Upon determining the upstream peers of AS24961, complain to those upstream peers:
 
https://bgp.he.net/AS24961#_graph4
 
and ask them to provide the contract between themselves and AS24961 so you can find which section of the contract is violated, then complaint to the upstream peer head office.
 
 
--------- Original Message ---------
Subject: [anti-abuse-wg] AS24961 myLoc managed IT AG, uadns.com, ledl.net, and non-disclosing registries
From: "Hans-Martin Mosner" <hmm@heeg.de>
Date: 2/19/20 6:18 pm
To: "anti-abuse-wg@ripe.net" <anti-abuse-wg@ripe.net>

AS24961 (RIPE NCC member myLoc managed IT AG) continues to host one persistent spam sender years after years. I have
complained to them a number of times, with no noticeable effect.

The sender is recognizable by characteristics of their domain names and local parts, and most importantly by their DNS
service, which is always uadns.com. Would be easy to deny them service if myLoc wanted to.

Domain registrations are most often done via Ledl.net GmbH (RIPE NCC member).

Registries DENIC eG (RIPE NCC member), EURid vzw (RIPE NCC member), nic.at GmbH (RIPE NCC member) willingly accept
registrations that have most likely fake data (which I can't check because these data are conveniently not disclosed,
although they very likely describe a commercial entity and not existing private persons and are therefore not subject to
GDPR protections.)

Excuse me while I vomit a little.

I know that this working group is not responsible for handling individual cases of abuse, so my intention is not to get
a solution (which I already did via nullrouting that AS) but to understand how persistent abuse-enabling entities can
act unhindered without any clear escalation path. Effectively extracting the last rotten tooth "ICANN Whois Inaccuracy
Complaint" by hiding all registration data so that an inaccuracy check is made impossible didn't help much...

Cheers,
Hans-Martin