I think you have misunderstood my point.

> Would they send such report using their customer's own web form?

No? I don't know what implied that?

> Yes, doing so requires some work too, but heck aren't we paying for that already?

The person sending the abuse report is rarely a paying customer.

> The right thing to do would be to arrange for the abuse mailbox address to point (in)directly to the actual user of the IP address.

I am assuming you are referring to having a separate abuse contact for each customer, so like abuse.cust123@domain and registering it in the RIPE Registry/DB?

In some cases with large customers maybe but if you are a hosting provider where each customer might only have one or two IPv4 addresses, that can get to an insane amount of handles and make the database really messy.

Also the customer in question is not the only info that is relevant, like is it DoS, spam, or port scanning, etc?

But in general I think there are pros and cons to web forms and email templates just as there are pros and cons to arbitrarily structured emails.

-Cynthia

On Thu, Feb 25, 2021 at 10:05 AM Alessandro Vesely <vesely@tana.it> wrote:

Sorry for being late to the party...

On Sun 21/Feb/2021 03:44:07 +0100 Cynthia Revström via anti-abuse-wg wrote:
> If the hosting company provides a web form, they can have a field where they
> explicitly ask for the offending IP address.
> This report could then automatically also be sent to the customer in question,
> because we shouldn't assume the customer is malicious, they might just have a
> bad config that made them a relay for example.

Would they send such report using their customer's own web form?

The right thing to do would be to arrange for the abuse mailbox address to
point (in)directly to the actual user of the IP address. Yes, doing so
requires some work too, but heck aren't we paying for that already?

Best
Ale
--