Colleagues,
I've added an NCC update on RIPE 2017-02 to the agenda. As mentioned, there is still a small amount of time available during the session on October 18th and there is still an opportunity to nominate yourself or others for the position of WG Chair
A. Administrative Matters
* Welcome
* Scribe, Jabber, Stenography
* Microphone Etiquette
* Approve Minutes from RIPE 76
* Finalise agenda
B. Update
* B1. Working Group Chair Selection
* B1. Recent List Discussion
C. Policies -
*C.1. RIPE NCC Update on 2017-02, Angela Dall'Ara - RIPE NCC
D. Interactions -
E. Presentation -
* E1. Criminal Abuse in RIPE IP Space - Dhia Mahjoub
X. A.O.B.
Z. Agenda for RIPE 78
Thanks
Brian
Co-Chair, RIPE AA-WG
Brian Nisbet
Network Operations Manager
HEAnet CLG, Ireland's National Education and Research Network
1st Floor, 5 George's Dock, IFSC, Dublin D01 X8N7, Ireland
+35316609040 brian.nisbet(a)heanet.ie www.heanet.ie
Registered in Ireland, No. 275301. CRA No. 20036270
In message , ac <ac(a)main.me> writes
>ESP and email relay services should verify recipient email addresses
>prior to sending bulk emails to any random email address.
>
>ESPs that simply start dumping bulk emails on victims often end up
>listed on RBLs for abusive behavior.
>
>But, when is verification emails themselves, spamvertising or email abuse?
when people don't want them in their mailbox
in a world of machine learning and email flows measured in the tens of
billions, the only practical way of identifying abuse is to examine user
feedback ...
... if you're not in the billions regime then you can try and write down
complex rules to guide your users and your abuse teams, but even then
flexibility is key because otherwise you end up arguing with an abuser
who is skating just on the right side of some arbitrary value
>Our own email policy defines verification abuse as "more than 3 verify
>your email account" emails in the same 24 hour period and verify your
>email account emails lasting longer than five 24 hour periods.
>
>Do you think this is reasonable? Too reasonable? More? Less?
it depends on the size of the company/mailing list ... 3 new signups in
a day may be a red letter day, or it may merely indicate that something
broke at thirteen minutes past midnight
>If you receive say 4 "verify your email account" emails in 5 minutes,
>is this abuse?
this question suggests that you might be seeing an outer ripple of an
incident which is the modern form of mail bombing
this is where users receive tens of thousands of verification emails in
a hour or so ... sometimes this is just because the user is disliked,
but it can be an attempt to hide other transactional email (associated
with fraud or domain name theft) amongst all the noise
few mail systems provide suitable tools to end users to deal with this
regrettably few sign-up systems have (even weak) CAPTCHA systems to
prevent automated attacks.... (something which an ISP providing hosting
might usefully start requiring of its customers : rather more practical
than trying to set some arbitrary number on emails sent)
there is a proposal for assisting with automated filtering
https://tools.ietf.org/html/draft-levine-mailbomb-header-01
but it's not currently getting all that much traction.
--
richard Richard Clayton
Those who would give up essential Liberty, to purchase a little temporary
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755
