Re: [anti-abuse-wg] RIPE AA-WG discussion

[Volker Greimann]

I think you totally misread his mail. It reads to me as a proposal to help
you understand the processes used by many providers, not as a sales pitch.

Best,
-- 
Volker A. Greimann
General Counsel and Policy Manager
*KEY-SYSTEMS GMBH*

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net

Key-Systems GmbH is a company registered at the local court of
Saarbruecken, Germany with the registration no. HR B 18835
CEO: Oliver Fries and Robert Birkner

Part of the CentralNic Group PLC (LON: CNIC) a company registered in
England and Wales with company number 8576358.

This email and any files transmitted are confidential and intended only for
the person(s) directly addressed. If you are not the intended recipient,
any use, copying, transmission, distribution, or other forms of
dissemination is strictly prohibited. If you have received this email in
error, please notify the sender immediately and permanently delete this
email with any files that may be attached.


On Mon, Feb 22, 2021 at 6:12 PM Cynthia Revström via anti-abuse-wg <
anti-abuse-wg@ripe.net> wrote:

> Hi,
>
> (intro)
> Tobias Knecht sent me an email (which this is a reply to) abusing his
> position as co-chair in order to try to sell me services based on what I
> said on a mailing list.
>
> (mainly towards Tobias)
> Replying to me based on a mailing list post in order to try to sell me
> services is bad enough.
> To do it as a co-chair and then to use the fact that you are co-chair as a
> selling point is much worse.
>
> I find this utterly appalling behaviour from a co-chair of a working
> group, I didn't reach out to you, you weren't even in the thread at all.
>
> also this:
> > As a Co-Chair I didn't want to jump into the mix on the mailing list,
> that's why I'm reaching out to you directly.
>
> I mean that is sort of the point of co-chairs generally speaking but yeah
> it is going to look bad if you are trying to sell something, because it is
> bad.
>
> (mainly towards chair team and aa-wg chairs)
> A co-chair of a working group should absolutely be warned or removed if
> they abuse their position to sell their services.
>
> I also somehow doubt that this is the first time, I could be wrong, but
> idk why this would be the first time.
>
> I hate it when for example Cogent sends me emails trying to sell me
> services despite me never having contacted them (outside of replying saying
> I am not interested).
> But this is more like if the Cogent sales people were co-chairs of the
> db-wg.
>
> Also with a subject like "RIPE AA-WG discussion" I initially thought it
> was actually about something I said or whatever, in his role as co-chair,
> it didn't appear like it was a sales email.
>
> I have also CC'd the aa-wg and ripe list as this is too appalling to be
> held private.
>
> -Cynthia
>
>
> On Mon, Feb 22, 2021 at 5:50 PM Tobias Knecht  wrote:
>
>> Hello Cynthia,
>>
>> my name is Tobias. I'm a Co-Chair of the Anti-Abuse Working Group and
>> also Founder and CEO of Abusix.
>>
>>
>> As a Co-Chair I didn't want to jump into the mix on the mailing list,
>> that's why I'm reaching out to you directly.
>>
>> We at Abusix run Abuse Desk for dozens of Service Providers of any size
>> and any type of product. From Cloud to DC-Services, Cable, and so on.
>>
>> Happy to jump on a call and answer the questions you have and tell you
>> about how our clients handle those things.
>>
>> Feel free to reach out via email or just pick a time in my calendar:
>> https://calendly.com/tobias-knecht/30min
>>
>> Thanks and stay safe.
>>
>> Tobias
>>
>> --
>>
>>
>> Tobias Knecht
>>
>> Founder & CEO
>>
>>
>>
>> T.
>>
>> +49 170 455 98 45
>>
>> abusix.com
>> 
>>
>> Book a meeting
>> 
>>
>>
>>
>> [image: My Logo]
>>
>>
>>
>>
>> 
>>
>>
>> 
>>
>>
>> 
>>
>>
>>
>>
>>
>> CONFIDENTIALITY This email and any attachments are confidential and may
>> also be 

Re: [anti-abuse-wg] On the abuse handling policy of manitu.net (AS34240)

[Volker Greimann]

It sounds GDPR legal. After all, they are telling you exactly what will
happen with anything that you send there, so by sending it there in full
knowledge, you are essentially consenting to that processing of your data.
Also, German courts have ruled that in-between service providers are only
liable for taking action after the complainant has raised the issue with
the party that is directly violating the rights of the complainant, or
their hosting provider and those efforts have proven futile or can be
objectively deemed to be futile from the outset.
And finally, who says their customers are the abusers? In many cases, their
customers may be the victims as well, without their knowledge, for example
due to compromised CMS and would indeed be the best person to address the
issue you may want to see resolved.

-- 
Volker A. Greimann



Virus-free.
www.avast.com

<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

On Fri, Feb 19, 2021 at 10:07 PM Nick Hilliard  wrote:

> furio ercolessi wrote on 19/02/2021 20:55:
> > This is so absurd, I had to read it twice to make sure that I was not
> misreading it.
> > They state that they automatically pass all my personal data to abusers
> if I
> > send a report to them, so that:
>
> it's difficult to see how this is fully compatible with the GDPR.  Have
> you opened up a case with the Data Protection Office in Italy?  Germany
> has strong data privacy laws, so there may be a legal way of handling this.
>
> Nick
>
>

Re: [anti-abuse-wg] Question about spam to abuse inbox

[Volker Greimann]

Blocking abusive users of the abuse contact address is common practice as
they essentially prevent effective and timely reaction to the actual abuse
cases.
-- 
Volker A. Greimann
General Counsel and Policy Manager
*KEY-SYSTEMS GMBH*

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net

Key-Systems GmbH is a company registered at the local court of
Saarbruecken, Germany with the registration no. HR B 18835
CEO: Oliver Fries and Robert Birkner

Part of the CentralNic Group PLC (LON: CNIC) a company registered in
England and Wales with company number 8576358.

This email and any files transmitted are confidential and intended only for
the person(s) directly addressed. If you are not the intended recipient,
any use, copying, transmission, distribution, or other forms of
dissemination is strictly prohibited. If you have received this email in
error, please notify the sender immediately and permanently delete this
email with any files that may be attached.



Virus-free.
www.avast.com

<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

On Thu, Feb 18, 2021 at 9:08 PM JORDI PALET MARTINEZ via anti-abuse-wg <
anti-abuse-wg@ripe.net> wrote:

> The policy proposal was precisely suggesting XARF, not enforcing it.
>
> It is the smarter and cheaper way to resolve the problem for everyone.
>
> I usually send (automated) in order of 1.000-1.500 abuse reports per day.
> It will be impossible to handle even just 1% if I need to fill-in forms.
> I'm sure I'm not alone on that.
>
> If you want to keep the forms, they can still exist, just provide the XARF
> for automatically filling the form.
>
> There is no way to assume that victims must pay for the cost of abuse
> reporting. We will need to scale this to governments and consumer
> associations at some point. I will much prefer that the technical community
> is able to avoid that and resolve in a smarter way.
>
> Regards,
> Jordi
> @jordipalet
>
>
>
> El 18/2/21 21:01, "anti-abuse-wg en nombre de John Levine" <
> anti-abuse-wg-boun...@ripe.net en nombre de jo...@taugh.com> escribió:
>
> In article <
> db8pr09mb3324537f4168bea955a0ab07cd...@db8pr09mb3324.eurprd09.prod.outlook.com>
> you write:
> >Abuse reports are a nuisance � anyone who thinks otherwise needs to
> get their head examined.
>
> Of course they are.  But abuse from your customers is a nuisance, too,
> and if you have any sense
> you will welcome reports about it so you can fix the problem before
> everyone else blocks you in
> self-defense.
>
> >However a lot of us will deal with abuse reports, but will not put up
> with people telling us how we should receive them.
>
> There are standard ways to send abuse reports, like ARF defined in RFC
> 5965 and IODEF defined in RFC 7970. Smart people realize that when we
> send you an abuse report, we are doing it for your benefit, and you
> will accept them.
>
> Report web forms are out of the question because they do not scale. I
> send about a hundred abuse reports a day about spam received from all
> over the Internet, and I have no interest in using your form or anyone
> else's to make a manual special case for under 1% of my reports.
>
> R's,
> John
>
>
>
>
> **
> IPv4 is over
> Are you ready for the new Internet ?
> http://www.theipv6company.com
> The IPv6 Company
>
> This electronic message contains information which may be privileged or
> confidential. The information is intended to be for the exclusive use of
> the individual(s) named above and further non-explicilty authorized
> disclosure, copying, distribution or use of the contents of this
> information, even if partially, including attached files, is strictly
> prohibited and will be considered a criminal offense. If you are not the
> intended recipient be aware that any disclosure, copying, distribution or
> use of the contents of this information, even if partially, including
> attached files, is strictly prohibited, will be considered a criminal
> offense, so you must reply to the original sender to inform about this
> communication and delete it.
>
>
>
>
>
>

Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of "abuse-mailbox")

[Volker Greimann]

Hmm, if you include RIPE NCC in all responses, you will greatly increase
the overhead and noise to signal ratio it has to deal with. It may be
better to maintain the ability to audit the responses. instead of receiving
them all.
-- 
Volker A. Greimann
General Counsel and Policy Manager
*KEY-SYSTEMS GMBH*

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net

Key-Systems GmbH is a company registered at the local court of
Saarbruecken, Germany with the registration no. HR B 18835
CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in
England and Wales with company number 8576358.


On Fri, Jan 17, 2020 at 12:00 PM JORDI PALET MARTINEZ via anti-abuse-wg <
anti-abuse-wg@ripe.net> wrote:

> I will be fine with this (having RIPE NCC as an intermediator just to send
> the abuse report), if instead of a web form (or in addition to it), it is
> possible to automate it, for example RIPE NCC also accepts x-arf via email.
>
> RIPE NCC has the obligation to keep the information without disclosing it,
> so why we need to have a way to encypt it so RIPE NCC can’t read it?
> Furthermore, this should be an automated process. The staff is not going to
> handle every report manually. And moreover, in case of a bigger dispute,
> even if going to the courts, RIPE NCC can provide in a neutral way all the
> info of what happened.
>
> However, I’ve the feeling that in order to get this working, the policy
> must mandate that all the responser from the operator which customer is
> producing the abuse, also follow the same path, so:
>
> Abuse reporter (Victim or its ISP) -> RIPE NCC -> abuser operator -> RIPE
> NCC -> abuse reporter
>
> Otherwise, there will not be a way for RIPE to have stats of who is
> responding to abuse cases and who is not, or even simpler than that, what
> abuse mailboxes get bounced (which will be a policy violation if happens
> all the time with the same operator). Never mind we decide or not that
> not-responding is an abuse-c violation. Stats are good, even if not
> published with operator names.
>
>
>
> El 17/1/20 1:12, "anti-abuse-wg en nombre de ripedenis--- via
> anti-abuse-wg"  anti-abuse-wg@ripe.net> escribió:
>
>
>
> Hi Sergio
>
>
>
> As I read through this thread similar ideas came to my mind. The question
> I would ask is "Is it too late to take a completely different approach to
> abuse contacts and reporting via the RIPE Database?"
>
>
>
> Suppose we had a standard form available via the ripe.net website for
> providing details of abuse. If you are able to find the "abuse-c:" details
> in the database now then you must know the IP address involved. The RIPE
> NCC could send the report to the abuse contact taken from the database via
> the specified IP address. This does not have to be an email interface
> either. We could look at other options. The RIPE NCC would then at least
> know if the report was successfully delivered. Using a standard form would
> make it much easier for the resource holder to interpret the information.
>
>
>
> Someone said:
>
> "Making such a scheme compulsory would be unacceptable to people who wish
> to interact with network owners without disclosing that in public ..."
>
> I have no understanding of the technology involved here, but when I send
> you a message on WhatsApp it is encrypted end to end. WhatsApp have no idea
> (they say) of the content of the message. Would it be possible to submit a
> form on ripe.net in a way that the content of that form is encrypted and
> sent to the resource holder so the RIPE NCC have no idea of the content of
> the form? That would satisfy this concern.
>
>
>
> Regardless of the outcome of the RIPE Database Requirements Task Force,
> something like this could still be implemented as it is external to the
> RIPE Database.
>
>
>
> Food for thought...
>
>
>
> cheers
>
>
>
> denis
>
>
>
> co-chair DB-WG
>
>
>
>
>
> On Wednesday, 15 January 2020, 10:22:28 CET, Sérgio Rocha <
> sergio.ro...@makeitsimple.pt> wrote:
>
>
>
>
>
> Hi,
>
> Maybe we can change the approach.
> If RIPE website had a platform to post abuse report, that send the email
> for
> the abuse contact, it will be possible to evaluate the responsiveness of
> the
> abuse contact.
>
> This way anyone that report an abuse could assess not only the response but
> also the effectiveness of the actions taken by the network owner. After
> some
> time with this evaluations we would easy to realize who manages the reports
> and even who does not respond at all.
>
> Sérgio
>
>
> -Original Message-
> From: anti-abuse-wg [mailto:anti-abuse-wg-boun...@ripe.net] On Behalf Of
> Gert Doering
> Sent: 15 de janeiro de 2020 08:06
> To: Carlos Friaças 
> Cc: Gert Doering ; anti-abuse-wg 
> Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation
> of "abuse-mailbox")
>
> Hi,
>
> On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
> wrote:
> > I obviously don't speak for the 

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

[Volker Greimann]

Hi,

do you talk to your mother with that mouth? Does she know how you behave 
yourself on the internet?


Whatever you assume I know about the volume of illegal use, I dispute 
that. Most of our customers are legitimate businesses using their domain 
names in legitimate ways. Your vitriole will not change that.


Amongst our resellers that are sending abusive registrations are some of 
the largest, most reputable and most well known internet companies that 
even you probably use every single day. Even they don't seem to be able 
to prevent these registrations from happening.


When we do see domain names registered for abuse through our direct 
portals, there is a high likelihood that these registrations will cost 
us. There is no profit in abuse as the first victims of the abusers are 
usually the registrars where the registrations were requested using 
stolen identities and credit cards.


As the abuse using domains registered through us usually does not happen 
on our networks, we have zero ability to detect it in advance, all we 
can do is take care of them after the fact, which we do dilligently. We 
have a team tasked exclusively with reviewing abuse complaints and 
taking appropriate action. No money in that at all, but we still do it 
because we feel that is the right thing to do.



There are, at last count, something like eighty seven thousand ICANN
Accredited domain name registrars, and 98% of them would be out of
business tomorrow if it were not for the snowshoe spammer trade, because
there is NO real money to be made just selling domain names, one or two
at a time, to butcher shops and dentist's offices.  You are just porcine
animals, feeding at the trough of a corrupt trade made possible by what
amounts to your over-arching industry lobbying organization, ICANN.
90% of these registrars deal in registering expiring domain names for 
the secondary market. This has nothing to do with abuse.
I really don't give a rat's ass what self-serving fradulent 
justifications

ICANN has put out to try to excuse their own inaction *or* your non-compliance
with your contractual commitments.  The fact remains that GDPR *does not*
restrict domain registrars from displaying the Organization: fields in
WHOIS records, specifically when the named organizations represent things
other than natural persons... which is almost always the case... and yet
I can name right now any number of ICANN Accredited domain name registrars
that are, and that have been, for quite some time now, very deliberately
suppressing literally *all* WHOIS data fields, period.  How do you justify
that?  How does your corrupt industry justify that?
Clearly you have never looked at what normal end users put in the Org 
fields. In our experience, they put anything in there, not just org 
names. There simply is no good way to identify which org field shows 
personal information which must be protected and which does not.

Screw that! This is just a clever smoke-screen, invented by your corrupt
industry to try to fool naive and stupid people into believing that
there is really some complex issue here when there isn't.  The Organization:
field of each and every domain name WHOIS records is quite clearly SUPPOSED
to contain the name of the non-natural-person to which the domain name is
registered.  So why do most domain name registrars suppress this data?
What is your excuse for that, when GDPR clearly does not apply?
It is supposed to but in the decades users have provided it, they have 
never been consistent in that use. If you have the perfect method of 
differentiating between personal data and non-personal data, you could 
do a lot of good by sharing that instead of mouthing off.

small-time hackers and spammers, so your industry-wide plan is to
proceeding according to these two phases:
Oh, we have a plan now? So this is all a conspiracy? I'll be sending 
your limited edition tinfoil hat...

 1)  Suppress *all* WHOIS information, even for entities not covered
 by GDPR, and then...
As I said, we'd be happy to publish non-personal information, if we can 
be sure it is that.

 2)  When people complaint that you are violating your clear contractual
 commitments to ICANN (which ICANN, which also profits handsomely
 from the snowshoe spammer trade, is conveniently doing nothing
 about) then your industry offers to "compromise" by allowing WHOIS
 access *only* to untrained, ineffective, and mostly uninterested
 law enforcement.


Not all law enforcement is Seargant Plodder. I have met some highly 
efficient and interested Law Enforcement people in my time in this 
industry, with whom it is a pleasure to work.


And access would be granted to anyone who can demonstrate a legitimate 
interest in accordance with Article 6 1 f GDPR and who meets the other 
requirements of GDPR as well.




Actually, I must complement your whole industry for being so clever about
all of this.  You all set out, with 

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

[Volker Greimann]

Hi Jordi,

your example seems a bit off though. If your contract is with your ISP 
and you need to complain to them, why would you complain to another ISP 
you have no contract with?


I agree that current GDPR implementations may impact the contactibility 
of the customer, but that can be improved in GDPR-compliant manners that 
do not require playing chinese whispers down the chain.


Not objecting to your 3. but you need to consider it may not be the 
contractual partner acting against the contract. They may be a victim as 
well, and therefore enforcing any actions against them may be 
unproductive. Would you shut down Google.com because of one link to a 
site violating third party rights?


Best,

Volker

Am 16.01.2020 um 15:52 schrieb JORDI PALET MARTINEZ via anti-abuse-wg:


Hi Volker,

I don’t agree with that, because:

 1. I believe the electricity sample I provided proves otherwise. My
contract is with the electricity provider (the Internet provider),
so I need to complain to them and they need to follow the chain.
 2. For a victim, to complain directly to the customer (not the
operator), will need to know the data of the “abuser” which may be
protected by GDPR.
 3. Customers sign a contract with the operator. The contract must
have clear conditions (AUP) about the appropriate use of the
network. If you act against that contract, the problem is with the
operator, not victims.

By the way, if an operator has a badly designed AUP, either they are 
doing a bad job, or they have **no interest** in acting against abuses.


Regards,

Jordi

@jordipalet

El 16/1/20 15:44, "anti-abuse-wg en nombre de Volker Greimann" 
<mailto:anti-abuse-wg-boun...@ripe.net> en nombre de 
vgreim...@key-systems.net <mailto:vgreim...@key-systems.net>> escribió:


Obviously every user should lock their doors / protect themselves 
against fraud. I am just saying that the ability of many service 
providers to curtail abuse of their system (without impacting 
legitimate uses) is very limited as it may not their customers doing 
the abusing and any targeted action against those customers 
themselvesd would be inappropriate and affect many legitimate users of 
their services.


At what point should a network service provider remove privileges from 
a customer that is himself being abused but is technically unable to 
deal with it properly? Would the complaint not be better directed at 
that customer, not the provider, since they are the ones that can 
resolve this issue in a more targetted and appropriate manner? How 
does the service provider differentiate between a customer that is 
abusing vs one that is being abused?  Deputising the service providers 
will not necessarily solve the problems, and possibly create many new 
ones.


In the domain industry, we were required to provide an abuse contact, 
however the reports we get to that address usually deal with issues we 
cannot do much about other than pulling or deactivating the domain 
name, which is usually the nuclear option. So we spend our time 
forwarding abuse mails to our customers that the complainant should 
have sent to the customer directly.


Best,

volker

Am 16.01.2020 um 15:16 schrieb Serge Droz via anti-abuse-wg:

Hi Volker

On 16/01/2020 15:03, Volker Greimann wrote:

isn't making the world (and the internet) first and foremost a job of

law enforcement agencies like the police and Europol?

Law enforcement's job primarily is arresting criminals. And yes they do

prevention. But you can't stop locking your door or walk by fight just

ignoring it, because it's LEA's job.

This is even more true on the internet, where CERT's have long been

working together fighting cybercrime etc.

While there obviously is an appeal to the notion of "The best problems

are some one else's problem" my believe is we don't want to have an

internet or a world, for that matter, where this is how things run. The

internet is a bottom up thing, it is so cool because people follow

protocols, that are not law.

There was a time whn this wasn't a given: During the "Browser wars"

different producer leveraged ambiguities in the HTML standard, and the

end result was horrible.

We don't want this. If we delegate the problem, we've already lost.

Best

Serge

--
Volker A. Greimann
General Counsel and Policy Manager
*KEY-SYSTEMS GMBH*

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net <http://www.key-systems.net>

Key-Systems GmbH is a company registered at the local court of 
Saarbruecken, Germany with the registration no. HR B 18835

CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in 
England and Wales with company number 8576358.



**
IPv4 is over
Are you ready for the new Internet ?
http://www.t

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

[Volker Greimann]

Obviously every user should lock their doors / protect themselves 
against fraud. I am just saying that the ability of many service 
providers to curtail abuse of their system (without impacting legitimate 
uses) is very limited as it may not their customers doing the abusing 
and any targeted action against those customers themselvesd would be 
inappropriate and affect many legitimate users of their services.


At what point should a network service provider remove privileges from a 
customer that is himself being abused but is technically unable to deal 
with it properly? Would the complaint not be better directed at that 
customer, not the provider, since they are the ones that can resolve 
this issue in a more targetted and appropriate manner? How does the 
service provider differentiate between a customer that is abusing vs one 
that is being abused? Deputising the service providers will not 
necessarily solve the problems, and possibly create many new ones.


In the domain industry, we were required to provide an abuse contact, 
however the reports we get to that address usually deal with issues we 
cannot do much about other than pulling or deactivating the domain name, 
which is usually the nuclear option. So we spend our time forwarding 
abuse mails to our customers that the complainant should have sent to 
the customer directly.


Best,

volker


Am 16.01.2020 um 15:16 schrieb Serge Droz via anti-abuse-wg:

Hi Volker

On 16/01/2020 15:03, Volker Greimann wrote:

isn't making the world (and the internet) first and foremost a job of
law enforcement agencies like the police and Europol?

Law enforcement's job primarily is arresting criminals. And yes they do
prevention. But you can't stop locking your door or walk by fight just
ignoring it, because it's LEA's job.

This is even more true on the internet, where CERT's have long been
working together fighting cybercrime etc.

While there obviously is an appeal to the notion of "The best problems
are some one else's problem" my believe is we don't want to have an
internet or a world, for that matter, where this is how things run. The
internet is a bottom up thing, it is so cool because people follow
protocols, that are not law.

There was a time whn this wasn't a given: During the "Browser wars"
different producer leveraged ambiguities in the HTML standard, and the
end result was horrible.

We don't want this. If we delegate the problem, we've already lost.

Best
Serge




--
Volker A. Greimann
General Counsel and Policy Manager
*KEY-SYSTEMS GMBH*

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net

Key-Systems GmbH is a company registered at the local court of 
Saarbruecken, Germany with the registration no. HR B 18835

CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in 
England and Wales with company number 8576358.

Re: [anti-abuse-wg] @EXT: RE: working in new version of 2019-04 (Validation of "abuse-mailbox")

[Volker Greimann]

Hi Sara,

isn't making the world (and the internet) first and foremost a job of 
law enforcement agencies like the police and Europol? While I agree that 
everyone has a role to play, crime prevention and protection of the 
public is part of the LEA job description, right? Civil society entities 
certainly have a role to play, but it does not help trying to deputize 
them into a role they do not carry.


I disagree that the contract language you quote puts any duty of care 
regarding the abuse of any networks by third parties on the parties to 
the agreement. That duty may arise from other sources, but this language 
is directed at its own information the party provides to RIPE NCC and 
the cooperation with any audits. Just because it includes the word 
security does not mean it refers to all thinkable security issues.


The ability of any part of the internet infrastructure to curtail abuse 
that somehow touches services it providers is usually severely curtailed 
and its ability to review abuse complaints is usually limited to the 
resources it provides. In many cases, that is simply not enough 
information to go on when dealing with many common forms of abuse.


Best,

Volker

Am 16.01.2020 um 14:23 schrieb Marcolla, Sara Veronica:


Very well put, Sérgio. Thank you for voicing clearly the concern of 
(at least a part of) the community.


We should not forget that, according to the provisions of RIPE NCC 
audits, “e/very party that has entered into an agreement with the RIPE 
NCC is contractually obliged to provide the RIPE NCC with complete, 
updated and accurate information necessary for the provision of the 
RIPE NCC services and to assist the RIPE NCC with audits and security 
checks”. /Complete, accurate information goes hand in hand with a duty 
of care, of promptly taking actions against abuse, and should be 
accompanied by a social responsibility of trying to make the Internet 
a safe and secure place for everyone, thus not enabling actively DDoS, 
spammers, and criminals in general.


If the community does not agree that everyone has the right to a safe, 
spam free, crime free Internet, maybe we have some issue to solve here 
first.


Kind regards,

**

*Sara *

*Europol - *O3 European Cyber Crime Centre (EC3)

Eisenhowerlaan 73, 2517 KK

The Hague, The Netherlands

www.europol.europa.eu 

*From:*anti-abuse-wg  *On Behalf Of 
*Sérgio Rocha

*Sent:* 16 January 2020 13:38
*To:* anti-abuse-wg@ripe.net
*Subject:* Re: [anti-abuse-wg] working in new version of 2019-04 
(Validation of "abuse-mailbox")


Hi,

Agree, This anti-abuse list seems the blocking group to any anit-abuse 
response measure.


It's amazing that nobody cant propose anything without receiving a 
shower of all sorts of arguments against


There is an idea that everyone has to hold, if as a community we 
cannot organize a policy, one of these days there will be a problem 
that will make governments take the opportunity to legislate and we 
will no longer have the free and open internet.


There are a feew ideas that is simple to understand:

1 - If you have been assigned a network you have responsibilities, 
paying should not be the only one.


2 - There is no problem with email, since ever are made solutions to 
integrate with emails. There is no need to invent a new protocol. Who 
has a lot of abuse, invests in integrating these emails.


3 - If you have no ability to manage abuse should not have addressing, 
leave it to professionals.


The internet is critical for everyone, the ability for actors to 
communicate with each other to respond to abuse must exist and RIPE 
must ensure that it exists.


It’s like the relation with local governments, there is a set of 
information that has to be kept up to date to avoid problems, in RIPE 
it must be the same.


Sergio

*From:*anti-abuse-wg [mailto:anti-abuse-wg-boun...@ripe.net] *On 
Behalf Of *Fi Shing

*Sent:* 16 de janeiro de 2020 04:55
*To:* anti-abuse-wg@ripe.net 
*Subject:* Re: [anti-abuse-wg] working in new version of 2019-04 
(Validation of "abuse-mailbox")


>> Best not to judge the race until it has been fully run.

I just do not understand how anyone on this list (other than a 
criminal or a business owner that wants to reduce over heads by 
abolishing an employee who has to sit and monitor an abuse desk) could 
be talking about making it easier for abuse to flourish.


It is idiotic and is not ad hominem.

This list is filled with people who argue for weeks, perhaps months, 
about the catastrophic world ending dangers of making an admin verify 
an abuse address ONCE a year  and then someone says "let's abolish 
abuse desk all together" and these idiots emerge from the wood work 
like the termites that they are and there's no resistance?


The good news is that nothing talked about on this list is ever 
implemented, so .. talk away you criminals.


- Original Message -

Subject: Re: 

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

Two parties cannot agree in a contract to take away the privacy right of 
a third. Art 6 I c) only refers to obligations with regulatory power, 
not private agreements.


So if a state my company is subject to makes a valid law that requiresa 
certain type of processing, that is binding. If I am bound by a contract 
with a contract, that is not a valid reason for processing in accordance 
with Art 6 I c). It is really easy, actually...


Volker


Am 29.05.2018 um 22:00 schrieb Ronald F. Guilmette:

In message ,
Volker Greimann  wrote:


If you buy land, there is a legal requirement to get yourself
registered. This legal basis is sufficient grounds for data processing
under the GDPR under Art 6 I c) ("processing is necessary for compliance
with a legal obligation to which the controller is subject").

I am very glad that you have explicitly clarified this exception to the
GDPR rules, as it allows me to ask a question which has, quite frankly,
befuddled me ever since this whole GDPR versus WHOIS lunacy began.

As I understand it, the binding contractual obligations which all individual
domain name registrants have committed to include the requirment to provide
accurate WHOIS data, with the understanding that this information will be
published.

Also and similarly, as I understand it, domain name registrars and registries
(with the exception of the ccTLDs) have all contractually committed themselves
(to ICANN) to actually publish this data.

Could someone please explain to me then how these pre-existing contractual
obligations somehow fall outside of the exception stated in GDPR Art 6 I c?

In what sense are these pre-existing contractual obligations not "legal
obligations", as defined, presumably, within the GDPR framework?


Regards,
rfg



--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems

CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

This is another argument often raised, yet it is missing the point of 
the legality of these registers. Yes, there are certain public or 
non-public registers like the land register (public) or the car 
registration register (non-public), but each of these are mandated by 
law. If you buy land, there is a legal requirement to get yourself 
registered. This legal basis is sufficient grounds for data processing 
under the GDPR under Art 6 I c) ("processing is necessary for compliance 
with a legal obligation to which the controller is subject").


But that is exactly the point: No such law exists for IP adresses or 
whois, hence the logic of having these registeres cannot be transferred 
to these services. Now, some countries have such laws and ccTLD 
registries will continue to legally publish whois details for their TLD 
registrations. But most do not, and if they do, these laws are 
specifically tailored to their own TLD.


Volker

Am 29.05.2018 um 16:42 schrieb Ángel González Berdasco:

Volker Greimann wrote:

Hi Simon,

that is a common misconception, but sadly untrue.


As things stand at the moment, the interpretations of GDPR and subsequent 
actions of some large organisations make it likely that fraud and other types 
of malpractice, largely aimed at individual users, will increase.

On the other hand, the amount of spam and abuse directed at new
registrant will be greatly reduced. Balance will be the result.

The stated position "that tool was illegal to begin with as it violated the 
rights to privacy of millions of domain owners” is, at best, misleading. Assuming 
the “tool” being referred to is WHIOS, registrants of domains needed to provide 
information as part of their contract with the registrar. A contractual requirement. 
Perfectly OK pre GDPR, perfectly OK post GDPR.

Sadly untrue, since consent to processing of data that is not strictly
necessary for the performance of the contract post GDPR must be freely
given. If the service is withheld unless consent is provided, that
consent is invalid.
Even before GDPR, the consent for whois was iffy as best.

Don't you have real estate registration in your country that is publicly
accessible? If so, do you think it should now be banned under GDPR (if
in EU)?

I see your point, but it is not *that* clear.

Best regards




--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems

CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

   > > assigned by this RR
 > > Andre
 > >
 > >
 > > On Tue, 29 May 2018 14:00:44 +0200
 > > JORDI PALET MARTINEZ via anti-abuse-wg
 > >  wrote:
 > > > Whois, as everything in the life, has good and bad
 > > > things. Against: Privacy invaded. In fact, when you
 > > > register a new domain and you associate a visible
 > > > email to it, in a matter of hours, you get spam.
 > > > Pro: If it is a real email with humans behind, it
 > > > facilitates the resolution of abuse cases.
 > > > The balance is always difficult ...
 > > > Regards,
 > > > Jordi
 > >
 > > >
 > > > De: anti-abuse-wg 
 > > > en nombre de Volker Greimann
 > > >  Fecha: martes, 29 de
 > > > mayo de 2018, 13:49 Para: Suresh Ramasubramanian
 > > > , "anti-abuse-wg@ripe.net"
 > > >  Asunto: Re:
 > > > [anti-abuse-wg] GDPR - positive effects on email
 > > > abuse
 > > >
 > > >
 > > >
 > > > Even in those cases, whois is but one tool that
 > > > helps identify bad actors by means of violating
 > > > privacy rights of millions. There are other tools,
 > > > like DNS traces, reviews of hosting infrastructures
 > > > used, etc. all of which will continue to be
 > > > available for the uses you refer to.
 > > >
 > > > And maybe it is time to ensure law enforcement is
 > > > better equipped to deal with such issues earlier
 > > > and faster. Up to now, governments have been
 > > > afforded the luxury of being able to underfund such
 > > > efforts as others were doing their jobs for them.
 > > > Maybe this will lead to better law enforcement and
 > > > international cooperation.
 > > >
 > > > Best,
 > > >
 > > > Volker
 > > >
 > > >
 > > >
 > > > Am 29.05.2018 um 13:34 schrieb Suresh
 > > > Ramasubramanian:
 > > >
 > > > This unfortunately is entirely wrong and short
 > > > sighted
 > > >
 > > >
 > > >
 > > > All security practitioners protect our respective
 > > > services and networks against a wide variety of
 > > > threats including malware and phish campaigns.
 > > >
 > > >
 > > >
 > > > Very few of those go on to be referred to law
 > > > enforcement and that only after an extensive
 > > > dossier is built internally to show that the perps
 > > > in question justify a - frequently cross border -
 > > > law enforcement action.
 > > >
 > > >
 > > >
 > > > Security and protecting user privacy go hand in
 > > > hand and I wish more people realised that, and
 > > > maybe also realised the resource and administrative
 > > > lconstraints and limits law enforcement is saddled
 > > > with
 > > >
 > > >
 > > >
 > > >
 > > >
 > > >
 > > >
 > > > From: anti-abuse-wg
 > > >  on behalf of
 > > > Volker Greimann  Sent:
 > > > Tuesday, May 29, 2018 4:06:18 PM To:
 > > > anti-abuse-wg@ripe.net Subject: Re: [anti-abuse-wg]
 > > > GDPR
 > > > - positive effects on email abuse
 > > >
 > > >
 > > >
 > > > Wow, the level of narrowmindedness and
 > > > fearmongering is high with this one.
 > > >
 > > > Crime online will likely not increase due to GDPR.
 > > > It may be more di

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

Hi Suresh,

I get that and that aspect of the abuse community is providing a 
valuable service. A valuable service that also could be (and now must 
be) provided without access to whois data. Effectively, parts of your 
community have already been working without whois for years in ccTLDs 
where no or limited whois is provided by the registry. If you can fight 
abuse without full whois access under .uk, .io, .eu, .fr, etc etc etc, 
then you can also do it under .com, .net, .info, .whatever.


Learn to do without violating the rights of millions of internet users, 
like many of your colleagues have.


Best,

Volker


Am 29.05.2018 um 13:56 schrieb Suresh Ramasubramanian:
But we are not enforcing any laws, I don’t believe in that other “code 
is law” urban myth either :)


We as a community are protecting our respective  users by blocking 
phish, spam, malware etc.


And occasionally we send a heads up to other networks that are hosting 
or originating such traffic and have a published policy stating that 
they prohibit it.  Here the request is that they enforce their own 
rules and policies.


Where does the question of security practitioners arresting the 
individuals behind these malicious actions arise?


And likewise since when does law enforcement control the mail / 
messaging services, dns and network infrastructure of various 
providers who have to block content for their users or take down 
content that violates their policy?





*From:* anti-abuse-wg  on behalf of 
Volker Greimann 

*Sent:* Tuesday, May 29, 2018 5:20:56 PM
*To:* Michele Neylon - Blacknight; anti-abuse-wg@ripe.net
*Subject:* Re: [anti-abuse-wg] GDPR - positive effects on email abuse
Apologies if I offended anyone.

However I do believe law enforcement itself should be strictly a
government function.

Volker


Am 29.05.2018 um 13:41 schrieb Michele Neylon - Blacknight:
> Volker
>
> I don't think your choice of language is particularly helpful or 
constructive. In fact I think you're being intentionally inflammatory.

>
> Why don't you tone it down a little?
>
> There's no need to use words like:
> "vigilantes" or "rent-a-cops" unless you're simply trying to troll 
people or believe that the anti-abuse community shouldn't exist, which 
by extension would suggest that you want to enable online abuse.

>
> Regards
>
> Michele
>
>
> --
> Mr Michele Neylon
> Blacknight Solutions
> Hosting, Colocation & Domains
> https://www.blacknight.com/
> http://blacknight.blog/
> Intl. +353 (0) 59  9183072
> Direct Dial: +353 (0)59 9183090
> Personal blog: https://michele.blog/
> Some thoughts: https://ceo.hosting/
> ---
> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business 
Park,Sleaty

> Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845
>
> On 29/05/2018, 11:36, "anti-abuse-wg on behalf of Volker Greimann" 
vgreim...@key-systems.net> wrote:

>
>  Wow, the level of narrowmindedness and fearmongering is high 
with this one.

>
>  Crime online will likely not increase due to GDPR. It may be more
>  difficult to detect and take action against due to the loss of 
one tool
>  amongst many, but ultimately that tool was illegal to begin 
with as it

>  violated the rights to privacy of millions of domain owners.
>
>  "Private researchers" and other vigilantes or rent-a-cops will 
indeed
>  have a more difficult time to obtain such data as they will 
finally have

>  to do so by legal means, but then they are in an untenable position
>  anyway, taking upon themselves functions that should be 
fulfilled by

>  actual law enforcement.
>
>  Ultimately, private data if internet users no longer being 
public will
>  lead to better registration data for those with a right to 
access it.
>  Those with no such rights will have to figure out alternate 
routes to do

>  their jobs that does not violate the rights of millions.
>
>  Best,
>
>  Volker
>
>
>
>  Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:
>  > ox  wrote:
>  >
>  >> Firstly I would like to comment that the multinationals and 
their funded trade
>  >> groups (and their lobby orgs) shouted from the rooftops that 
if the GDPR came
>  >> into effect, Internet in the EU would collapse and there 
would be digital doom

>  >> and gloom.
>  > I am not a multinational.  I am an individual volunteer 
anti-abuse researcher.
>  > And yet even -I- have told everyone I know that the 
disappearance of public
>  > WHOIS is and will be an epic catastrophy.  If there was 
cybercrime on the

>  >

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

Apologies if I offended anyone.

However I do believe law enforcement itself should be strictly a 
government function.


Volker


Am 29.05.2018 um 13:41 schrieb Michele Neylon - Blacknight:

Volker

I don't think your choice of language is particularly helpful or constructive. 
In fact I think you're being intentionally inflammatory.

Why don't you tone it down a little?

There's no need to use words like:
"vigilantes" or "rent-a-cops" unless you're simply trying to troll people or 
believe that the anti-abuse community shouldn't exist, which by extension would suggest that you 
want to enable online abuse.

Regards

Michele


--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
http://blacknight.blog/
Intl. +353 (0) 59  9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
---
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland  Company No.: 370845

On 29/05/2018, 11:36, "anti-abuse-wg on behalf of Volker Greimann" 
 wrote:

 Wow, the level of narrowmindedness and fearmongering is high with this one.
 
 Crime online will likely not increase due to GDPR. It may be more

 difficult to detect and take action against due to the loss of one tool
 amongst many, but ultimately that tool was illegal to begin with as it
 violated the rights to privacy of millions of domain owners.
 
 "Private researchers" and other vigilantes or rent-a-cops will indeed

 have a more difficult time to obtain such data as they will finally have
 to do so by legal means, but then they are in an untenable position
 anyway, taking upon themselves functions that should be fulfilled by
 actual law enforcement.
 
 Ultimately, private data if internet users no longer being public will

 lead to better registration data for those with a right to access it.
 Those with no such rights will have to figure out alternate routes to do
 their jobs that does not violate the rights of millions.
 
 Best,
 
 Volker
 
 
 
 Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:

 > ox  wrote:
 >
 >> Firstly I would like to comment that the multinationals and their 
funded trade
 >> groups (and their lobby orgs) shouted from the rooftops that if the 
GDPR came
 >> into effect, Internet in the EU would collapse and there would be 
digital doom
 >> and gloom.
 > I am not a multinational.  I am an individual volunteer anti-abuse 
researcher.
 > And yet even -I- have told everyone I know that the disappearance of 
public
 > WHOIS is and will be an epic catastrophy.  If there was cybercrime on the
 > Internet before, it will be increased, going forward, by tenfold.
 >
 >> How wrong they were (hindsight is perfect - as we can all clearly see)
 > Be patient.  The change has only just occurred.
 >
 >> The EU has truly become a world and global leader in the reclamation of
 >> individual rights and the free Internet.
 > Here on this side of the pond, one usually has to turn on Fox News in 
order
 > to be treated to this level of rubbish.
 >
 > The only thing that has happened is that private researchers the world
 > over have been effectively blinded due to the supreme arogance and idiocy
 > of europeans... europeans who, in their religious fervor, have come to 
view
 > it as their holy obligation to foist their demented notions onto the rest
 > of the world, whether any of the rest of us like it or not.
 >
 > Meanwhile the malevolent forces of state-sponsored intrigue and violation
 > of human rights are and shall remain totally unfettered and unaffected by
 > GDPR, as they will be the first ones to obtain special exemptions 
allowing
 > them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
 > undoubtedly celebrating the arrival of GDPR, as it further entrenches
 > their special status at the expense of the great unwashes masses.
 >
 > Friday was a sad day for both transparency and democracy, but all across
 > the globe both criminals and statists undoubtedly celebrated it with
 > toasts of champaign.
 >
 >
 > Regards,
 > rfg
 >
 
 --

 Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
 
 Mit freundlichen Grüßen,
 
 Volker A. Greimann

 - Rechtsabteilung -
 
 Key-Systems GmbH

 Im Oberen Werk 1
 66386 St. Ingbert
 Tel.: +49 (0) 6894 - 9396 901
 Fax.: +49 (0) 6894 - 9396 851
 Email: vgreim...@key-systems.net
 
 Web: www.key-systems.net

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

Even in those cases, whois is but one tool that helps identify bad 
actors by means of violating privacy rights of millions. There are other 
tools, like DNS traces, reviews of hosting infrastructures used, etc. 
all of which will continue to be available for the uses you refer to.


And maybe it is time to ensure law enforcement is better equipped to 
deal with such issues earlier and faster. Up to now, governments have 
been afforded the luxury of being able to underfund such efforts as 
others were doing their jobs for them. Maybe this will lead to better 
law enforcement and international cooperation.


Best,

Volker


Am 29.05.2018 um 13:34 schrieb Suresh Ramasubramanian:

This unfortunately is entirely wrong and short sighted

All security practitioners protect our respective services and 
networks against a wide variety of threats including malware and phish 
campaigns.


Very few of those go on to be referred to law enforcement and that 
only after an extensive dossier is built internally to show that the 
perps in question justify a - frequently cross border - law 
enforcement action.


Security and protecting user privacy go hand in hand and I wish more 
people realised that, and maybe also realised the resource and 
administrative lconstraints and limits law enforcement is saddled with





*From:* anti-abuse-wg  on behalf of 
Volker Greimann 

*Sent:* Tuesday, May 29, 2018 4:06:18 PM
*To:* anti-abuse-wg@ripe.net
*Subject:* Re: [anti-abuse-wg] GDPR - positive effects on email abuse
Wow, the level of narrowmindedness and fearmongering is high with this 
one.


Crime online will likely not increase due to GDPR. It may be more
difficult to detect and take action against due to the loss of one tool
amongst many, but ultimately that tool was illegal to begin with as it
violated the rights to privacy of millions of domain owners.

"Private researchers" and other vigilantes or rent-a-cops will indeed
have a more difficult time to obtain such data as they will finally have
to do so by legal means, but then they are in an untenable position
anyway, taking upon themselves functions that should be fulfilled by
actual law enforcement.

Ultimately, private data if internet users no longer being public will
lead to better registration data for those with a right to access it.
Those with no such rights will have to figure out alternate routes to do
their jobs that does not violate the rights of millions.

Best,

Volker



Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:
> ox  wrote:
>
>> Firstly I would like to comment that the multinationals and their 
funded trade
>> groups (and their lobby orgs) shouted from the rooftops that if the 
GDPR came
>> into effect, Internet in the EU would collapse and there would be 
digital doom

>> and gloom.
> I am not a multinational.  I am an individual volunteer anti-abuse 
researcher.
> And yet even -I- have told everyone I know that the disappearance of 
public
> WHOIS is and will be an epic catastrophy.  If there was cybercrime 
on the

> Internet before, it will be increased, going forward, by tenfold.
>
>> How wrong they were (hindsight is perfect - as we can all clearly see)
> Be patient.  The change has only just occurred.
>
>> The EU has truly become a world and global leader in the reclamation of
>> individual rights and the free Internet.
> Here on this side of the pond, one usually has to turn on Fox News 
in order

> to be treated to this level of rubbish.
>
> The only thing that has happened is that private researchers the world
> over have been effectively blinded due to the supreme arogance and 
idiocy
> of europeans... europeans who, in their religious fervor, have come 
to view
> it as their holy obligation to foist their demented notions onto the 
rest

> of the world, whether any of the rest of us like it or not.
>
> Meanwhile the malevolent forces of state-sponsored intrigue and 
violation
> of human rights are and shall remain totally unfettered and 
unaffected by
> GDPR, as they will be the first ones to obtain special exemptions 
allowing

> them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
> undoubtedly celebrating the arrival of GDPR, as it further entrenches
> their special status at the expense of the great unwashes masses.
>
> Friday was a sad day for both transparency and democracy, but all across
> the globe both criminals and statists undoubtedly celebrated it with
> toasts of champaign.
>
>
> Regards,
> rfg
>

--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: w

Re: [anti-abuse-wg] GDPR - positive effects on email abuse

[Volker Greimann]

Wow, the level of narrowmindedness and fearmongering is high with this one.

Crime online will likely not increase due to GDPR. It may be more 
difficult to detect and take action against due to the loss of one tool 
amongst many, but ultimately that tool was illegal to begin with as it 
violated the rights to privacy of millions of domain owners.


"Private researchers" and other vigilantes or rent-a-cops will indeed 
have a more difficult time to obtain such data as they will finally have 
to do so by legal means, but then they are in an untenable position 
anyway, taking upon themselves functions that should be fulfilled by 
actual law enforcement.


Ultimately, private data if internet users no longer being public will 
lead to better registration data for those with a right to access it. 
Those with no such rights will have to figure out alternate routes to do 
their jobs that does not violate the rights of millions.


Best,

Volker



Am 28.05.2018 um 21:13 schrieb Ronald F. Guilmette:

ox  wrote:


Firstly I would like to comment that the multinationals and their funded trade
groups (and their lobby orgs) shouted from the rooftops that if the GDPR came
into effect, Internet in the EU would collapse and there would be digital doom
and gloom.

I am not a multinational.  I am an individual volunteer anti-abuse researcher.
And yet even -I- have told everyone I know that the disappearance of public
WHOIS is and will be an epic catastrophy.  If there was cybercrime on the
Internet before, it will be increased, going forward, by tenfold.


How wrong they were (hindsight is perfect - as we can all clearly see)

Be patient.  The change has only just occurred.


The EU has truly become a world and global leader in the reclamation of
individual rights and the free Internet.

Here on this side of the pond, one usually has to turn on Fox News in order
to be treated to this level of rubbish.

The only thing that has happened is that private researchers the world
over have been effectively blinded due to the supreme arogance and idiocy
of europeans... europeans who, in their religious fervor, have come to view
it as their holy obligation to foist their demented notions onto the rest
of the world, whether any of the rest of us like it or not.

Meanwhile the malevolent forces of state-sponsored intrigue and violation
of human rights are and shall remain totally unfettered and unaffected by
GDPR, as they will be the first ones to obtain special exemptions allowing
them to continue to see WHOIS data.  The CIA, NSA, BDN, and FSB are
undoubtedly celebrating the arrival of GDPR, as it further entrenches
their special status at the expense of the great unwashes masses.

Friday was a sad day for both transparency and democracy, but all across
the globe both criminals and statists undoubtedly celebrated it with
toasts of champaign.


Regards,
rfg



--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems

CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.

Re: [anti-abuse-wg] Abuse: Too big to fail

[Volker Greimann]

It seems there is a definition issue here. I am sure Twitter does not 
intentionally spam its users, but many users that receive messages from 
Twitter think of these as spam.


What is probably true:

- Real spammers may be abusing the infrastructure offered by Twitter to 
spam and Twitter is unable/unwilling to take action to stop this


- Twitter account holders have their settings set up that they receive 
too many notifications that they do not really want.


Solving the second is easy: Just change your notification settings.

Volker

PS: It may be helpful to say exactly which messages you consider spam 
instead of opening up with the big guns right away but without 
sufficient detail to verify your claims.



Am 19.06.2017 um 17:08 schrieb ox:

If I do actually look at the abuse lists that list the spammer, Twitter
- they are sorbs, etc and have a reputation for ethical behavior..

What is interesting is how you & michele defend the spammer

One has to wonder whether it is because the fact that Twitter is an
evil spammer hurts you guys personally?

Or if you are products (have twitter etc) accounts and the truth hurts?

If you love the Twitter spammer that much, why do you not try to get the
spammer to change their evil ways? Instead of trying to make it about a
quarter of all the rbl's being useless, etc.

or just plain stupid and obviously false claims that Twitter never sends spam.

Andre

On Mon, 19 Jun 2017 14:53:07 +
Suresh Ramasubramanian  wrote:


On 19/06/17, 8:20 PM, "anti-abuse-wg on behalf of ox"
 wrote:

 And, apart from the fact that 25% of all spam lists does in fact
list Twitter as a spammer

Sturgeon’s law manifests itself all the time. eg: the number of weird
and wonderful blocklists used by maybe two men and their dog, the
population of cranks on the Internet…

--srs





--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems

CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.

Re: [anti-abuse-wg] The real abuse

[Volker Greimann]

This is leading nowhere. Apparently this person is not interested in 
constructive dialogue, which I had offered.


I will therefore cease to feed the troll and instead filter his messages 
to trash.


This is useless.


Am 07.06.2017 um 09:21 schrieb Marilson:

Please pay attention. I'll show you how criminals act and who they are.
*On May 31, 2017 Volker wrote:*
> ...stop accusing each other of criminal activity. If you have 
evidence of criminal activities, report them to the appropriate 
authorities.
I had already done what he suggested, but with the scammer. His 
colleague and countryman, owner of Hetzner.de, is out of reach. I'm in 
Brazil and I'm not a millionaire. Volker is a lawyer and he knows 
that. Their criticism was impertinent, I knew he had his tail stuck 
and I decided to confront him with evidence.

*On Jun 4, 2017 I answered:*
>> ...talk to your colleague Ralf Ramm of your KS team abuse about our 
message exchange from 14 to 28-08-2015. It's a small example of how 
the bad ISPs act. See the proof of the crime and see the falsehood and 
complicity of your team abuse.
Volker took 2 days to respond to my complaint. Perhaps he did research 
because his reaction was of a dictator of Banana Republic.

*On Jun 6, 2017 1:37 PM Volker wrote:*
>>> Can we remove this person from the list or at least revoke posting 
rights?
>>> Let's not feed the troll any more and return this list to its 
original function.

*On Jun 6, 2017 5:04 PM I answered:*
Hey Volker, we're not in the Middle Ages ... I guess. Instead ask to 
shut up my mouth you should explain the acts of your KS team abuse, 
after all my accusations are false, are not they? Why so much fear?
Volker is a lawyer and he leads the abuse teams of Key-Systems. Team 
abuse is advised by a lawyer. The Key-Systems team abuse is oriented 
to protect the accused. They lie and try to deceive those who 
denounce.They underestimate the intelligence of the complainants and 
treat us as if we were morons. I have filed the responses that this 
team abuse gave me in August 2015. This is the work of Mr. Volker 
Greimann. He takes great pains to defend bad ISPs.
If someone doubts I'll send the evidence. But this group never asked 
for evidence. On the contrary, always prevented me from showing. The 
reason is obvious. So they decided to shut me up.
For those who do not believe me, I think they'll believe a German 
Court, will not they? Volker and Key-Systems are German.

2013 – 2014
Complainant: Universal Music e Robin Thicke
Defendant: Key-Systems e seu cliente H33T
Court decision: *If the registrar is informed about a clear violation 
of the law, it must examine the specific offer immediately and lock 
the domain.*

Fine: 250,000 euros
Now notice the date that team abuse tried to deceive me: August 2015 !!!
Not even a local Court can correct this aberration. The name of this 
is greed, lack of ethics, dishonesty, cumplicty and conspiracy.
I must clarify that in most of the Providers I have come to, I have 
been treated with decency and efficiency. These others, Hetzner.de, 
Contabo.de, Limestonenetworks.com, Ripe.net, Microsoft.com, Enzu.com, 
Locaweb.com.br, Buscape-Lomadee.com.br, Uol.com.br, Key-Systems.net, 
Techcrea Solutions, Aruba.it, Ovh.ca, Amazonaws.com, 
Hostgator-Equinix.com, Alibaba and the Forty Thieves, well, those are 
going to be in the trash of history.

Tell me Volker, if I'm the troll what are you, dear?
Marilson


--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.t

Re: [anti-abuse-wg] Recent List Discussion

[Volker Greimann]

Can we tone down the rhetoric and stop accusing each other of criminal 
activity (which in itself may be libel and therefore a criminal act).


If you have evidence of criminal activities, report them to the 
appropriate authorities. Criminals will be convicted. If there is no 
conviction, there probably is no crime but only hyperbole.


This has gone far enough.

Best,

Volker


Am 31.05.2017 um 03:12 schrieb Marilson:

Brian,
Please read this very carefully. There is no place on the World for 
people like you and your criminal partners, ISP owner.

This is a list to discuss how to protect network abuse.
Please consider your contributions to the list very carefully. You are 
not acting in the spirit of the Europe community nor are you providing 
useful content for good people, for honest people. Neither you nor the 
other members of the Pro-Abuse Working Group of R.O.T.T.E.N., ex-RIPE, 
with rare exceptions.
I do not wish to have to take further action, ahhh I want to, and this 
email should be taken as a warning that if you continue to act as you 
have done until today, that action will be taken. You will have to 
explain why you are scandalized by words like bullshit - Nazi - 
criminal, but tolerate Nazi and criminal behavior of customer. Oh 
yeah, you're not police and customer behavior is not your 
responsibility, right? Nor reporting crimes is your responsibility, 
right? Your arguments do not hold. In the face of the gravity of the 
acts, your arguments are a joke.
Surely that will not result in short term moderation of your behavior, 
but, regrettably, if necessary I will have to look at further steps 
such as to show that your anti-abuse is a joke of bad taste.
Now, prove that you also do not tolerate the contradictory banning me. 
:)

Marilson
*From:* Brian Nisbet 
*Sent:* Monday, May 29, 2017 10:26 AM
*To:* Marilson 
*Cc:* Tobias Knecht 
*Subject:* Recent List Discussion
Marilson,

As I said on list and I have said before there is no place on the
mailing list for ad hominem attacks, personal insults or accusations
(really of any sort). This is a list to discuss how to deal with network
abuse. It is not here for you to act in the way you have acted today.

Please consider your contributions to the list very carefully. You are
not acting in the spirit of the RIPE community nor are you providing
useful content for the other members of the Anti-Abuse Working Group.

I do not wish to have to take further action, but this email should be
taken as a warning that if your posts continue to have the content they
had today, that action will be taken. At the very least that will result
in short term moderation of your posts, but, regrettably, if necessary
we will have to look at further steps such as removal from the list.

Brian
Co-Chair, RIPE Anti-Abuse WG



--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



Should you have any further questions, please do not hesitate to contact us.

Best regards,

Volker A. Greimann
- legal department -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Follow us on Twitter or join our fan community on Facebook and stay updated:
www.facebook.com/KeySystems
www.twitter.com/key_systems

CEO: Alexander Siffrin
Registration No.: HR B 18835 - Saarbruecken
V.A.T. ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

This e-mail and its attachments is intended only for the person to whom it is 
addressed. Furthermore it is not permitted to publish any content of this 
email. You must not use, disclose, copy, print or rely on this e-mail. If an 
addressing or transmission error has misdirected this e-mail, kindly notify the 
author by replying to this e-mail or contacting us by telephone.

Re: [anti-abuse-wg] Definition of Internet Abuse * pre-final

[Volker Greimann]

This entire exchange reminds me of this scene:

https://youtu.be/XNkjDuSVXiE?t=41

"This is abuse"

Best,

Volker


Am 02.09.2016 um 16:00 schrieb Hal ponton:

Hi All,

I think this is getting a little abusive here, can the tone be brought 
down a little to something a little more acceptable please?


Regards,

Hal Ponton
Senior Network Engineer

Buzcom / FibreWiFi


Marilson 
2 September 2016 at 14:46
On Sep 01, 2016 07:12 Andre Coetzee wrote:
> It is very clear what and who what you are Marilson.
> completely overestimate your own technical skills and abilities.
>
technically ignorant
> extremely belligerent
> how ignorant you are
>
approach a real Internet engineer (to learn) how the Internet works
> You obviously have a lot to learn
> reading what I am typing and improving yourself (mamma mia, without 
smiley ;) this phrase sound too bad)

Hmm...well, I won't stoop so low. And am I the extremely belligerent?!?
On my last message I wrote:
>>
First I want to thank you for having changed your attitude and not 
have mocked.
Your comments were full of arrogance and veiled insults and now the 
insults are clear and direct. What happened? No one can call you a 
hypocrite, right?
You took sentences of my message and evaluated out of context. 
Another sight of you – dishonesty.

I will repeat because you were dishonest:
All my messages addressed to supp...@spamcop.net 
 correcting the source of spam 
identification were constantly ignored by these honorable and ethical 
people. I was throwing away my time because the reports, via spamcop, 
would never come to the sources of scam. I needed to help them so I 
do not waste time with my complaints. To solve this I appealed to 
Cisco. Cisco or spamcop did nothing. I waited 30 days and repeat the 
message (for Cisco) appending the phrase: Thanks for nothing. 
Arrogants of shit!
On the same day spamcop replied and thanked stating that the 
reporting address was corrected.
Herr Volker, die Anbieter geben Sie mir nur Aufmerksamkeit, wenn 
beleidigt. ;)
Tell me Andre, if a user of your server inform you that you are using 
a wrong source address will you remain quiet? If he insists will you 
call him of ignorant and suggest to approach a real Internet engineer 
to learn how the Internet works?

To spamcop on
Aug 17, 2016:
>> I don’t need help of anyone to identify the source of spam.
>> Several times I corrected your wrong source. I do this better than 
your company.
>> Are you crazy? A half-wit? Is that your excuse for your criminal 
behavior?
>> I copied to Cisco’s Privacy Mailer because you never sent any of 
my complaints

>> for those networks referenced. DURING AN ENTIRE YEAR, liar idiot.
>> COUNTLESS HOURS WERE LOST BECAUSE OF YOU, rascal.
>> You must to learn to respect the people.
> Clearly the problem here is that you, Marilson, completely 
overestimate

> your own technical skills and abilities.
Sorry to disappoint you, Andre, what you're saying is absurd. Why I 
would overestimating something so trivial? I do not want to belittle 
the value of your company but any idiot locates the source of spam or 
scam. Do you think necessary to have technical skills and abilities 
for this?
What I put for your evaluation is the time, the hours lost during a 
year using spamcop. And that is unacceptable. They are yes, liar, 
idiot, rascal and arrogants of shit.
Man, I know why you are so angry. In the true, to get the information 
that spamcop provides, it is enough being able to read and know a 
little bit English language. Stress the necessity for a major 
technological knowledge will value your company. But if you will 
drink from the same source of spamcop and act as they act, then your 
company will be unreliable because it will present wrong scam source 
address. At least 5%, Dr Engineer

in Expertise Area of Information Technology.
Good luck
Marilson
***
*From:* Marilson 
*Sent:* Wednesday, August 31, 2016 7:20 PM
*To:* an...@ox.co.za 
*Cc:* anti-abuse-wg@ripe.net 
*Subject:* Re: [anti-abuse-wg] Definition of Internet Abuse * pre-final
On Aug 31, 2016 02:22 AM Andre Coetzee wrote:
> Just this very long thread and all the confusion about what is actually
> Internet abuse and what is not - serves as plain and evident proof that
> even this, an actual anti-abuse WG, desperately needs a definition of
> Internet Abuse. Civil society is simply ignorant of their own
> requirement(s).
First I want to thank you for having changed your attitude and not 
have mocked.
I do not know whether the members of the group desperately needs a 
definition of Internet Abuse. But as a member of civil society, 
non-technical in IT, end user of the Internet and real victim of 
abuse, I can guarantee you that we need desperately is an ethical and 
honest behavior on the part of ISPs. 

Re: [anti-abuse-wg] Definition of Internet Abuse * pre-final

[Volker Greimann]

Insults usually get you ignored by any provider. It does not matter if 
you have a valid complaint, if you insult us you are disqualified.


Best,

Volker


Am 01.09.2016 um 00:20 schrieb Marilson:

On Aug 31, 2016 02:22 AM Andre Coetzee wrote:
> Just this very long thread and all the confusion about what is actually
> Internet abuse and what is not - serves as plain and evident proof that
> even this, an actual anti-abuse WG, desperately needs a definition of
> Internet Abuse. Civil society is simply ignorant of their own
> requirement(s).
First I want to thank you for having changed your attitude and not 
have mocked.
I do not know whether the members of the group desperately needs a 
definition of Internet Abuse. But as a member of civil society, 
non-technical in IT, end user of the Internet and real victim of 
abuse, I can guarantee you that we need desperately is an ethical and 
honest behavior on the part of ISPs. The rest has not the least 
importance.
For me it is not clear your goal. But it is not of my business. And I 
congratulate you again. But if you intend to use the technical 
definition of Internet Abuse to decide whether the complaint of a 
victim of abuse should or should not put a domain on the blocklist, 
your group will not have credibility. You will be thwarting a real 
victim of abuse to have his case met due to a technicality.

> 2. I am also a...@spamcop.net - SpamCop is also a community although
> operated graciously and ethically by Cisco. We are all honorable,
> ethical and honest people - I challenge you in public to tell me the
> name or email address of one SpamCop member that is not that?
You continue underestimating people. Sorry to disappoint you. I threw 
a bait - spamcop - and you bit. ;) Regarding your challenge I will 
make much more than you asked for. I will paste below the only two 
messages between me and a spamcop member. And these messages occurred 
only because I was forced to complain about the SpamCop by copying for 
Cisco's Privacy Mailer.
All my messages addressed to supp...@spamcop.net 
 correcting the source of spam 
identification were constantly ignored by these honorable and ethical 
people. I was throwing away my time because the reports, via spamcop, 
would never come to the sources of scam. To solve this I appealed to 
Cisco: (follow the dates - had to insult to be attended)

*From:*SpamCop/Richard
*Sent:*Monday, January 11, 2016 5:48 PM
*To:*marilson.m...@gmail.com
*Subject:*Re: Fw: Spamcop error
Thank you for the information.  A cache refresh has changed the
reporting addresses used for 212.47.224.0/19


Richard
Please include previous correspondence with replies
.:|:.:|:.

*From:*Marilson
*Sent:*Monday, January 11, 2016 6:34 AM
*To:*priv...@cisco.com
*Subject:*Fw: Spamcop error
Thank you for nothing, arrogants of shit...
***
*From:*Marilson
*Sent:*Friday, December 11, 2015 12:11 PM
*To:*priv...@cisco.com
*Subject:*Spamcop error
Gentlemen, your subsidiary*/Spamcop/* is incurring a mistake 
repeatedly. I can not find a way or formulary to contact spamcop and 
explain where the error is.

I appeal to you to resolve this problem:
I managed that a known Brazilian spammer, who uses spam to practice 
embezzlement, be put out of 2 or 3 ISPs. Now he is using a new 
provider - */Tiscali.fr/* - with the IP */212.47.244.217/*.

To this IP the address is*/ab...@proxad.net/*
To */tiscali.fr/*, a subsidiary of */tiscali.it/*, is 
*/ab...@it.tiscali.com/*

Spamcop insists on using */ab...@tiscali.fr/*
This address does not exist. If this is not corrected the criminal 
spammer will not be denounced.

Thanks
Marilson
***
As requests for corrections continued to be ignored, I decided to 
check the send to the correctly identified sources. Now the 
disappointment was absolute. No complaint was sent. More than a year 
doing complaints and nothing was sent. I decided upending the tea 
table and treat them with the respect they deserved:

*From:*Marilson
*Sent:*Wednesday, August 17, 2016 1:55 PM
*To:*SpamCop/Richard
*Cc:*priv...@cisco.com; guardian.read...@theguardian.com; The Wall 
Street Journal; s...@uce.gov; gmail-ab...@google.com
*Subject:*Re: [SpamCop (208.84.242.164) 
id:6470587522]=?UTF-8?B?Q09SUkVJT1MgLSBPYmpldG8gYWd1YXJkYW5kbyBy..
...to help me identify the source of spam ?!? I don’t need help of 
anyone to identify the source of spam. Several times I corrected your 
wrong source. I do this better than your company. What I can not do is 
block a domain. Yes, I opted to send a copy of each of these reports 
to my own address *AND FOR THOSE NETWORKS REFERENCED IN SCAN.*
/> You then flipped out on Cisco's Privacy Mailer because we were 
sending you mail, mail you sent yourself. /
Are you crazy? A half-wit? Is that your excuse for your criminal 
behavior? I copied to Cisco’s Privacy Mailer because you never sent 

Re: [anti-abuse-wg] Russian carding... no, Islandic carding... no Belizian carding!

[Volker Greimann]

Speaking on general terms, not on the specific website, anything you 
cite could also occur in a legit website. In a globalized world, users 
are free to deal with any service provider they trust and register 
domains in any TLD they chose. There is nothing fishy about that per se.


The domain name string you cite is quite a nice string, which probably 
was not available in many TLDs anymore. Further, the TLD sting. ".is" 
can be used as a hack as it is an English language word.


Just my 2 cents,

Volker


Am 09.08.2016 um 05:14 schrieb Ronald F. Guilmette:

https://www.verified.is/   (Gee!  Big surprise!  Russian language only.)
-> .IS = Iceland
-> 82.221.130.101

That site is obviously all written in Russian, but it is resident on
a little /26 IP address block that's pretending to be owned by a Belizian
company.  (See below.)  But of course, it's actually physically sitting
in a data center somewhere in Iceland, and on an Icelandic AS.

I am seeing this kind of thing almost every day now... bullshit domains
sitting on bullshit networks, almost always in RIPE IP space, but all
claiming to be in either Belize or UAE.

I've given up any hope that posting any of this kind of information here
will have any impact on anything, ever.  A part of me wants to scream
"Which part of this repeating pattern do you folks not understand?" but
I know that doing so here is pointless.  So I'm really only posting this
here so that later on, nobdy can say to me "Gee Ron, why didn't you ever
say anything to anybody about that?"

I did say something.  In fact I said plenty... about both Belize and UAE.
It's not my fault if everybody with power and influence within RIPE
continued to ignore the now all-too-obvious patterns because the self-
evident truths about what's been going on doesn't suit their own financial
interests.


Regards,
rfg

P.S.  At least the .IS domain administrators are looking at possibly
suspending the doamin name on the grounds that the registration info
"isn't accurate".  I commend them for that.  That's one hell of a
lot more than the network operator (AS50613, Advania) is willing to do.
Advania didn't even have the courtesy to answer my email, even if only
to tell me to go pound sand.

=
inetnum:82.221.130.64 - 82.221.130.127
netname:ORANGEWEB
descr:  OrangeWebsite.com - Network
org:ORG-IL351-RIPE
country:IS
admin-c:OTD3-RIPE
tech-c: OTD3-RIPE
status: ASSIGNED PA
mnt-by: MNT-ADVANIA
created:2016-01-27T15:08:11Z
last-modified:  2016-01-27T15:08:11Z
source: RIPE

organisation:   ORG-IL351-RIPE
org-name:   Icenetworks Ltd.
org-type:   OTHER
address:60 Market Square
address:Belize City, Belize   <== I hope they speak Russian down there!
e-mail: sa...@orangewebsite.com
abuse-c:OTD3-RIPE
mnt-ref:MNT-ADVANIA
mnt-by: MNT-ADVANIA
created:2014-11-05T10:30:10Z
last-modified:  2014-11-05T10:46:28Z
source: RIPE

role:   OrangeWebsite.com Technical Department
address:OrangeWebsite.com
address:Klapparstigur 7
address:101 Reykjavik
address:Iceland
abuse-mailbox:  ab...@orangewebsite.com
e-mail: supp...@orangewebsite.com
admin-c:AK12182-RIPE
tech-c: AK12182-RIPE
mnt-by: MNT-ADVANIA
nic-hdl:OTD3-RIPE
created:2013-12-16T09:41:11Z
last-modified:  2013-12-16T09:41:11Z
source: RIPE

% Information related to '82.221.128.0/19AS50613'

route:  82.221.128.0/19
descr:  Advania / Thor Data Center
origin: AS50613
mnt-by: THOR-MNT
mnt-lower:  THOR-MNT
created:2013-07-30T12:15:23Z
last-modified:  2013-07-30T12:15:23Z
source: RIPE




--
Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

Mit freundlichen Grüßen,

Volker A. Greimann
- Rechtsabteilung -

Key-Systems GmbH
Im Oberen Werk 1
66386 St. Ingbert
Tel.: +49 (0) 6894 - 9396 901
Fax.: +49 (0) 6894 - 9396 851
Email: vgreim...@key-systems.net

Web: www.key-systems.net / www.RRPproxy.net
www.domaindiscount24.com / www.BrandShelter.com

Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
www.facebook.com/KeySystems
www.twitter.com/key_systems

Geschäftsführer: Alexander Siffrin
Handelsregister Nr.: HR B 18835 - Saarbruecken
Umsatzsteuer ID.: DE211006534

Member of the KEYDRIVE GROUP
www.keydrive.lu

Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht 
nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder 
telefonisch in Verbindung zu setzen.



Should you have any further questions, please do not hesitate to contact us.

Best