wales with company number 8576358.


> On Fri, Jan 17, 2020 at 12:00 PM JORDI PALET MARTINEZ via anti-abuse-wg 
>  wrote:
> I will be fine with this (having RIPE NCC as an intermediator just to send 
> the abuse report), if instead of a web form (or in addition to it), it is 
> possible to automate it, for example RIPE NCC also accepts x-arf via email.
> 
> RIPE NCC has the obligation to keep the information without disclosing it, so 
> why we need to have a way to encypt it so RIPE NCC can’t read it? 
> Furthermore, this should be an automated process. The staff is not going to 
> handle every report manually. And moreover, in case of a bigger dispute, even 
> if going to the courts, RIPE NCC can provide in a neutral way all the info of 
> what happened.
> 
> However, I’ve the feeling that in order to get this working, the policy must 
> mandate that all the responser from the operator which customer is producing 
> the abuse, also follow the same path, so:
> 
> Abuse reporter (Victim or its ISP) -> RIPE NCC -> abuser operator -> RIPE NCC 
> -> abuse reporter
> 
> Otherwise, there will not be a way for RIPE to have stats of who is 
> responding to abuse cases and who is not, or even simpler than that, what 
> abuse mailboxes get bounced (which will be a policy violation if happens all 
> the time with the same operator). Never mind we decide or not that 
> not-responding is an abuse-c violation. Stats are good, even if not published 
> with operator names.
> 
>  
> 
> El 17/1/20 1:12, "anti-abuse-wg en nombre de ripedenis--- via anti-abuse-wg" 
>  escribió:
> 
>  
> 
> Hi Sergio
> 
>  
> 
> As I read through this thread similar ideas came to my mind. The question I 
> would ask is "Is it too late to take a completely different approach to abuse 
> contacts and reporting via the RIPE Database?"
> 
>  
> 
> Suppose we had a standard form available via the ripe.net website for 
> providing details of abuse. If you are able to find the "abuse-c:" details in 
> the database now then you must know the IP address involved. The RIPE NCC 
> could send the report to the abuse contact taken from the database via the 
> specified IP address. This does not have to be an email interface either. We 
> could look at other options. The RIPE NCC would then at least know if the 
> report was successfully delivered. Using a standard form would make it much 
> easier for the resource holder to interpret the information.
> 
>  
> 
> Someone said:
> 
> "Making such a scheme compulsory would be unacceptable to people who wish to 
> interact with network owners without disclosing that in public ..."
> 
> I have no understanding of the technology involved here, but when I send you 
> a message on WhatsApp it is encrypted end to end. WhatsApp have no idea (they 
> say) of the content of the message. Would it be possible to submit a form on 
> ripe.net in a way that the content of that form is encrypted and sent to the 
> resource holder so the RIPE NCC have no idea of the content of the form? That 
> would satisfy this concern.
> 
>  
> 
> Regardless of the outcome of the RIPE Database Requirements Task Force, 
> something like this could still be implemented as it is external to the RIPE 
> Database.
> 
>  
> 
> Food for thought...
> 
>  
> 
> cheers
> 
>  
> 
> denis
> 
>  
> 
> co-chair DB-WG
> 
>  
> 
>  
> 
> On Wednesday, 15 January 2020, 10:22:28 CET, Sérgio Rocha 
>  wrote:
> 
>  
> 
>  
> 
> Hi,
> 
> Maybe we can change the approach.
> If RIPE website had a platform to post abuse report, that send the email for
> the abuse contact, it will be possible to evaluate the responsiveness of the
> abuse contact.
> 
> This way anyone that report an abuse could assess not only the response but
> also the effectiveness of the actions taken by the network owner. After some
> time with this evaluations we would easy to realize who manages the reports
> and even who does not respond at all.
> 
> Sérgio
> 
> 
> -Original Message-
> From: anti-abuse-wg [mailto:anti-abuse-wg-boun...@ripe.net] On Behalf Of
> Gert Doering
> Sent: 15 de janeiro de 2020 08:06
> To: Carlos Friaças 
> Cc: Gert Doering ; anti-abuse-wg 
> Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation
> of "abuse-mailbox")
> 
> Hi,
>

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread Volker Greimann

Hmm, if you include RIPE NCC in all responses, you will greatly increase
the overhead and noise to signal ratio it has to deal with. It may be
better to maintain the ability to audit the responses. instead of receiving
them all.
-- 
Volker A. Greimann
General Counsel and Policy Manager
*KEY-SYSTEMS GMBH*

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net

Key-Systems GmbH is a company registered at the local court of
Saarbruecken, Germany with the registration no. HR B 18835
CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in
England and Wales with company number 8576358.


On Fri, Jan 17, 2020 at 12:00 PM JORDI PALET MARTINEZ via anti-abuse-wg <
anti-abuse-wg@ripe.net> wrote:

> I will be fine with this (having RIPE NCC as an intermediator just to send
> the abuse report), if instead of a web form (or in addition to it), it is
> possible to automate it, for example RIPE NCC also accepts x-arf via email.
>
> RIPE NCC has the obligation to keep the information without disclosing it,
> so why we need to have a way to encypt it so RIPE NCC can’t read it?
> Furthermore, this should be an automated process. The staff is not going to
> handle every report manually. And moreover, in case of a bigger dispute,
> even if going to the courts, RIPE NCC can provide in a neutral way all the
> info of what happened.
>
> However, I’ve the feeling that in order to get this working, the policy
> must mandate that all the responser from the operator which customer is
> producing the abuse, also follow the same path, so:
>
> Abuse reporter (Victim or its ISP) -> RIPE NCC -> abuser operator -> RIPE
> NCC -> abuse reporter
>
> Otherwise, there will not be a way for RIPE to have stats of who is
> responding to abuse cases and who is not, or even simpler than that, what
> abuse mailboxes get bounced (which will be a policy violation if happens
> all the time with the same operator). Never mind we decide or not that
> not-responding is an abuse-c violation. Stats are good, even if not
> published with operator names.
>
>
>
> El 17/1/20 1:12, "anti-abuse-wg en nombre de ripedenis--- via
> anti-abuse-wg"  anti-abuse-wg@ripe.net> escribió:
>
>
>
> Hi Sergio
>
>
>
> As I read through this thread similar ideas came to my mind. The question
> I would ask is "Is it too late to take a completely different approach to
> abuse contacts and reporting via the RIPE Database?"
>
>
>
> Suppose we had a standard form available via the ripe.net website for
> providing details of abuse. If you are able to find the "abuse-c:" details
> in the database now then you must know the IP address involved. The RIPE
> NCC could send the report to the abuse contact taken from the database via
> the specified IP address. This does not have to be an email interface
> either. We could look at other options. The RIPE NCC would then at least
> know if the report was successfully delivered. Using a standard form would
> make it much easier for the resource holder to interpret the information.
>
>
>
> Someone said:
>
> "Making such a scheme compulsory would be unacceptable to people who wish
> to interact with network owners without disclosing that in public ..."
>
> I have no understanding of the technology involved here, but when I send
> you a message on WhatsApp it is encrypted end to end. WhatsApp have no idea
> (they say) of the content of the message. Would it be possible to submit a
> form on ripe.net in a way that the content of that form is encrypted and
> sent to the resource holder so the RIPE NCC have no idea of the content of
> the form? That would satisfy this concern.
>
>
>
> Regardless of the outcome of the RIPE Database Requirements Task Force,
> something like this could still be implemented as it is external to the
> RIPE Database.
>
>
>
> Food for thought...
>
>
>
> cheers
>
>
>
> denis
>
>
>
> co-chair DB-WG
>
>
>
>
>
> On Wednesday, 15 January 2020, 10:22:28 CET, Sérgio Rocha <
> sergio.ro...@makeitsimple.pt> wrote:
>
>
>
>
>
> Hi,
>
> Maybe we can change the approach.
> If RIPE website had a platform to post abuse report, that send the email
> for
> the abuse contact, it will be possible to evaluate the responsiveness of
> the
> abuse contact.
>
> This way anyone that report an abuse could assess not only the response but
> also the effectiveness of the actions taken by the network owner. After
> some
> time with this evaluations we would easy to realize who manages the reports
> and even who does not respond at all.
>
> Sérgio
>
>
> -Original Message-
> From: anti-abuse-wg [mailto:anti-abuse-wg-boun...@ripe.net] On Behalf Of
> Gert Doering
> Sent: 15 de janeiro de 2020 08:06
> To: Carlos Friaças 
> Cc: Gert Doering ; anti-abuse-wg 
> Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation
> of "abuse-mailbox")
>
> Hi,
>
> On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
> wrote:
> > I obviously don't speak for the

Re: [anti-abuse-wg] Periodic Reminder: List Conduct

2020-01-17 Thread Brian Nisbet

Honestly, you can disagree all you want, but there are rules of conduct in the 
RIPE community and on this list. My email served as a polite reminder of those 
rules. If a member of the list chooses not to follow them, then steps will be 
taken in regards to direct communication, then moderation of postings if it is 
felt necessary and on from there.

The Co-Chairs would greatly prefer not to have to deal with any of this, nor 
impose any restrictions on engagement with the working group, but if we must, 
we must, because such attacks do not help the list discussion nor the policy 
development process.

Thanks,

Brian
Co-Chair, RIPE AA-WG

Brian Nisbet
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nis...@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270

From: anti-abuse-wg  On Behalf Of Fi Shing
Sent: Friday 17 January 2020 11:33
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] Periodic Reminder: List Conduct

>> but we can tell you not to do it here, so please don't.

Well... no, i disagree.

Brian Nisbet, i would like to remind you, that ... You are not the Internet 
Police.

In fact, what you consider to be a rule, might not be something that every 
single person on this planet also considers to be a rule, and so therefore, we 
have no rules at all, nor is there any basis for you to impose any rules on 
this list such as that which you have said.

To enforce this rule of "no personal attacks", would require you to open you 
email and read it once every year. That is too much for RIPE to envisage. It's 
too much resources. It's something that no administrator such as you SHOULD 
HAVE TO DO.

So therefore, let us discuss, in meaningless circular fashion, similar to what 
you find inside an insane asylum, this idea of yours.



SOUND FAMILIAR, ANYONE?



- Original Message -
Subject: [anti-abuse-wg] Periodic Reminder: List Conduct
From: "Brian Nisbet" mailto:brian.nis...@heanet.ie>>
Date: 1/17/20 8:23 pm
To: "anti-abuse-wg@ripe.net" 
mailto:anti-abuse-wg@ripe.net>>

Colleagues,

It seems that at some point in every large list discussion I am compelled to 
send a mail of this type. This is not in response to any single mail, rather it 
is a reminder to all.

Please remember to conduct yourselves well on this list, to discuss the matter 
at hand and not to attack the person writing the email. Most of the list 
discussion takes place in the appropriate manner, but I realise that when we're 
discussing matters about which any of us are passionate we can forget this.

Ad hominem attacks, general slights, unfounded accusations, and many other 
things do not contribute to the list discussion. The Co-Chairs can't tell you 
not to send them by private mail (albeit we'd greatly prefer you didn't) nor to 
act in this manner in other for a (albeit we'd prefer if you didn't do that 
either), but we can tell you not to do it here, so please don't.

Thank you all for your interest and passion for this subject.

Brian
Co-Chair, RIPE AA-WG

Brian Nisbet
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nis...@heanet.ie 
www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270

Re: [anti-abuse-wg] Periodic Reminder: List Conduct

2020-01-17 Thread Fi Shing

>> but we can tell you not to do it here, so please don't.
 
Well... no, i disagree.
 
Brian Nisbet, i would like to remind you, that ... You are not the Internet 
Police.
 
In fact, what you consider to be a rule, might not be something that every 
single person on this planet also considers to be a rule, and so therefore, we 
have no rules at all, nor is there any basis for you to impose any rules on 
this list such as that which you have said.
 
To enforce this rule of "no personal attacks", would require you to open you 
email and read it once every year. That is too much for RIPE to envisage. It's 
too much resources. It's something that no administrator such as you SHOULD 
HAVE TO DO.
 
So therefore, let us discuss, in meaningless circular fashion, similar to what 
you find inside an insane asylum, this idea of yours.
 
 
 
SOUND FAMILIAR, ANYONE?
 
 
 
- Original Message - Subject: [anti-abuse-wg] Periodic 
Reminder: List Conduct
From: "Brian Nisbet" 
Date: 1/17/20 8:23 pm
To: "anti-abuse-wg@ripe.net" 

Colleagues,
 
 It seems that at some point in every large list discussion I am compelled to 
send a mail of this type. This is not in response to any single mail, rather it 
is a reminder to all.
 
 Please remember to conduct yourselves well on this list, to discuss the matter 
at hand and not to attack the person writing the email. Most of the list 
discussion takes place in the appropriate manner, but I realise that when we're 
discussing matters about which any of us are passionate we can forget this.
 
 Ad hominem attacks, general slights, unfounded accusations, and many other 
things do not contribute to the list discussion. The Co-Chairs can't tell you 
not to send them by private mail (albeit we'd greatly prefer you didn't) nor to 
act in this manner in other for a (albeit we'd prefer if you didn't do that 
either), but we can tell you not to do it here, so please don't.
 
 Thank you all for your interest and passion for this subject.
 
 Brian
 Co-Chair, RIPE AA-WG
 
 Brian Nisbet 
 Service Operations Manager
 HEAnet CLG, Ireland's National Education and Research Network
 1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
 +35316609040 brian.nis...@heanet.ie www.heanet.ie
 Registered in Ireland, No. 275301. CRA No. 20036270

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread JORDI PALET MARTINEZ via anti-abuse-wg

Hi Alessandro,

El 17/1/20 10:24, "anti-abuse-wg en nombre de Alessandro Vesely" 
 escribió:

Hi,

a few points:

The “abuse-mailbox:” attribute must be available in an unrestricted way
via whois, APIs and future techniques.

I'd explicitly mention RDAP here.  It's not a future technique any more

You're right, we can explicitly mention RDAP.

Confirm that the resource holder understands the procedure and the 
policy,
that they regularly monitor the abuse-mailbox, that measures are taken,
and that abuse reports receive a response.

I'd skip the last line.  In my automated abuse reports a add a header field
like "X-Auto-Response-Suppress: DR, OOF, AutoReply".  Yet, many abuse team 
send
automatic notifications that I have to skim, possibly hiding real replies 
that
need attention.  Responses are due only if needed.

Furthermore, couldn't the RIPE NCC have a web form, possibly advertised in 
RDAP
output, where receivers of NDNs from abuse-c contacts can notify that a 
given
mailbox bounces?  The effect of filling such form would be to advance the
mailbox position in the validation queue.

Finally, IMHO:

On Tue 14/Jan/2020 10:24:42 +0100 JORDI PALET MARTINEZ via anti-abuse-wg 
wrote:
> El 14/1/20 0:11, "Leo Vegoda"  escribió:
>   
>> It creates hope for reporters and wastes the RIPE NCC's and the
>> reporters' resources by forcing unwilling organizations to spend
>> cycles on unproductive activity.
>> 
>> Why not give networks two options?
>> 
>> 1. Publish a reliable method for people to submit abuse reports - 
and act on it
>> 2. Publish a statement to the effect that the network operator does
>> not act on abuse reports
>> 
>> This would save lots of wasted effort and give everyone more reliable
>> information about the proportion of networks/operators who will and
>> won't act on abuse reports.
>  
> Even if I think that the operators MUST process abuse cases, if the
> community thinks otherwise, I'm happy to support those two options in the
> proposal. For example, an autoresponder in the abuse-c mailbox for those
> that don't intend to process the abuse cases to option 2 above?

No, autoresponders waste even more resources.  In case, let's use a
conventional address like, say, noone@localhost to decline to receive abuse
reports.  There would be no attempt to validate such address.

There are a number of cases, especially in large organizations, where a 
mailbox
fails to work because email refurbishing resulted in mail loops, erroneous
forwarding, dead relays, and the like.  Having an alternative contact can 
bring
attention to the fact and reestablish the functionality.

There are cases where there is no abuse team and holders don't care.  
Sooner or
later the community will find out how to set up some kind of Don't Route Or
Peer list of those.  However, forcing them to have a "working" abuse-c is
nonsensical.

Best
Ale

> 
>
> There might be some value in having the RIPE NCC cooperate with
> networks who want help checking that their abuse-c is working. But
> this proposal seems to move the RIPE NCC from the role of a helpful
> coordinator towards that of an investigator and judge.
> 
> No, I don't think so, but I'm happy to modify the text if it looks like 
that.
> 
> 
> 
> 
> 
> **
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.theipv6company.com
> The IPv6 Company
> 
> This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the exclusive use of the 
individual(s) named above and further non-explicilty authorized disclosure, 
copying, distribution or use of the contents of this information, even if 
partially, including attached files, is strictly prohibited and will be 
considered a criminal offense. If you are not the intended recipient be aware 
that any disclosure, copying, distribution or use of the contents of this 
information, even if partially, including attached files, is strictly 
prohibited, will be considered a criminal offense, so you must reply to the 
original sender to inform about this communication and delete it.
> 
> 
> 
> 
> 

**
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the exclusive use of the 
individual(s) named above and

[anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread JORDI PALET MARTINEZ via anti-abuse-wg

Hi Michele,

(changing the subject so we can correctly track this and following emails)

The last version is available here:

https://www.ripe.net/participate/policies/proposals/2019-04

But the goal of this discussion is to understand what the community want, for 
making a new version.

I think we are having a good discussion with several key points and already 
looking in a way forward.

Regards,
Jordi
@jordipalet
 
 

El 17/1/20 11:49, "anti-abuse-wg en nombre de Michele Neylon - Blacknight" 
 escribió:

I've been trying to follow the back and forth here over the last few days 
and to be honest I'm rather confused.

Which text is actually being proposed?

A lot of the discussion here seems to have gone off into all sorts of 
tangents and it's hard to see what is actually being discussed

Michele

--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
https://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/ 
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845





**
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the exclusive use of the 
individual(s) named above and further non-explicilty authorized disclosure, 
copying, distribution or use of the contents of this information, even if 
partially, including attached files, is strictly prohibited and will be 
considered a criminal offense. If you are not the intended recipient be aware 
that any disclosure, copying, distribution or use of the contents of this 
information, even if partially, including attached files, is strictly 
prohibited, will be considered a criminal offense, so you must reply to the 
original sender to inform about this communication and delete it.

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread Suresh Ramasubramanian

Not you either. There are many others vocally arguing for complete inaction.

—srs


From: Gert Doering 
Sent: Friday, January 17, 2020 1:34 PM
To: Suresh Ramasubramanian
Cc: Randy Bush; anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 
(Validation of "abuse-mailbox")

Hi,

On Fri, Jan 17, 2020 at 02:44:30AM +, Suresh Ramasubramanian wrote:
> Database and routing people who haven???t worked security or don???t want 
> security roles trying to lecture people who work cert and abuse roles on why 
> something abuse mitigation related won???t work is always interesting. Not 
> you Randy but many other posters in this thread.

I do receive mail to ab...@space.net and ensure that it's being worked on.

Just this morning I clicked a RIPE abuse-c: mail address verification URL...

Gert Doering
-- NetMaster
--
have you enabled IPv6 on something today...?

SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread JORDI PALET MARTINEZ via anti-abuse-wg

I will be fine with this (having RIPE NCC as an intermediator just to send the 
abuse report), if instead of a web form (or in addition to it), it is possible 
to automate it, for example RIPE NCC also accepts x-arf via email.

RIPE NCC has the obligation to keep the information without disclosing it, so 
why we need to have a way to encypt it so RIPE NCC can’t read it? Furthermore, 
this should be an automated process. The staff is not going to handle every 
report manually. And moreover, in case of a bigger dispute, even if going to 
the courts, RIPE NCC can provide in a neutral way all the info of what happened.

However, I’ve the feeling that in order to get this working, the policy must 
mandate that all the responser from the operator which customer is producing 
the abuse, also follow the same path, so:

Abuse reporter (Victim or its ISP) -> RIPE NCC -> abuser operator -> RIPE NCC 
-> abuse reporter

Otherwise, there will not be a way for RIPE to have stats of who is responding 
to abuse cases and who is not, or even simpler than that, what abuse mailboxes 
get bounced (which will be a policy violation if happens all the time with the 
same operator). Never mind we decide or not that not-responding is an abuse-c 
violation. Stats are good, even if not published with operator names.

El 17/1/20 1:12, "anti-abuse-wg en nombre de ripedenis--- via anti-abuse-wg" 
 escribió:

Hi Sergio

As I read through this thread similar ideas came to my mind. The question I 
would ask is "Is it too late to take a completely different approach to abuse 
contacts and reporting via the RIPE Database?"

Suppose we had a standard form available via the ripe.net website for providing 
details of abuse. If you are able to find the "abuse-c:" details in the 
database now then you must know the IP address involved. The RIPE NCC could 
send the report to the abuse contact taken from the database via the specified 
IP address. This does not have to be an email interface either. We could look 
at other options. The RIPE NCC would then at least know if the report was 
successfully delivered. Using a standard form would make it much easier for the 
resource holder to interpret the information.

Someone said:

"Making such a scheme compulsory would be unacceptable to people who wish to 
interact with network owners without disclosing that in public ..."

I have no understanding of the technology involved here, but when I send you a 
message on WhatsApp it is encrypted end to end. WhatsApp have no idea (they 
say) of the content of the message. Would it be possible to submit a form on 
ripe.net in a way that the content of that form is encrypted and sent to the 
resource holder so the RIPE NCC have no idea of the content of the form? That 
would satisfy this concern.

Regardless of the outcome of the RIPE Database Requirements Task Force, 
something like this could still be implemented as it is external to the RIPE 
Database.

Food for thought...

cheers

denis

co-chair DB-WG

On Wednesday, 15 January 2020, 10:22:28 CET, Sérgio Rocha 
 wrote: 

Hi,

Maybe we can change the approach.
If RIPE website had a platform to post abuse report, that send the email for
the abuse contact, it will be possible to evaluate the responsiveness of the
abuse contact.

This way anyone that report an abuse could assess not only the response but
also the effectiveness of the actions taken by the network owner. After some
time with this evaluations we would easy to realize who manages the reports
and even who does not respond at all.

Sérgio 

-Original Message-
From: anti-abuse-wg [mailto:anti-abuse-wg-boun...@ripe.net] On Behalf Of
Gert Doering
Sent: 15 de janeiro de 2020 08:06
To: Carlos Friaças 
Cc: Gert Doering ; anti-abuse-wg 
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation
of "abuse-mailbox")

Hi,

On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
wrote:
> I obviously don't speak for the incident handling community, but i 
> think this (making it optional) would be a serious step back. The 
> current situation is already very bad when in some cases we know from 
> the start that we are sending (automated) messages/notices to blackholes.

So why is it preferrable to send mails which are not acted on, as opposed to
"not send mail because you know beforehand that the other network is not
interested"?

I can see that it is frustrating - but I still cannot support a policy
change which will not help dealing with irresponsible networks in any way,
but at the same time increases costs and workload for those that do the
right thing alrady.

> To an extreme, there should always be a known contact responsible for 
> any network infrastructure. If this is not the case, what's the 
> purpose of a registry then?

"a known contact" and "an *abuse-handling* contact" is not the same thing.

Gert Doering
-- NetMaster
--
have you enabled IPv6 on

[anti-abuse-wg] Abuse mailbox validation?

2020-01-17 Thread Michele Neylon - Blacknight

I've been trying to follow the back and forth here over the last few days and 
to be honest I'm rather confused.

Which text is actually being proposed?

A lot of the discussion here seems to have gone off into all sorts of tangents 
and it's hard to see what is actually being discussed

Michele

--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
https://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/ 
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread JORDI PALET MARTINEZ via anti-abuse-wg

Hi Denis,

 

 

El 17/1/20 0:30, "ripede...@yahoo.co.uk"  escribió:

 

Colleagues

 

I have just read this whole thread, it took a while (I should get sick more 
often and spend a day in bed reading emails). I have a few points to make. Some 
are similar to points already raised but I will reinforce them. I cut out the 
bits I want to respond to, but sorry I have not included the authors (you will 
know if it's you).

 

 

"If I need to use a web form, which is not standard, for every abuse report 
that I need to submit, there is no sufficient time in the world to fill all 
them."

 

So instead each resource holder must interpret randomly written emails and find 
any relevant information from within lots of junk.

 

There are open source tools to extract the logs from an automated abuse 
reporting system (for example fail2ban), and it very easy to configure them for 
your own needs. In any case, much easier than having a different web form 
non-standard for every ISP that requires that.

 

Of course, as said, ideally a standard system could be used. May be is time to 
specify it in the policy, and this is something that I’m already considering in 
the next version, depending on what I can interpret from all this discussion.

 

"ever since the day that RIPE NCC first

published an abuse reporting address in the data base, it has, in

effect, injected itself, even if only to a minimal degree, into

the relationship between a network abuse victim and the relevant

resource holders that have clear connections to the abuse source"

 

To be clear, the RIPE NCC is the data controller, not the data content 
provider. The RIPE NCC does not publish the abuse contacts, they facilitate 
resource holders to publish them.

 

 

"make abuse-c: an optional attribute

(basically, unrolling the "mandatory" part of the policy proposal that

introduced it in the first place)"

 

As co-author/designer of "abuse-c:" one of the original aims of the "abuse-c:" 
attribute was to provide one single point of contact for a resource holder's 
abuse reports. If it is made optional, abuse reports would simply be sent to 
the "admin-c:", "tech-c:", "notify:", etc email addresses, as they were before. 
People will simply search the database for any email address associated with 
the resource holder and spam them all. It won't stop abuse reports being sent 
'somewhere'. And once someone has had to go to the trouble of finding a list of 
email addresses to use for the resource holder who has no "abuse-c:", then they 
will probably do the same for all reports they send. So those of you who do 
respond to abuse complaints will find complaints being sent to a whole host of 
your email addresses from the RIPE Database. We lose the 'keep it in one well 
defined location' benefit.

 

I agree with you on this. I think the alternative is the autoresponder I 
mention. So keep the abuse-c mandatory, but tell the reporters “I will ignore 
your report”.

 

"at the very least, RIPE NCC could set

up and maintain just a basic review "platform" where the public at large

can at least make it known to all observers which networks are the assholes

and which ones aren't."

 

This would be an excellent way for a network operator to 'take out' their 
competitors.

 

 

"While I would accept Gert's proposal for making abuse-c an optional

attribute, the reason I offered a counter proposal for publishing "a

statement to the effect that the network operator does not act on

abuse reports" is to add clarity at a high level."

 

How many operators are going to make such a statement? It would become an 
invitation to block their traffic. If that was the alternative to any 
verification then they know if they don't make such a statement there will be 
no penalty. So just don't make a statement and still ignore the reports.

 

Yes and not. Money talks. But at least you know what you can expect from any 
operator, instead of insisting in sending reports and wasting time trying to 
contact them. May be the point to have in the policy is that if you don’t have 
a valid abuse-c (so it is mandatory), either you choose to respond to abuses, 
or you have an autoresponder to tell you are not taking care of them. If you 
don’t have one or the other, it is a policy violation.

 

"i'm more worried about someone using real e-mail

addresses of real unrelated people than the /dev/null or unattended

mailboxes."

 

Separately to this discussion we need to have a mechanism to say "Remove my 
email address from this resource", as Google has when someone uses your gmail 
address as a recovery address. (A service I use on a weekly basis)

 

I guess this is not needed. If someone is using my email in a non-related 
contact at the RIPE databases, and I notice it, clearly, I can tell to RIPE 
NCC: this is fake, please remove it. Otherwise RIPE NCC may be liable for the 
damages.

 

"Nice analogy, but when you add the eCommerce Directive into the mix, where a

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread JORDI PALET MARTINEZ via anti-abuse-wg

Hi Richard,
 

El 16/1/20 21:37, "anti-abuse-wg en nombre de Richard Clayton" 
 escribió:

In message , JORDI
PALET MARTINEZ via anti-abuse-wg  writes

>So, if I'm reading it correctly (not being a lawyer), a service provider 
not 
>acting against abuse when it has been informed of so, is liable.

don't get confused between the "Hosting" and "Mere Conduit" provisions

> I'm sure if the 
>service provider tries to avoid being "informed" by not looking at 
notifications 
>(email, postal, fax, etc.), they will also be liable in front of courts.

correct, but that's a "Hosting" aspect and that's not necessarily the
issue when considering spam (which is certainly some of what is being
considered under the generic "abuse" label)

I'm not sure to understand what do you mean. In my opinion, if the hosting 
provider is the resource-holder of the addresses being used for any abuse 
(including spam), he is the responsible against the law and he is consequently 
liable of possible damages.


-- 
richard   Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755




**
IPv4 is over
Are you ready for the new Internet ?
http://www.theipv6company.com
The IPv6 Company

This electronic message contains information which may be privileged or 
confidential. The information is intended to be for the exclusive use of the 
individual(s) named above and further non-explicilty authorized disclosure, 
copying, distribution or use of the contents of this information, even if 
partially, including attached files, is strictly prohibited and will be 
considered a criminal offense. If you are not the intended recipient be aware 
that any disclosure, copying, distribution or use of the contents of this 
information, even if partially, including attached files, is strictly 
prohibited, will be considered a criminal offense, so you must reply to the 
original sender to inform about this communication and delete it.

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread Alessandro Vesely

Hi,

a few points:

The “abuse-mailbox:” attribute must be available in an unrestricted way
via whois, APIs and future techniques.

I'd explicitly mention RDAP here.  It's not a future technique any more

Confirm that the resource holder understands the procedure and the policy,
that they regularly monitor the abuse-mailbox, that measures are taken,
and that abuse reports receive a response.

I'd skip the last line.  In my automated abuse reports a add a header field
like "X-Auto-Response-Suppress: DR, OOF, AutoReply".  Yet, many abuse team send
automatic notifications that I have to skim, possibly hiding real replies that
need attention.  Responses are due only if needed.

Furthermore, couldn't the RIPE NCC have a web form, possibly advertised in RDAP
output, where receivers of NDNs from abuse-c contacts can notify that a given
mailbox bounces?  The effect of filling such form would be to advance the
mailbox position in the validation queue.

Finally, IMHO:

On Tue 14/Jan/2020 10:24:42 +0100 JORDI PALET MARTINEZ via anti-abuse-wg wrote:
> El 14/1/20 0:11, "Leo Vegoda"  escribió:
>   
>> It creates hope for reporters and wastes the RIPE NCC's and the
>> reporters' resources by forcing unwilling organizations to spend
>> cycles on unproductive activity.
>> 
>> Why not give networks two options?
>> 
>> 1. Publish a reliable method for people to submit abuse reports - and 
>> act on it
>> 2. Publish a statement to the effect that the network operator does
>> not act on abuse reports
>> 
>> This would save lots of wasted effort and give everyone more reliable
>> information about the proportion of networks/operators who will and
>> won't act on abuse reports.
>  
> Even if I think that the operators MUST process abuse cases, if the
> community thinks otherwise, I'm happy to support those two options in the
> proposal. For example, an autoresponder in the abuse-c mailbox for those
> that don't intend to process the abuse cases to option 2 above?

No, autoresponders waste even more resources.  In case, let's use a
conventional address like, say, noone@localhost to decline to receive abuse
reports.  There would be no attempt to validate such address.

There are a number of cases, especially in large organizations, where a mailbox
fails to work because email refurbishing resulted in mail loops, erroneous
forwarding, dead relays, and the like.  Having an alternative contact can bring
attention to the fact and reestablish the functionality.

There are cases where there is no abuse team and holders don't care.  Sooner or
later the community will find out how to set up some kind of Don't Route Or
Peer list of those.  However, forcing them to have a "working" abuse-c is
nonsensical.

Best
Ale

> 
>
> There might be some value in having the RIPE NCC cooperate with
> networks who want help checking that their abuse-c is working. But
> this proposal seems to move the RIPE NCC from the role of a helpful
> coordinator towards that of an investigator and judge.
> 
> No, I don't think so, but I'm happy to modify the text if it looks like that.
> 
> 
> 
> 
> 
> **
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.theipv6company.com
> The IPv6 Company
> 
> This electronic message contains information which may be privileged or 
> confidential. The information is intended to be for the exclusive use of the 
> individual(s) named above and further non-explicilty authorized disclosure, 
> copying, distribution or use of the contents of this information, even if 
> partially, including attached files, is strictly prohibited and will be 
> considered a criminal offense. If you are not the intended recipient be aware 
> that any disclosure, copying, distribution or use of the contents of this 
> information, even if partially, including attached files, is strictly 
> prohibited, will be considered a criminal offense, so you must reply to the 
> original sender to inform about this communication and delete it.
> 
> 
> 
> 
>

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread Brian Nisbet

Sérgio,

I’m not sure if you’ve had the opportunity to read the RIPE Policy Development 
Process - https://www.ripe.net/participate/policies - but it lays out how 
policy is created in the community.

Very deliberately this is not a vote, it comes out of discussion (which can, at 
times, seem to be or actually be, circular and/or not incredibly productive) 
which leads to consensus or lack thereof regarding the policy at hand. The RIPE 
Community that makes these policies is open to all, not just RIPE NCC members 
and a voting mechanism would be very easy to corrupt. While we, as a community, 
must never say “that is the way it is, we cannot change it” the PDP has 
generally worked over the years and has resulted in many new policies being 
created. However the policies and discussions that happen here are often on the 
more complex or more… fraught end of the scale.

At the end of each phase of a proposal myself, Alireza and Tobias, with the 
wonderful help of the Policy Development Officer in the NCC, to look at the 
discussions and determine the next steps, as laid out in the PDP.

Consensus can be hard to judge and sometimes it seems as if no progress is ever 
made, but this WG has produced a number of policies over the years, for the 
better of the Internet, while I acknowledge that they do not go far enough for 
some, and too far for others.

For all the flaws of any human system, I do believe the PDP is a better process 
than would be gained by simply voting on a particular policy at any given point.

Thanks,

Brian
Co-Chair, RIPE AA-WG

Brian Nisbet
Service Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nis...@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270

From: anti-abuse-wg  On Behalf Of Sérgio Rocha
Sent: Friday 17 January 2020 00:49
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 
(Validation of "abuse-mailbox")

Hello everyone,

Someone said: You must be new here, yes it's true, I'm on the list for a few 
months. Maybe that's why you're still optimistic.

Someone said that the shower of comments against any proposed amendment was 
Democracy. Maybe that is what we really need.

Many complain that this working group never produces anything, some agree that 
either the community does something for itself, or sooner or later we will have 
politicians imposing laws and following goals that may not be beneficial.

I have been on the list for a very short time but today I have learned one 
thing: Those who want to do something are more than I imagined, probably a 
silent majority and a noisy blocking group (maybe small). Respect divergence of 
opinion and respect freedom of expression a lot, we debate a lot and do little, 
maybe because we don't put democracy into practice.

Perhaps what we need is for the RIPE NCC to allow us to create polls within the 
site (to have votes with registered accounts) and instead of arguing backwards 
and forwards, we submit ideas to votes, if the proposals have the majority then 
RIPE NCC should take into account the proposals. What I have seen is that all 
attempts to change something die in the debate and we never count votes.

let's keep arguing but let’s vote at the end

Sergio

De: anti-abuse-wg [mailto:anti-abuse-wg-boun...@ripe.net] Em nome de Liam 
Glover via anti-abuse-wg
Enviada: 17 de janeiro de 2020 00:14
Para: ripede...@yahoo.co.uk
Cc: anti-abuse-wg@ripe.net
Assunto: Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 
(Validation of "abuse-mailbox")


I’ve been following this mailing list for the last couple of years having read 
far too many arguments resulting in next to no progress.



This post from Denis was a refreshing read and one that many should read more 
than once!



Thank you Denis for a reasoned, adult (accepting the UK jab) and constructive 
message.



Liam

On 16 Jan 2020, at 23:30, ripedenis--- via anti-abuse-wg 
mailto:anti-abuse-wg@ripe.net>> wrote:

Colleagues

I have just read this whole thread, it took a while (I should get sick more 
often and spend a day in bed reading emails). I have a few points to make. Some 
are similar to points already raised but I will reinforce them. I cut out the 
bits I want to respond to, but sorry I have not included the authors (you will 
know if it's you).


"If I need to use a web form, which is not standard, for every abuse report 
that I need to submit, there is no sufficient time in the world to fill all 
them."

So instead each resource holder must interpret randomly written emails and find 
any relevant information from within lots of junk.


"ever since the day that RIPE NCC first
published an abuse reporting address in the data base, it has, in
effect, injected itself, even if only to a minimal degree, into
the relationship

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

2020-01-17 Thread Gert Doering

Hi,

On Fri, Jan 17, 2020 at 02:44:30AM +, Suresh Ramasubramanian wrote:
> Database and routing people who haven???t worked security or don???t want 
> security roles trying to lecture people who work cert and abuse roles on why 
> something abuse mitigation related won???t work is always interesting. Not 
> you Randy but many other posters in this thread.

I do receive mail to ab...@space.net and ensure that it's being worked on.

Just this morning I clicked a RIPE abuse-c: mail address verification URL...

Gert Doering
-- NetMaster
-- 
have you enabled IPv6 on something today...?

SpaceNet AG  Vorstand: Sebastian v. Bomhard, Michael Emmer
Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann
D-80807 Muenchen HRB: 136055 (AG Muenchen)
Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279


signature.asc
Description: PGP signature

Re: [anti-abuse-wg] Periodic Reminder: List Conduct

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

[anti-abuse-wg] Fw: working in new version of 2019-04 (Validation of "abuse-mailbox")

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

Re: [anti-abuse-wg] Periodic Reminder: List Conduct

Re: [anti-abuse-wg] Periodic Reminder: List Conduct

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

[anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

[anti-abuse-wg] Abuse mailbox validation?

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

18 matches

Site Navigation

Mail list logo

Footer information