On 7 Jun 2022, at 12:14, Gert Doering <gert@space.net> wrote:
Hi,
On Tue, Jun 07, 2022 at 11:02:19AM +0000, Ángel González Berdasco via anti-abuse-wg wrote:
I don't think the problem would be to add a new attribute if needed. The problem would be to *define* what should go there (and then get everyone downstream to use that new attribute)
This... so, what would you suggest?
It would be nice, both for abuse contacts, and the potential security contact, to be able to advertise that you accept machine readable reports, what formats and how to accept them. There’s an obvious advantage for the abuse/security desk consuming reports for that, but it would also be an improvement in many ways for generators of reports over the current system where abuse-c contains an email address, and that email address is just an autoresponder saying that mail sent there isn’t read (but there’s this other channel over here you can use). I’ve a nasty feeling that any email address added as a security contact will be used as an additional place to report spam coming from the network, which might not be what the people on the end of that alias really need more of. Cheers, Steve