Re: [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
I fully agree with this proposal and should be implemented ASAP. HOWEVER, I’ve a question regarding the impact analysis, and specially this sentence: “To increase efficiency, this process will use an automated solution that will allow the validation of “abuse-mailbox:” attributes without sending an email. No action will be needed by resource holders that have configured their “abuse-mailbox:” attribute correctly.” Reading the policy proposal, how the NCC concludes that it should be “without sending an email”? I will say that the right way to do a validation (at creation/modification and yearly) is, in a way that makes sense (having an email that nobody is processing is exactly the same as not having the abuse attribute at all): 1) Send an email with a link that must be clicked by a human (so some kind of captcha-like mechanism should be followed) 2) If this link is not clicked in a period of 48 hours (not including Saturday-Sunday), an alarm should be generated so the NCC can take the relevant actions and make sure that the mailbox is actively monitored by the LIR Regards, Jordi -----Mensaje original----- De: policy-announce <policy-announce-bounces@ripe.net> en nombre de Marco Schmidt <mschmidt@ripe.net> Fecha: jueves, 18 de enero de 2018, 12:23 Para: <policy-announce@ripe.net> Asunto: [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation) Dear colleagues, Policy proposal 2017-02, "Regular abuse-c Validation" is now in the Review Phase. The goal of this proposal is to give the RIPE NCC a mandate to regularly validate "abuse-c:" information and to follow up in cases where the attribute is deemed to be incorrect. This proposal has been updated following the last round of discussion and is now at version v2.0. Some of the differences from version v1.0 include: - A focus on validating the "abuse-mailbox:" attribute and fixing incorrect contact information - Added references to RIPE Policies and RIPE NCC procedures The RIPE NCC has prepared an impact analysis on this latest proposal version to support the community’s discussion. You can find the full proposal and impact analysis at: https://www.ripe.net/participate/policies/proposals/2017-02 And the draft documents at: https://www.ripe.net/participate/policies/proposals/2017-02/draft As per the RIPE Policy Development Process (PDP), the purpose of this four-week Review Phase is to continue discussing the proposal, taking the impact analysis into consideration, and to review the full draft policy document. At the end of the Review Phase, the WG Chairs will determine whether the WG has reached rough consensus. It is therefore important to provide your opinion, even if it is simply a restatement of your input from the previous phase. We encourage you to read the proposal, impact analysis and draft document, and share your comments on <anti-abuse-wg@ripe.net> <mailto:anti-abuse-wg@ripe.net> before 16 February 2018. Kind regards, Marco Schmidt Policy Development Officer RIPE NCC ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
I second Jordi's opinion that validation of the abuse-mailbox should require human interaction of the resource holder. In addition to solving a captcha the resource holder might need to confirm (click a checkbox) that he will monitor the abuse-mailbox account on a regular basis and take appropriate action to solve reported abuse cases. - Thomas CERT-Bund Incident Response & Malware Analysis Team On 18.01.2018 19:44, JORDI PALET MARTINEZ via anti-abuse-wg wrote:
I fully agree with this proposal and should be implemented ASAP.
HOWEVER, I’ve a question regarding the impact analysis, and specially this sentence:
“To increase efficiency, this process will use an automated solution that will allow the validation of “abuse-mailbox:” attributes without sending an email. No action will be needed by resource holders that have configured their “abuse-mailbox:” attribute correctly.”
Reading the policy proposal, how the NCC concludes that it should be “without sending an email”?
I will say that the right way to do a validation (at creation/modification and yearly) is, in a way that makes sense (having an email that nobody is processing is exactly the same as not having the abuse attribute at all): 1) Send an email with a link that must be clicked by a human (so some kind of captcha-like mechanism should be followed) 2) If this link is not clicked in a period of 48 hours (not including Saturday-Sunday), an alarm should be generated so the NCC can take the relevant actions and make sure that the mailbox is actively monitored by the LIR
Regards, Jordi
I support the proposal in general and i also think a human interaction of the resource holder is required. Am 19.01.18 um 09:52 schrieb Thomas Hungenberg:
I second Jordi's opinion that validation of the abuse-mailbox should require human interaction of the resource holder. In addition to solving a captcha the resource holder might need to confirm (click a checkbox) that he will monitor the abuse-mailbox account on a regular basis and take appropriate action to solve reported abuse cases.
- Thomas
CERT-Bund Incident Response & Malware Analysis Team
On 18.01.2018 19:44, JORDI PALET MARTINEZ via anti-abuse-wg wrote:
I fully agree with this proposal and should be implemented ASAP.
HOWEVER, I’ve a question regarding the impact analysis, and specially this sentence:
“To increase efficiency, this process will use an automated solution that will allow the validation of “abuse-mailbox:” attributes without sending an email. No action will be needed by resource holders that have configured their “abuse-mailbox:” attribute correctly.”
Reading the policy proposal, how the NCC concludes that it should be “without sending an email”?
I will say that the right way to do a validation (at creation/modification and yearly) is, in a way that makes sense (having an email that nobody is processing is exactly the same as not having the abuse attribute at all): 1) Send an email with a link that must be clicked by a human (so some kind of captcha-like mechanism should be followed) 2) If this link is not clicked in a period of 48 hours (not including Saturday-Sunday), an alarm should be generated so the NCC can take the relevant actions and make sure that the mailbox is actively monitored by the LIR
Regards, Jordi
-- Mit freundlichem Gruß Artfiles New Media GmbH Andreas Worbs Artfiles New Media GmbH | Zirkusweg 1 | 20359 Hamburg Tel: 040 - 32 02 72 90 | Fax: 040 - 32 02 72 95 E-Mail: support@artfiles.de | Web: http://www.artfiles.de Geschäftsführer: Harald Oltmanns | Tim Evers Eingetragen im Handelsregister Hamburg - HRB 81478
I also think that Thomas suggestion of a checkbox agreeing with regularly monitoring the abuse-mailbox is a wonderful suggestion. Regards, Jordi -----Mensaje original----- De: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> en nombre de Andreas Worbs <anw@artfiles.de> Organización: Artfiles New Media GmbH Fecha: viernes, 19 de enero de 2018, 10:23 Para: <anti-abuse-wg@ripe.net> Asunto: Re: [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation) I support the proposal in general and i also think a human interaction of the resource holder is required. Am 19.01.18 um 09:52 schrieb Thomas Hungenberg: > I second Jordi's opinion that validation of the abuse-mailbox should require > human interaction of the resource holder. In addition to solving a captcha > the resource holder might need to confirm (click a checkbox) that he will > monitor the abuse-mailbox account on a regular basis and take appropriate > action to solve reported abuse cases. > > > - Thomas > > CERT-Bund Incident Response & Malware Analysis Team > > > On 18.01.2018 19:44, JORDI PALET MARTINEZ via anti-abuse-wg wrote: >> I fully agree with this proposal and should be implemented ASAP. >> >> HOWEVER, I’ve a question regarding the impact analysis, and specially this sentence: >> >> “To increase efficiency, this process will use an automated solution that will allow the validation of “abuse-mailbox:” attributes without sending an email. No action will be needed by resource holders that have configured their “abuse-mailbox:” attribute correctly.” >> >> Reading the policy proposal, how the NCC concludes that it should be “without sending an email”? >> >> I will say that the right way to do a validation (at creation/modification and yearly) is, in a way that makes sense (having an email that nobody is processing is exactly the same as not having the abuse attribute at all): >> 1) Send an email with a link that must be clicked by a human (so some kind of captcha-like mechanism should be followed) >> 2) If this link is not clicked in a period of 48 hours (not including Saturday-Sunday), an alarm should be generated so the NCC can take the relevant actions and make sure that the mailbox is actively monitored by the LIR >> >> Regards, >> Jordi > -- Mit freundlichem Gruß Artfiles New Media GmbH Andreas Worbs Artfiles New Media GmbH | Zirkusweg 1 | 20359 Hamburg Tel: 040 - 32 02 72 90 | Fax: 040 - 32 02 72 95 E-Mail: support@artfiles.de | Web: http://www.artfiles.de Geschäftsführer: Harald Oltmanns | Tim Evers Eingetragen im Handelsregister Hamburg - HRB 81478 ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Yes, the idea Thomas had about human interaction, solving a captcha and a tickbox is a great idea my 1c Andre On Fri, 19 Jan 2018 10:29:42 +0100 JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote:
I also think that Thomas suggestion of a checkbox agreeing with regularly monitoring the abuse-mailbox is a wonderful suggestion. Regards, Jordi Para: <anti-abuse-wg@ripe.net> Asunto: Re: [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation) I support the proposal in general and i also think a human interaction of the resource holder is required.
Am 19.01.18 um 09:52 schrieb Thomas Hungenberg: > I second Jordi's opinion that validation of the abuse-mailbox > should require human interaction of the resource holder. In > addition to solving a captcha the resource holder might need to > confirm (click a checkbox) that he will monitor the > abuse-mailbox account on a regular basis and take appropriate > action to solve reported abuse cases. > > > - Thomas > > CERT-Bund Incident Response & Malware Analysis Team > > > On 18.01.2018 19:44, JORDI PALET MARTINEZ via anti-abuse-wg > wrote: >> I fully agree with this proposal and should be implemented >> ASAP. >> >> HOWEVER, I’ve a question regarding the impact analysis, and >> specially this sentence: >> >> “To increase efficiency, this process will use an automated >> solution that will allow the validation of “abuse-mailbox:” >> attributes without sending an email. No action will be needed >> by resource holders that have configured their >> “abuse-mailbox:” attribute correctly.” >> >> Reading the policy proposal, how the NCC concludes that it >> should be “without sending an email”? >> >> I will say that the right way to do a validation (at >> creation/modification and yearly) is, in a way that makes >> sense (having an email that nobody is processing is exactly >> the same as not having the abuse attribute at all): 1) Send an >> email with a link that must be clicked by a human (so some >> kind of captcha-like mechanism should be followed) 2) If this >> link is not clicked in a period of 48 hours (not including >> Saturday-Sunday), an alarm should be generated so the NCC can >> take the relevant actions and make sure that the mailbox is >> actively monitored by the LIR >> >> Regards, >> Jordi >
-- Mit freundlichem Gruß
Artfiles New Media GmbH
Andreas Worbs
Artfiles New Media GmbH | Zirkusweg 1 | 20359 Hamburg Tel: 040 - 32 02 72 90 | Fax: 040 - 32 02 72 95 E-Mail: support@artfiles.de | Web: http://www.artfiles.de Geschäftsführer: Harald Oltmanns | Tim Evers Eingetragen im Handelsregister Hamburg - HRB 81478
********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Hi Jordi, A period of 48 hours looks too short to me, I suggest something like within a period of 2 working days (or even more). Regards, Arash On Fri, Jan 19, 2018 at 5:44 AM, JORDI PALET MARTINEZ via anti-abuse-wg < anti-abuse-wg@ripe.net> wrote:
I fully agree with this proposal and should be implemented ASAP.
HOWEVER, I’ve a question regarding the impact analysis, and specially this sentence:
“To increase efficiency, this process will use an automated solution that will allow the validation of “abuse-mailbox:” attributes without sending an email. No action will be needed by resource holders that have configured their “abuse-mailbox:” attribute correctly.”
Reading the policy proposal, how the NCC concludes that it should be “without sending an email”?
I will say that the right way to do a validation (at creation/modification and yearly) is, in a way that makes sense (having an email that nobody is processing is exactly the same as not having the abuse attribute at all): 1) Send an email with a link that must be clicked by a human (so some kind of captcha-like mechanism should be followed) 2) If this link is not clicked in a period of 48 hours (not including Saturday-Sunday), an alarm should be generated so the NCC can take the relevant actions and make sure that the mailbox is actively monitored by the LIR
Regards, Jordi
-----Mensaje original----- De: policy-announce <policy-announce-bounces@ripe.net> en nombre de Marco Schmidt <mschmidt@ripe.net> Fecha: jueves, 18 de enero de 2018, 12:23 Para: <policy-announce@ripe.net> Asunto: [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation)
Dear colleagues,
Policy proposal 2017-02, "Regular abuse-c Validation" is now in the Review Phase.
The goal of this proposal is to give the RIPE NCC a mandate to regularly validate "abuse-c:" information and to follow up in cases where the attribute is deemed to be incorrect.
This proposal has been updated following the last round of discussion and is now at version v2.0. Some of the differences from version v1.0 include: - A focus on validating the "abuse-mailbox:" attribute and fixing incorrect contact information - Added references to RIPE Policies and RIPE NCC procedures
The RIPE NCC has prepared an impact analysis on this latest proposal version to support the community’s discussion. You can find the full proposal and impact analysis at: https://www.ripe.net/participate/policies/proposals/2017-02
And the draft documents at: https://www.ripe.net/participate/policies/ proposals/2017-02/draft
As per the RIPE Policy Development Process (PDP), the purpose of this four-week Review Phase is to continue discussing the proposal, taking the impact analysis into consideration, and to review the full draft policy document.
At the end of the Review Phase, the WG Chairs will determine whether the WG has reached rough consensus. It is therefore important to provide your opinion, even if it is simply a restatement of your input from the previous phase.
We encourage you to read the proposal, impact analysis and draft document, and share your comments on <anti-abuse-wg@ripe.net> <mailto:anti-abuse-wg@ripe.net> before 16 February 2018.
Kind regards,
Marco Schmidt Policy Development Officer RIPE NCC
********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company
This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
I think we are talking about the same, 48 hours (not including weekends, as indicated in my email), is 2 working days. I don’t think more is needed, this is the explanation: If you are monitoring an abuse-inbox, you should make this in a daily basis I agree that it may happen that one day you have a trouble, but two consecutive days? Typically, this mailbox should be a list of people handling it, so even if one of them is ill or whatever, someone else will do the job Typically, this mailbox should have VERY FEW emails, otherwise, you have a big problem in your network, maybe allowing customers to use it for spam, criminal activities, etc. Even more than that, if you’re a LIR, typically you have also people working on weekends and bank holidays, so not including the weekend in the 48 hours is already something that should not be necessary, but I thing is fair for LIRs which are SMEs, or that don’t offer services to third parties, so they don’t have 24-365 staff taking care of their network. Regards, Jordi De: Arash Naderpour <arash.naderpour@gmail.com> Fecha: viernes, 19 de enero de 2018, 10:28 Para: JORDI PALET MARTINEZ <jordi.palet@consulintel.es> CC: <anti-abuse-wg@ripe.net> Asunto: Re: [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation) Hi Jordi, A period of 48 hours looks too short to me, I suggest something like within a period of 2 working days (or even more). Regards, Arash On Fri, Jan 19, 2018 at 5:44 AM, JORDI PALET MARTINEZ via anti-abuse-wg <anti-abuse-wg@ripe.net> wrote: I fully agree with this proposal and should be implemented ASAP. HOWEVER, I’ve a question regarding the impact analysis, and specially this sentence: “To increase efficiency, this process will use an automated solution that will allow the validation of “abuse-mailbox:” attributes without sending an email. No action will be needed by resource holders that have configured their “abuse-mailbox:” attribute correctly.” Reading the policy proposal, how the NCC concludes that it should be “without sending an email”? I will say that the right way to do a validation (at creation/modification and yearly) is, in a way that makes sense (having an email that nobody is processing is exactly the same as not having the abuse attribute at all): 1) Send an email with a link that must be clicked by a human (so some kind of captcha-like mechanism should be followed) 2) If this link is not clicked in a period of 48 hours (not including Saturday-Sunday), an alarm should be generated so the NCC can take the relevant actions and make sure that the mailbox is actively monitored by the LIR Regards, Jordi -----Mensaje original----- De: policy-announce <policy-announce-bounces@ripe.net> en nombre de Marco Schmidt <mschmidt@ripe.net> Fecha: jueves, 18 de enero de 2018, 12:23 Para: <policy-announce@ripe.net> Asunto: [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation) Dear colleagues, Policy proposal 2017-02, "Regular abuse-c Validation" is now in the Review Phase. The goal of this proposal is to give the RIPE NCC a mandate to regularly validate "abuse-c:" information and to follow up in cases where the attribute is deemed to be incorrect. This proposal has been updated following the last round of discussion and is now at version v2.0. Some of the differences from version v1.0 include: - A focus on validating the "abuse-mailbox:" attribute and fixing incorrect contact information - Added references to RIPE Policies and RIPE NCC procedures The RIPE NCC has prepared an impact analysis on this latest proposal version to support the community’s discussion. You can find the full proposal and impact analysis at: https://www.ripe.net/participate/policies/proposals/2017-02 And the draft documents at: https://www.ripe.net/participate/policies/proposals/2017-02/draft As per the RIPE Policy Development Process (PDP), the purpose of this four-week Review Phase is to continue discussing the proposal, taking the impact analysis into consideration, and to review the full draft policy document. At the end of the Review Phase, the WG Chairs will determine whether the WG has reached rough consensus. It is therefore important to provide your opinion, even if it is simply a restatement of your input from the previous phase. We encourage you to read the proposal, impact analysis and draft document, and share your comments on <anti-abuse-wg@ripe.net> <mailto:anti-abuse-wg@ripe.net> before 16 February 2018. Kind regards, Marco Schmidt Policy Development Officer RIPE NCC ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it. ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
Dear Jordi, Thank you for your question. On 2018-01-18 19:44:51 CET, Jordi Palet Martinez wrote:
HOWEVER, I’ve a question regarding the impact analysis, and specially this sentence:
“To increase efficiency, this process will use an automated solution that will allow the validation of “abuse-mailbox:” attributes without sending an email. No action will be needed by resource holders that have configured their “abuse-mailbox:” attribute correctly.”
Reading the policy proposal, how the NCC concludes that it should be “without sending an email”?
During the initial discussion phase and also during the Anti-Abuse WG session at RIPE 75, several people stated that forcing providers to reply to the RIPE NCC doesn't ensure that they will respond to actual abuse reports. At the same time, such a policy requirement would create additional workload to all providers. For these reasons, the proposers decided to remove such a requirement in v2.0 of their proposal. The RIPE NCC will focus on the technical accuracy of abuse contact emails. These checks can be done without the need to send an email. Validating that an abuse mailbox attribute is correctly configured ensures that abuse reports can reach their destination. The way that abuse reports are handled by the receiving party is usually defined by the internal procedures of the providers and not by RIPE Policies. I hope this clarifies. Kind regards, Marco Schmidt Policy Development Officer RIPE NCC Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum
Despite what was said in the meeting, It looks like I'm not the only one then thinking that we should do the human verification ... Regards, Jordi -----Mensaje original----- De: anti-abuse-wg <anti-abuse-wg-bounces@ripe.net> en nombre de Marco Schmidt <mschmidt@ripe.net> Fecha: viernes, 19 de enero de 2018, 13:09 Para: <anti-abuse-wg@ripe.net> Asunto: Re: [anti-abuse-wg] [policy-announce] 2017-02 Review Phase (Regular abuse-c Validation) Dear Jordi, Thank you for your question. On 2018-01-18 19:44:51 CET, Jordi Palet Martinez wrote: > HOWEVER, I’ve a question regarding the impact analysis, and specially this sentence: > > “To increase efficiency, this process will use an automated solution that will allow the validation of “abuse-mailbox:” attributes without sending an email. No action will be needed by resource holders that have configured their “abuse-mailbox:” attribute correctly.” > > Reading the policy proposal, how the NCC concludes that it should be “without sending an email”? > During the initial discussion phase and also during the Anti-Abuse WG session at RIPE 75, several people stated that forcing providers to reply to the RIPE NCC doesn't ensure that they will respond to actual abuse reports. At the same time, such a policy requirement would create additional workload to all providers. For these reasons, the proposers decided to remove such a requirement in v2.0 of their proposal. The RIPE NCC will focus on the technical accuracy of abuse contact emails. These checks can be done without the need to send an email. Validating that an abuse mailbox attribute is correctly configured ensures that abuse reports can reach their destination. The way that abuse reports are handled by the receiving party is usually defined by the internal procedures of the providers and not by RIPE Policies. I hope this clarifies. Kind regards, Marco Schmidt Policy Development Officer RIPE NCC Sent via RIPE Forum -- https://www.ripe.net/participate/mail/forum ********************************************** IPv4 is over Are you ready for the new Internet ? http://www.consulintel.es The IPv6 Company This electronic message contains information which may be privileged or confidential. The information is intended to be for the exclusive use of the individual(s) named above and further non-explicilty authorized disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited and will be considered a criminal offense. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information, even if partially, including attached files, is strictly prohibited, will be considered a criminal offense, so you must reply to the original sender to inform about this communication and delete it.
On 19.01.2018 13:08, Marco Schmidt wrote:
The way that abuse reports are handled by the receiving party is usually defined by the internal procedures of the providers and not by RIPE Policies.
If the abuse-mailbox is valid but the resource holder constantly ignores abuse complaints sent to this mailbox for a longer time (no response, no action taken, phishing sites or botnet c2s etc. not taken down) - what is the process to escalate this (probably finally leading to the resource being withdrawn)? - Thomas CERT-Bund Incident Response & Malware Analysis Team
Thomas, On 19/01/2018 15:44, Thomas Hungenberg wrote:
On 19.01.2018 13:08, Marco Schmidt wrote:
The way that abuse reports are handled by the receiving party is usually defined by the internal procedures of the providers and not by RIPE Policies.
If the abuse-mailbox is valid but the resource holder constantly ignores abuse complaints sent to this mailbox for a longer time (no response, no action taken, phishing sites or botnet c2s etc. not taken down) - what is the process to escalate this (probably finally leading to the resource being withdrawn)?
There is no process being proposed for this in 2017-02. This proposal is about validation of the abuse-mailbox attribute. If the community would like there to be the possibility of further action in relation to this specific situation, then a separate policy proposal would be required. Thanks, Brian Co-Chair, RIPE AA-WG
participants (7)
-
Andreas Worbs -
Arash Naderpour -
Brian Nisbet -
JORDI PALET MARTINEZ -
Marco Schmidt -
ox -
Thomas Hungenberg