Hi,
On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
wrote:
> I obviously don't speak for the incident handling community, but i think
> this (making it optional) would be a serious step back. The current
> situation is already very bad when in some cases we know from
Hi All
So maybe a word from an "Incident Responder".
I do feel very much, that we should have an abuse conntact, and it
should be tested to wok, in the sense that some one reads the mail sent
there.
Here are my reasons:
- Having such a mailbox may increase the pressure for orgs to actually
do s
Hi,
On Wed, Jan 15, 2020 at 09:14:59AM +0100, Serge Droz via anti-abuse-wg wrote:
> I kind of don't buy into "There is no point on placing a burden on orgs
> that choose not to act".
This is not what I said. My stance on this is: placing extra burdens on
orgs *that do the right thing today* (wit
Hi Gert
Sorry I misunderstood you then. But honestly, this does not really place
a burden on you.
RIPE can automate this, and you simply reply to a message. We do this,
e.g. in TF-CSIRT twice a year, and it does help, event the good guys,
that realize they have an issue and did not receive their
Hi,
On Wed, Jan 15, 2020 at 09:24:21AM +0100, Serge Droz wrote:
> Sorry I misunderstood you then. But honestly, this does not really place
> a burden on you.
It does. Even if it's just 5 minutes per Mail - I need to train abuse
handlers what to do with this sort of message, etc.
> So I think t
Hi,
Maybe we can change the approach.
If RIPE website had a platform to post abuse report, that send the email for
the abuse contact, it will be possible to evaluate the responsiveness of the
abuse contact.
This way anyone that report an abuse could assess not only the response but
also the effec
On Wed, 15 Jan 2020, Gert Doering wrote:
Hi,
Hi,
(please see inline)
On Wed, Jan 15, 2020 at 07:23:38AM +, Carlos Friaças via anti-abuse-wg
wrote:
I obviously don't speak for the incident handling community, but i think
this (making it optional) would be a serious step back. The cur
Hi Sergio, All,
It seems you are proposing a new reputation system, to be managed by the
RIPE NCC.
If this is the case, you can always try to draft a new policy proposal :-)
Cheers,
Carlos
On Wed, 15 Jan 2020, Sérgio Rocha wrote:
Hi,
Maybe we can change the approach.
If RIPE website ha
In message <20200115080615.gq72...@space.net>,
Gert Doering wrote:
>So why is it preferrable to send mails which are not acted on, as
>opposed to "not send mail because you know beforehand that the other
>network is not interested"?
Not sure that I understand fully the context of the question h
In message <02d201d5cb84$89d6b950$9d842bf0$@makeitsimple.pt>,
"=?iso-8859-1?Q?S=E9rgio_Rocha?=" wrote:
>Maybe we can change the approach.
>If RIPE website had a platform to post abuse report, that send the email for
>the abuse contact, it will be possible to evaluate the responsiveness of the
>a
Serge Droz via anti-abuse-wg wrote on 15/01/2020 08:24:
So the extra work is what, 10 minutes / year, if the system is setup
properly?
Serge,
The policy proposal here is: if the registry doesn't comply, then it is
in explicit violation of RIPE policies.
According to the "Closure of Members,
Hi Nick,
Not really, I think you're reading a different text ... I'm not intending to
ask RIPE to verify if the operators resolve the abuse cases.
The point here is to amend the existing policy to do a *good* validation of the
abuse mailbox.
The actual policy only makes a "technical" validatio
JORDI PALET MARTINEZ via anti-abuse-wg wrote on 15/01/2020 12:38:
and allows sending abuse reports
You're demanding that resource holders handle abuse reports by email and
how to handle that mailbox, i.e. telling them how to run their businesses.
It's not appropriate for the RIPE NCC to get
Folks,
While not attempting to discuss the merits or otherwise of a reputation system
(other than the fact I've seen many of them proposed and we still have lots of
problems), I would say one thing on your comments below, Ronald.
The RIPE NCC service region is not just the EU, it isn't just th
In message <44130.1579053...@segfault.tristatelogic.com>, Ronald F.
Guilmette writes
>That comment, and that concern, certainly does not seem to apply in any
>country in which either eBay or TripAdvisor operate.
>
>Do you folks on your side of the pond not receive eBay? Are you not able to
>view
In message <02d201d5cb84$89d6b950$9d842bf0$@makeitsimple.pt>, =?iso-
8859-1?Q?S=E9rgio_Rocha?= writes
>Maybe we can change the approach.
>If RIPE website had a platform to post abuse report, that send the email for
>the abuse contact, it will be possible to evaluate the responsiveness of the
>abu
Applause.
--srs
From: anti-abuse-wg on behalf of Richard
Clayton
Sent: Wednesday, January 15, 2020 8:32 PM
To: anti-abuse-wg@ripe.net
Subject: Re: [anti-abuse-wg] working in new version of 2019-04 (Validation of
"abuse-mailbox")
In message <02d201d5cb84$89d6
Is Dutch law really the inhibitor here? Or the possibilities that Richard
outlined?
I seem to recall previous opta nl proposals that took a sensible view of
network abuse, some years back
--srs
From: anti-abuse-wg on behalf of Brian Nisbet
Sent: Wednesday,
+1000
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com/
https://blacknight.blog/
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
---
On Wed, Jan 15, 2020 at 12:16 AM Serge Droz via anti-abuse-wg
wrote:
[...]
> - Lastly: It makes our life as Incident responders easier to have a
> uniform way of sending reports, even if not all of them are followed up.
This is an excellent point but e-mail is probably not the right medium
for
On Wed, Jan 15, 2020 at 9:25 AM Jeffrey Race wrote:
>
> e-mail must be allowed because most victims
> are not organizations but individual net users
E-mail does not scale well. It was great in the 1990s, when the
Internet was smaller and people knew each other. About half the
world's population n
> To an extreme, there should always be a known contact responsible for
> any network infrastructure.
there are, admin and tech
randy, not advocating for or against abuse-c
> The policy proposal here is: if the registry doesn't comply, then it
> is in explicit violation of RIPE policies.
>
> According to the "Closure of Members, Deregistration of Internet
> Resources and Legacy Internet Resources" document (currently RIPE
> 716), if you don't comply with RIPE policie
On Wed, Jan 15, 2020 at 11:02 AM Jeffrey Race wrote:
[...]
> Aside from the reciprocity issue, it's a basic engineering rule
> that systems target their goal only when a corrective
> feedback path exists.
That feedback path does not need to be a personally written e-mail.
Instead, it is possibl
Hi,
On Wed, Jan 15, 2020 at 11:45:10AM -0800, Leo Vegoda wrote:
> While I would accept Gert's proposal for making abuse-c an optional
> attribute, the reason I offered a counter proposal for publishing "a
> statement to the effect that the network operator does not act on
> abuse reports" is to ad
On Wed, Jan 15, 2020 at 2:46 PM Leo Vegoda wrote:
>
> On Wed, Jan 15, 2020 at 11:02 AM Jeffrey Race wrote:
>
> [...]
>
> > Aside from the reciprocity issue, it's a basic engineering rule
> > that systems target their goal only when a corrective
> > feedback path exists.
>
> That feedback path doe
This is the key point.
We already agreed to have a mandatory abuse-c.
We can change our mind and make it optional.
But one way or the other, should be a *real* one. A validation that can be
faked just using (for example) Carlos email, is not a good procedure. It
doesn't make sense at all.
We
I couldn't stop laughing for more than 30 minutes ... this is what they call
(and they pay for) laughter therapy ?
Tks!
El 14/1/20 12:52, "anti-abuse-wg en nombre de Ronald F. Guilmette"
escribió:
In message <671286eb-7fad-4d70-addd-efa0a680b...@consulintel.es>,
JORDI PALET MART
In message <9ew8xocpiyhef...@highwayman.com>,
Richard Clayton wrote:
>these (which are the most interesting parts of the Communications
>Decency Act that did not get invalidated by the application of the First
>Amendment which swept away much of it) provide a safe harbour for the
>people operati
Hi Ronald,
El 14/1/20 13:10, "anti-abuse-wg en nombre de Ronald F. Guilmette"
escribió:
In message <30174d32-225f-467e-937a-5bc42650f...@consulintel.es>,
JORDI PALET MARTINEZ via anti-abuse-wg wrote:
>I think if we try to agree on those ratings, we will never reach consensu
In my opinion, the actual situation is the worst. We are validating over
"nothing". We don't know how many of the "validated" mailboxes are real, or
even read, full, etc.
I will prefer a mandatory abuse-c which is validated in the way I'm proposing,
as it is being done in ARIN and APNIC and soo
Exactly 2 minutes a year (1 minute each time you click the link in the email
from RIPE NCC).
And because you invest 2 minutes a year, you will save a lot of time (many
hours/days) yourself, trying to report abuses to invalid mailboxes!
El 15/1/20 9:24, "anti-abuse-wg en nombre de Serge Droz
What we do today is not a validation if I can use Gert or Serge or any "null"
email in all my abuse contacts and nobody notice it, and then you start getting
abuse reports from other folks ... This is creating lots of wasted time to both
you and the abuse case reporters.
El 15/1/20 9:59, "an
Hi Leo,
El 15/1/20 18:09, "anti-abuse-wg en nombre de Leo Vegoda"
escribió:
On Wed, Jan 15, 2020 at 12:16 AM Serge Droz via anti-abuse-wg
wrote:
[...]
> - Lastly: It makes our life as Incident responders easier to have a
> uniform way of sending reports, even if
Hi,
On Wed, 15 Jan 2020, JORDI PALET MARTINEZ via anti-abuse-wg wrote:
In my opinion, the actual situation is the worst. We are validating over "nothing". We
don't know how many of the "validated" mailboxes are real, or even read, full, etc.
I will prefer a mandatory abuse-c which is vali
Hi Warren,
When some operators aren't responding to abuse cases, or when they are bouncing
emails, or you get a response from someone telling "sorry I'm not the right
contact for this, the email is mistaken", and many other similar situations ...
the operator is telling you "we don't care about
On Wed, Jan 15, 2020 at 10:41:54PM +0100, JORDI PALET MARTINEZ via
anti-abuse-wg wrote:
> Exactly 2 minutes a year (1 minute each time you click the link in the
> email from RIPE NCC).
>
> And because you invest 2 minutes a year, you will save a lot of time
> (many hours/days) yourself, trying to
Hi Job,
You need to have that process already for ARIN and APNIC, and once implemented
LACNIC.
The process is the same. You implement it once (I'm not counting the minutes
that can take to implement it) and it seems simple to me: the abuse-mailbox get
twice a year a verification email, a respo
In message
Leo Vegoda wrote:
>E-mail does not scale well. It was great in the 1990s, when the
>Internet was smaller and people knew each other. About half the
>world's population now has some sort of Internet connectivity.
>Expecting organizations to be able to understand reports from such a
>d
Hi Carlos,
El 15/1/20 22:58, "Carlos Friaças" escribió:
Hi,
On Wed, 15 Jan 2020, JORDI PALET MARTINEZ via anti-abuse-wg wrote:
> In my opinion, the actual situation is the worst. We are validating over
"nothing". We don't know how many of the "vali
That is the most stupid thing i've read on this list.
What little protection the world has from spammers and all manner of criminals,
and you still think it's too much that they even so much as have to check their
email account.
Which criminal is paying you to say this nonsense, because no or
Sergio, that would make too much sense.
This mailing list is not only not even considering what you have said, but they
are trying to remove the requirement of a network operator to even receive
emails about complaints at all.
Pathetic.
It's the year 2019, and these "people" on this list (p
correction: year 2020*
- Original Message - Subject: Re: [anti-abuse-wg] working in
new version of 2019-04 (Validation of "abuse-mailbox")
From: "Fi Shing"
Date: 1/16/20 10:03 am
To: "anti-abuse-wg@ripe.net"
Sergio, that would make too much sense.
This mailing list is not o
In message <58ece9f6-4d64-4315-8ee5-88574f6b4...@consulintel.es>,
JORDI PALET MARTINEZ wrote:
>Right, and that was a part of my point about eBay-like feedback ratings
>for resource holders, i.e. "Let's not even try."
>Instead, let the people decide. Let anyone register a feedback po
This was to be expected, but it is good to know that it really did happen.
https://mybroadband.co.za/news/security/335226-here-are-the-police-charges-filed-in-the-great-african-ip-address-heist.html
I have high hopes for the new AFRINIC CEO. Quite obviously, he is not
at all tained by the sins o
In message <68c5238d-b796-45b9-8735-5849140dc...@consulintel.es>,
JORDI PALET MARTINEZ wrote:
>When some operators aren't responding to abuse cases, or when they are boun=
>cing emails, or you get a response from someone telling "sorry I'm not the =
>right contact for this, the email is mistaken
In message <20200115155949.af7f9f79718891d8e76b551cf73e1563.e548b98006.mailapi@
email19.asia.godaddy.com>, "Fi Shing" wrote:
>That is the most stupid thing i've read on this list.
Well, I think you shouldn't be quite so harsh in your judgement. It is
not immediately apparent that you have been
In message <49348.1579123...@segfault.tristatelogic.com>, Ronald F.
Guilmette writes
>I reiterate and slightly rehprase my question:
>
>Do you people in within the RIPE region see, or not see critical reviews
>on, for example, eBay, TripAdvisor, etc?
we do, but we do not see material which is li
In message ,
Richard Clayton wrote:
>bottom line is that if you want to run a reputation site and not be
>under an obligation to remove libellous material (not fair comment) you
>would be unwise to do it outside the USA
As much as I would like to claim, on behalf of my countrymen, an absolutely
Hi Jordi,
On Wed, Jan 15, 2020 at 1:54 PM JORDI PALET MARTINEZ
wrote:
[...]
> This is an excellent point but e-mail is probably not the right medium
> for that. Standardizing protocols for reporting abuse - and therefore
> acting on those reports more quickly - would be far more hel
>> Best not to judge the race until it has been fully run.
I just do not understand how anyone on this list (other than a criminal or a
business owner that wants to reduce over heads by abolishing an employee who
has to sit and monitor an abuse desk) could be talking about making it easier
f
It would be interesting if a large number of people who actually work for the
security / infosec / abuse teams of various ripe members were to attend the
aawg meetings instead of a clutch of mostly IP / dns / network people.
That won’t take away the impact of organisations that don’t want to do
52 matches
Mail list logo
