Re: [anti-abuse-wg] Decision on Proposal 2017-02 & Next Steps

[Name]

So an admin sets their email to "f...@hotmail.com" and it passes, because hotmail has a valid email server and its "syntax" is correct?It can be validated as human by CAPTCHA:https://en.wikipedia.org/wiki/CAPTCHAThe current wording is wasting everyone's time, and seriously, does it need a change in policy if it's implemented as is? How does it change a single thing?


 Original Message ----
Subject: Re: [anti-abuse-wg] Decision on Proposal 2017-02 & Next Steps
From: Janos Zsako <zs...@iszt.hu>
Date: Wed, March 14, 2018 11:29 pm
To: Name <phish...@storey.xxx>, anti-abuse-wg@ripe.net

Dear Anonymous "Name",

> How do you check the email address is valid if you don't email it?
> 
> https://www.ripe.net/participate/policies/proposals/2017-02

I think the NCC will be able to tell more details when the plans are ready.

For now, the relevant part is probably:

> The RIPE NCC will validate the technical parameters of an “abuse-mailbox:” attribute, such as syntax, domain and mail server configuration, to determine if it is correctly configured to receive messages.

One can determine with a high degree of confidence whether mail sent to a
given address is accepted for delivery by the mail server specified as MX
in the DNS for the given e-mail address. To me it is a good start and
much more than not checking anything.

One can probably not test whether the accepted mail is indeed delivered
and even less whether is is eventually read by a human. The latter cannot
be checked even if one does send the e-mail and even get a reply (generally
speaking one cannot be certain the response was sent by a human).

Therefore, I would leave the details to the NCC for now.

Best regards,
Janos

Re: [anti-abuse-wg] Decision on Proposal 2017-02 & Next Steps

[Brian Nisbet]

And apologies for the subject change, which I meant to edit. We’ve a new email 
system in work which needs training.

Brian

Brian Nisbet
Network Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nis...@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270

From: Brian Nisbet
Sent: Wednesday 14 March 2018 11:31
To: 'Name' <phish...@storey.xxx>; anti-abuse-wg@ripe.net
Subject: RE: SPAM-heanet-- RE: [anti-abuse-wg] Decision on Proposal 2017-02 & 
Next Steps

Hi,

I haven’t given an exhaustive list of all of the emails sent, but they are all 
in the archive. I believe I have covered some of the main points below. While I 
don’t feel a number of them are valid, as discussed, they were stated as 
initial reasons for objection.

Given my statements below I now wish people to either clarify their reasons for 
objection or say they no longer object or something in between.

We’ll then review this at the end of the current phase.

Thanks,

Brian

Brian Nisbet
Network Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nis...@heanet.ie<mailto:brian.nis...@heanet.ie> 
www.heanet.ie<http://www.heanet.ie>
Registered in Ireland, No. 275301. CRA No. 20036270

From: Name <phish...@storey.xxx<mailto:phish...@storey.xxx>>
Sent: Tuesday 13 March 2018 01:28
To: Brian Nisbet <brian.nis...@heanet.ie<mailto:brian.nis...@heanet.ie>>; 
anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net>
Subject: SPAM-heanet-- RE: [anti-abuse-wg] Decision on Proposal 2017-02 & Next 
Steps

"we do not believe rough consensus has been reached."


Who spoke out against it, and what did they say? I haven't seen anything that 
says that consensus has not been reached.

What does "consensus" look like?



---- Original Message 
Subject: [anti-abuse-wg] Decision on Proposal 2017-02 & Next Steps
From: Brian Nisbet <brian.nis...@heanet.ie<mailto:brian.nis...@heanet.ie>>
Date: Mon, March 12, 2018 11:57 pm
To: "anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net>" 
<anti-abuse-wg@ripe.net<mailto:anti-abuse-wg@ripe.net>>

Colleagues,

We've been thinking about this for some time and attempting to find a way 
through the various comments and messages in regards to 2017-02.

We believe the best option at this point is to extend the review phase of this 
proposal for a further 4 weeks as we do not believe rough consensus has been 
reached. However we also do not believe that there has been sufficient clear 
argument to reject the proposal.

We think that during this time it would be useful if those who engaged in the 
discussion but did not express a preference could do so.

It would also be useful if those who commented on the first version of the 
proposal, especially those who objected, still objected after the second 
version was published.

It should also be noted that the NCC have laid out the method by which they 
would plan to implement this proposal, so we do not believe that discussion 
around alternative methods nor additional checks is germane. It is also clear 
that the ARC will be used in conjunction with the automated checks. It is also 
clear that this will not require "make work" from any admins to answer.

Finally we need to address the objections around the possible implications of 
organisations *not* following this policy. It is clear that 2017-02 does not 
attempt to introduce any additional processes nor change how the NCC would act 
in cases where policies are not followed. We believe this has been clarified. 
If members of the community have an issue with these procedures then we think 
that's a separate discussion, rather than a valid reason to object to 2017-02

Other than those listed above, there was a feeling expressed that this will not 
make any meaningful difference. Both the RIPE NCC and the proposers have said 
that this work to improve the quality of data will be greatly appreciated. We 
would also mention that policies can be further amended in the future.

So, if everyone could take a look at the latest version of 2017-02 again that 
would be appreciated.

If you have already stated your support there is no need to do so.

If you are opposed, then please consider the above and the various discussions 
and see if you are still opposed to this version of the proposal. If so, can 
you please state which reasons for opposition have not been clarified nor 
resolved.

Obviously if you haven't stated a preference either way, as I mention above, 
this is your opportunity to do so!

Thanks,

Brian
Co-Chair, RIPE AA-WG

Brian Nisbet
Network Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFS

[anti-abuse-wg] Decision on Proposal 2017-02 & Next Steps

[Brian Nisbet]

Colleagues,

We've been thinking about this for some time and attempting to find a way 
through the various comments and messages in regards to 2017-02.

We believe the best option at this point is to extend the review phase of this 
proposal for a further 4 weeks as we do not believe rough consensus has been 
reached. However we also do not believe that there has been sufficient clear 
argument to reject the proposal.

We think that during this time it would be useful if those who engaged in the 
discussion but did not express a preference could do so.

It would also be useful if those who commented on the first version of the 
proposal, especially those who objected, still objected after the second 
version was published.

It should also be noted that the NCC have laid out the method by which they 
would plan to implement this proposal, so we do not believe that discussion 
around alternative methods nor additional checks is germane. It is also clear 
that the ARC will be used in conjunction with the automated checks. It is also 
clear that this will not require "make work" from any admins to answer.

Finally we need to address the objections around the possible implications of 
organisations *not* following this policy. It is clear that 2017-02 does not 
attempt to introduce any additional processes nor change how the NCC would act 
in cases where policies are not followed. We believe this has been clarified. 
If members of the community have an issue with these procedures then we think 
that's a separate discussion, rather than a valid reason to object to 2017-02

Other than those listed above, there was a feeling expressed that this will not 
make any meaningful difference. Both the RIPE NCC and the proposers have said 
that this work to improve the quality of data will be greatly appreciated. We 
would also mention that policies can be further amended in the future.

So, if everyone could take a look at the latest version of 2017-02 again that 
would be appreciated. 

If you have already stated your support there is no need to do so. 

If you are opposed, then please consider the above and the various discussions 
and see if you are still opposed to this version of the proposal. If so, can 
you please state which reasons for opposition have not been clarified nor 
resolved.

Obviously if you haven't stated a preference either way, as I mention above, 
this is your opportunity to do so!

Thanks,

Brian
Co-Chair, RIPE AA-WG

Brian Nisbet 
Network Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nis...@heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270