Introducing the RIPE NCC Report Form
[Apologies for duplicate emails] Dear colleagues, We would like to introduce the RIPE NCC Report Form. Using this form, you can now easily report various issues, including abnormalities in Internet number resource registrations, to us for further investigation. By making it easy to report these issues to us and by putting a clear process in place, we aim to work together with you to further improve the quality of the data in the Internet number resource registry. The first release of the form offers basic functionality. We will review the form, its usage and your feedback before deciding whether further development is needed in the future. You can find more details at: https://labs.ripe.net/Members/andrea/ripe-ncc-report-form If you have any questions or feedback, please contact <ncc@ripe.net>. Best regards, Laura Cobley RIPE NCC
-----Original Message----- From: anti-abuse-wg-bounces@ripe.net [mailto:anti-abuse-wg- bounces@ripe.net] On Behalf Of Laura Cobley Sent: Tuesday, April 03, 2012 6:05 PM To: anti-abuse-wg@ripe.net
Using this form, you can now easily report various issues, including abnormalities in Internet number resource registrations, to us for further investigation.
The first release of the form offers basic functionality. We will review the form, its usage and your feedback before deciding whether further development is needed in the future.
Thank you. (For the record, the actual form is located at www.ripe.net/report-form.) Could you also make the form work in a way that does not require the user agent to support client-side scripting? -- Thor Kottelin http://www.anta.net/
Using this form, you can now easily report various issues, including abnormalities in Internet number resource registrations, to us for further investigation.
As much as I support this initiative, I can't help thinking "it's about time this was developed". Either way, good to see it's there.
The first release of the form offers basic functionality We will review the form, its usage and your feedback before deciding whether further development is needed in the future.
I assume (haven't tested but will certainly do in the near future) that a reference/ticket number will be created, although I read that RIPE will not follow up with the complainant. Laura, can you tell us something about the process behind the form? How many people has RIPE reserved for analyzing, correlating and following up the complaints? OPTA receives about 35000 complaints a year through our spam complaint form (which is not too quick to fill out) so we know first hand what it takes to categorize and follow up in a way that does right to every complaint. Best regards, Pepijn Vissers +++++++++++++++++++++++++++++++++++++++++++++ Disclaimer Dit e-mailbericht kan vertrouwelijke informatie bevatten of informatie die is beschermd door een beroepsgeheim. Indien dit bericht niet voor u is bestemd, wijzen wij u erop dat elke vorm van verspreiding, vermenigvuldiging of ander gebruik ervan niet is toegestaan. Indien dit bericht blijkbaar bij vergissing bij u terecht is gekomen, verzoeken wij u ons daarvan direct op de hoogte te stellen via tel.nr 070 315 3500 of e-mail mailto:mail@opta.nl en het bericht te vernietigen. Dit e-mailbericht is uitsluitend gecontroleerd op virussen. OPTA aanvaardt geen enkele aansprakelijkheid voor de feitelijke inhoud en juistheid van dit bericht en er kunnen geen rechten aan worden ontleend. This e-mail message may contain confidential information or information protected by professional privilege. If it is not intended for you, you should be aware that any distribution, copying or other form of use of this message is not permitted. If it has apparently reached you by mistake, we urge you to notify us by phone +31 70 315 3500 or e-mail mailto:mail@opta.nl and destroy the message immediately. This e-mail message has only been checked for viruses. The accuracy, relevance, timeliness or completeness of the information provided cannot be guaranteed. OPTA expressly disclaims any responsibility in relation to the information in this e-mail message. No rights can be derived from this message.
Hi Pepijn, Thanks very much for your mail. Feedback like this is very helpful for us as we look to develop the procedure. On 4/4/12 9:19 AM, Vissers, Pepijn wrote:
Using this form, you can now easily report various issues, including abnormalities in Internet number resource registrations, to us for further investigation.
As much as I support this initiative, I can't help thinking "it's about time this was developed". Either way, good to see it's there.
The first release of the form offers basic functionality We will review the form, its usage and your feedback before deciding whether further development is needed in the future.
I assume (haven't tested but will certainly do in the near future) that a reference/ticket number will be created, although I read that RIPE will not follow up with the complainant.
Yes, a ticket will be created and we'll advise the complainant whether the report can be investigated. We won't go into any details of subsequent actions taken because these are confidential between us and the responsible party.
Laura, can you tell us something about the process behind the form? How many people has RIPE reserved for analyzing, correlating and following up the complaints? OPTA receives about 35000 complaints a year through our spam complaint form (which is not too quick to fill out) so we know first hand what it takes to categorize and follow up in a way that does right to every complaint.
Handling reports is a normal part of our operations within the RIPE NCC and the report form makes it easier for people to get in touch with us. It also makes for more streamlined and consistent processing, so hopefully it will make things easier for us as well as for the reporter. You can find more information about the procedure here: https://www.ripe.net/contact/reporting-procedure If you have any further feedback, especially as we make developments to the form and the procedure, please do let us know. Best regards, Laura Cobley RIPE NCC
Best regards, Pepijn Vissers +++++++++++++++++++++++++++++++++++++++++++++ Disclaimer Dit e-mailbericht kan vertrouwelijke informatie bevatten of informatie die is beschermd door een beroepsgeheim. Indien dit bericht niet voor u is bestemd, wijzen wij u erop dat elke vorm van verspreiding, vermenigvuldiging of ander gebruik ervan niet is toegestaan. Indien dit bericht blijkbaar bij vergissing bij u terecht is gekomen, verzoeken wij u ons daarvan direct op de hoogte te stellen via tel.nr 070 315 3500 of e-mail mailto:mail@opta.nl en het bericht te vernietigen. Dit e-mailbericht is uitsluitend gecontroleerd op virussen. OPTA aanvaardt geen enkele aansprakelijkheid voor de feitelijke inhoud en juistheid van dit bericht en er kunnen geen rechten aan worden ontleend.
This e-mail message may contain confidential information or information protected by professional privilege. If it is not intended for you, you should be aware that any distribution, copying or other form of use of this message is not permitted. If it has apparently reached you by mistake, we urge you to notify us by phone +31 70 315 3500 or e-mail mailto:mail@opta.nl and destroy the message immediately. This e-mail message has only been checked for viruses. The accuracy, relevance, timeliness or completeness of the information provided cannot be guaranteed. OPTA expressly disclaims any responsibility in relation to the information in this e-mail message. No rights can be derived from this message.
* Laura Cobley:
Using this form, you can now easily report various issues, including abnormalities in Internet number resource registrations, to us for further investigation.
I looked at "Incorrect contact information in the RIPE Database", and "I confirm that I have reported the incorrect information to all of the contacts listed in the relevant object" is a required checkbox. This seems to require that complainants try postal addresses, phone and fax numbers before reporting errors in email addresses. Is this really your goal? Isn't this a step backwards?
Dear Florian and all, Over time, contact information in the RIPE Database can become outdated due to staffing changes, oversight and lack of knowledge on the part of the maintainer. Bringing the irregularity directly to the attention of this maintainer can be the quickest way to get it fixed. If you subsequently experience difficulties with this, we can help you to get in touch with the maintainer by forwarding your report to the person responsible for the Internet number resource registration. Handling reports is a normal part of our operations within the RIPE NCC and the report form makes it easier to get in touch with us. We ask you to include information such as mail delivery failure notices and copies of emails with headers, which clearly show the problem and the subsequent difficulties you are having. These help to substantiate the report. Our aim is to work together with you to further improve the quality of the data in the Internet number resource registry. Best regards, Laura Cobley RIPE NCC On 4/6/12 8:45 PM, Florian Weimer wrote:
* Laura Cobley:
Using this form, you can now easily report various issues, including abnormalities in Internet number resource registrations, to us for further investigation.
I looked at "Incorrect contact information in the RIPE Database", and "I confirm that I have reported the incorrect information to all of the contacts listed in the relevant object" is a required checkbox.
This seems to require that complainants try postal addresses, phone and fax numbers before reporting errors in email addresses. Is this really your goal? Isn't this a step backwards?
Laura Cobley wrote:
Dear Florian and all,
Hi, (some details from our current experiences with RIPE NCC and accuracy of the RIPE objects) we currently have one case where a really big German cablenet ISP is having exacly one abuse-eMail address for their tech-c, abuse-mailbox and admin-c, for all their objects. And this one email has a domain, what does not belong to the ISP anymore, since November 2011, its currently owned by a domain grabber, because the ISP deleted the domain on purpose (on behalf of a change in the company name years ago). There is no other working contact information (phone lets you end up at their hotline where they have absolutly no idea about abuse), snail mail is no option, fax number is not supplied. We tried mailing there peering contact, their normal customer email from their website, filled their online feedback form and then opened a normal ticket at RIPE NCC, were just told to open another ticket at RIPE NCC and invested about 5 hours already describing the problem at RIPE NCC. Simply no chance, RIPE NCC is responding to tickets on a daily basis, even during business hours (jesus, we will respond in about 5 minutes if something serious like that will happen to our networks). The interest at the RIPE NCC to fix database problems does not seem to have any priority. Ah, I forgot: the maillist server mamba.ripe.net has technical problems during the last 3 weeks, we opened tickets for that as well and even got a response once, still not fixed, the maillist server is probably not reacheable for 90% of the members ... whoever will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly). So: abuse does not have priority in a lot of peoples heads those days, even when they tell you that daily ... (we have about 100 abuse incidents with that ISP monthly and the ISP even resides in the same country than we are, but its still, if they reside on the other side of the moon, maybe I should demonstrate if front of the office building with a big sign saying: "you dont have a working abuse appartment") Kind regards, Frank
Over time, contact information in the RIPE Database can become outdated due to staffing changes, oversight and lack of knowledge on the part of the maintainer. Bringing the irregularity directly to the attention of this maintainer can be the quickest way to get it fixed.
If you subsequently experience difficulties with this, we can help you to get in touch with the maintainer by forwarding your report to the person responsible for the Internet number resource registration. Handling reports is a normal part of our operations within the RIPE NCC and the report form makes it easier to get in touch with us.
We ask you to include information such as mail delivery failure notices and copies of emails with headers, which clearly show the problem and the subsequent difficulties you are having. These help to substantiate the report. Our aim is to work together with you to further improve the quality of the data in the Internet number resource registry.
Best regards,
Laura Cobley RIPE NCC
On 4/6/12 8:45 PM, Florian Weimer wrote:
* Laura Cobley:
Using this form, you can now easily report various issues, including abnormalities in Internet number resource registrations, to us for further investigation.
I looked at "Incorrect contact information in the RIPE Database", and "I confirm that I have reported the incorrect information to all of the contacts listed in the relevant object" is a required checkbox.
This seems to require that complainants try postal addresses, phone and fax numbers before reporting errors in email addresses. Is this really your goal? Isn't this a step backwards?
-- Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
On Wed, Apr 11, 2012 at 6:32 PM, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:
will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly).
suresh@frodo 03:54:25 :~$ telnet mamba.ripe.net smtp Trying 2001:67c:2e8:11::c100:1328... Trying 193.0.19.40... telnet: Unable to connect to remote host: Connection refused Things seem to be RIPE for a change eh? -- Suresh Ramasubramanian (ops.lists@gmail.com)
hi, On Wed, Apr 11, 2012 at 06:50:02PM +0530, Suresh Ramasubramanian wrote:
On Wed, Apr 11, 2012 at 6:32 PM, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:
will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly).
suresh@frodo 03:54:25 :~$ telnet mamba.ripe.net smtp Trying 2001:67c:2e8:11::c100:1328... Trying 193.0.19.40... telnet: Unable to connect to remote host: Connection refused
Things seem to be RIPE for a change eh?
So, what exactly causes the assumption that mamba is supposed to be reachable from the outside, on Port 25? $ host -t mx ripe.net ripe.net mail is handled by 250 postlady.ripe.net. ripe.net mail is handled by 200 postgirl.ripe.net. Now, obviously, expecting anti-spammers to understand about MX records and how to read Received: lines might be asking for a bit much... Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
So this list is now turned into an "experts" exchange on SMTP? *sigh* -- Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ http://mneylon.tel/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 ________________________________________ From: Gert Doering [gert@space.net] Sent: 11 April 2012 14:29 To: Suresh Ramasubramanian Cc: Frank Gadegast; Laura Cobley; Florian Weimer; anti-abuse-wg@ripe.net; Brian Nisbet; chrish@consol.net; shane@time-travellers.org; Michele Neylon :: Blacknight; Gert Doering; Tobias Knecht Subject: Re: [anti-abuse-wg] current business practices hi, On Wed, Apr 11, 2012 at 06:50:02PM +0530, Suresh Ramasubramanian wrote:
On Wed, Apr 11, 2012 at 6:32 PM, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:
will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly).
suresh@frodo 03:54:25 :~$ telnet mamba.ripe.net smtp Trying 2001:67c:2e8:11::c100:1328... Trying 193.0.19.40... telnet: Unable to connect to remote host: Connection refused
Things seem to be RIPE for a change eh?
So, what exactly causes the assumption that mamba is supposed to be reachable from the outside, on Port 25? $ host -t mx ripe.net ripe.net mail is handled by 250 postlady.ripe.net. ripe.net mail is handled by 200 postgirl.ripe.net. Now, obviously, expecting anti-spammers to understand about MX records and how to read Received: lines might be asking for a bit much... Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
Gert Doering wrote:
hi,
Hi, lists.ripe.net is a simple CNAME to mamba.ripe.net without own MX records Any mailserver will try to deliver mail directly to the A record, if there are problems with the reachability of the zone, the network or the main MX records (and surely he will cache this descission). There were network issues, like RIPE NCC told me. Maybe its time to have a fallback MX for the subdomain itself ? That are pointing to postgirl.ripe.net and postlady.ripe.net ? So that no mailserver ever thinks to send mail directly to to the A record ? Just an idea .... Kind regards, Frank
On Wed, Apr 11, 2012 at 06:50:02PM +0530, Suresh Ramasubramanian wrote:
On Wed, Apr 11, 2012 at 6:32 PM, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:
will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly).
suresh@frodo 03:54:25 :~$ telnet mamba.ripe.net smtp Trying 2001:67c:2e8:11::c100:1328... Trying 193.0.19.40... telnet: Unable to connect to remote host: Connection refused
Things seem to be RIPE for a change eh?
So, what exactly causes the assumption that mamba is supposed to be reachable from the outside, on Port 25?
$ host -t mx ripe.net ripe.net mail is handled by 250 postlady.ripe.net. ripe.net mail is handled by 200 postgirl.ripe.net.
Now, obviously, expecting anti-spammers to understand about MX records and how to read Received: lines might be asking for a bit much...
Gert Doering -- NetMaster
-- Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
Hi, On Wed, Apr 11, 2012 at 03:37:40PM +0200, Frank Gadegast wrote:
lists.ripe.net is a simple CNAME to mamba.ripe.net without own MX records
So what? There are no mail addresses @lists.ripe.net, so why should that host have an MX records? Even if RIPE list mail is handled at lists/mamba internally, all the mail addresses are @ripe.net - and those have MXes, and those MXes are reachable. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
Folks, this is absolutely not the place to discuss the NCC's mailservers. If the conversation has to happen at all, then I'm sure NCC Services would love to hear about it. :) Brian. "Gert Doering" wrote the following on 11/04/2012 14:40:
Hi,
On Wed, Apr 11, 2012 at 03:37:40PM +0200, Frank Gadegast wrote:
lists.ripe.net is a simple CNAME to mamba.ripe.net without own MX records
So what? There are no mail addresses @lists.ripe.net, so why should that host have an MX records?
Even if RIPE list mail is handled at lists/mamba internally, all the mail addresses are @ripe.net - and those have MXes, and those MXes are reachable.
Gert Doering -- NetMaster
Brian Nisbet wrote:
Folks, this is absolutely not the place to discuss the NCC's mailservers.
Hm, dont think so, because the lists itself was kind of broken and I mailed the RIPE NCC about 3 weeks ago about it (and you two twice) before I tried to get this solve with the help of other on this list (and they finally help in minutes, a good example how the community is working better and quicker than organisations). At least we could figure out that the address anti-abuse-wg@lists.ripe.net was used and working once, but is not anymore.
If the conversation has to happen at all, then I'm sure NCC Services would love to hear about it. :)
They did not care at all, the ticket is now 3 weeks old. One useless response and no answer to another too mails to the same ticket. And because the discussion here was about the priorities of RIPE NCCs work I thought, this is a good example. Kind regards, Frank P.S.: want to hear more details of my case with that cablenet ISP and how RIPE NCC handled it ? ok, will not sent THAT to the list, but anyone can mail me directly, if he wants to shiver ...
Brian.
"Gert Doering" wrote the following on 11/04/2012 14:40:
Hi,
On Wed, Apr 11, 2012 at 03:37:40PM +0200, Frank Gadegast wrote:
lists.ripe.net is a simple CNAME to mamba.ripe.net without own MX records
So what? There are no mail addresses @lists.ripe.net, so why should that host have an MX records?
Even if RIPE list mail is handled at lists/mamba internally, all the mail addresses are @ripe.net - and those have MXes, and those MXes are reachable.
Gert Doering -- NetMaster
-- Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
On Wednesday 11 April 2012 15.02, Frank Gadegast wrote:
Laura Cobley wrote:
Dear Florian and all,
Hi,
(some details from our current experiences with RIPE NCC and accuracy of the RIPE objects)
we currently have one case where a really big German cablenet ISP is having exacly one abuse-eMail address for their tech-c, abuse-mailbox and admin-c, for all their objects.
And this one email has a domain, what does not belong to the ISP anymore, since November 2011, its currently owned by a domain grabber, because the ISP deleted the domain on purpose (on behalf of a change in the company name years ago). There is no other working contact information (phone lets you end up at their hotline where they have absolutly no idea about abuse), snail mail is no option, fax number is not supplied.
Why holding back the name of the ISP ? It will only protect the guilty and in addition it will cast shadows over those that does have valid whois info and in addition is taking abuse seruously. Tell us : who is the big ISP that abuses Internet resources ??
We tried mailing there peering contact, their normal customer email from their website, filled their online feedback form and then opened a normal ticket at RIPE NCC, were just told to open another ticket at RIPE NCC and invested about 5 hours already describing the problem at RIPE NCC. Simply no chance, RIPE NCC is responding to tickets on a daily basis, even during business hours (jesus, we will respond in about 5 minutes if something serious like that will happen to our networks). The interest at the RIPE NCC to fix database problems does not seem
*snip*
-- Peter Håkanson There's never money to do it right, but always money to do it again ... and again ... and again ... and again. ( Det är billigare att göra rätt. Det är dyrt att laga fel. )
Laura Cobley wrote:
Dear Florian and all,
Hi, (some details from our current experiences with RIPE NCC and accuracy of the RIPE objects) we currently have one case where a really big German cablenet ISP is having exacly one abuse-eMail address for their tech-c, abuse-mailbox and admin-c, for all their objects. And this one email has a domain, what does not belong to the ISP anymore, since November 2011, its currently owned by a domain grabber, because the ISP deleted the domain on purpose (on behalf of a change in the company name years ago). There is no other working contact information (phone lets you end up at their hotline where they have absolutly no idea about abuse), snail mail is no option, fax number is not supplied. We tried mailing there peering contact, their normal customer email from their website, filled their online feedback form and then opened a normal ticket at RIPE NCC, were just told to open another ticket at RIPE NCC and invested about 5 hours already describing the problem at RIPE NCC. Simply no chance, RIPE NCC is responding to tickets on a daily basis, even during business hours (jesus, we will respond in about 5 minutes if something serious like that will happen to our networks). The interest at the RIPE NCC to fix database problems does not seem to have any priority. Ah, I forgot: the maillist server mamba.ripe.net has technical problems during the last 3 weeks, we opened tickets for that as well and even got a response once, still not fixed, the maillist server is probably not reacheable for 90% of the members ... whoever will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly). -------- Little update: seems like RIPE NCC changed the maillist server to postgirl.ripe.net and that one works. Looks like they had to change this in a hurry, because the old server did hang in the nameserver caches quite long (great, that I have to find that out myself, instead that somebody from the RIPE NCC is simply telling me that or posting to the list). -------- Sorry, if nearly the same email comes twice now ... have to test it. So: abuse does not have priority in a lot of peoples heads those days, even when they tell you that daily ... (we have about 100 abuse incidents with that ISP monthly and the ISP even resides in the same country than we are, but its still, if they reside on the other side of the moon, maybe I should demonstrate if front of the office building with a big sign saying: "you dont have a working abuse appartment") Kind regards, Frank
Over time, contact information in the RIPE Database can become outdated due to staffing changes, oversight and lack of knowledge on the part of the maintainer. Bringing the irregularity directly to the attention of this maintainer can be the quickest way to get it fixed.
If you subsequently experience difficulties with this, we can help you to get in touch with the maintainer by forwarding your report to the person responsible for the Internet number resource registration. Handling reports is a normal part of our operations within the RIPE NCC and the report form makes it easier to get in touch with us.
We ask you to include information such as mail delivery failure notices and copies of emails with headers, which clearly show the problem and the subsequent difficulties you are having. These help to substantiate the report. Our aim is to work together with you to further improve the quality of the data in the Internet number resource registry.
Best regards,
Laura Cobley RIPE NCC
On 4/6/12 8:45 PM, Florian Weimer wrote:
* Laura Cobley:
Using this form, you can now easily report various issues, including abnormalities in Internet number resource registrations, to us for further investigation.
I looked at "Incorrect contact information in the RIPE Database", and "I confirm that I have reported the incorrect information to all of the contacts listed in the relevant object" is a required checkbox.
This seems to require that complainants try postal addresses, phone and fax numbers before reporting errors in email addresses. Is this really your goal? Isn't this a step backwards?
-- Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
* Laura Cobley:
We ask you to include information such as mail delivery failure notices and copies of emails with headers, which clearly show the problem and the subsequent difficulties you are having. These help to substantiate the report. Our aim is to work together with you to further improve the quality of the data in the Internet number resource registry.
Laura, I'm afraid you haven't answered my question. Let's suppose I've experienced a reproducible email delivery issue which affects a role object. I have reported this to related role and person objects by *email*, but after a reasonable time period, the situation has not been addressed. I have not sent letters to the postal addresses of those objects, or have tried the phone and fax numbers. Can I still use the report form? Sorry if this comes across as obnoxious, but among WHOIS operators, there is a whole spectrum of policies regarding incorrect contact information, ranging from "we care about a single incorrect email address" to "we need proof that mail cannot be delivered to that postal address *and* that no one by that name lives or does business at that place". I'm just curious where RIPE NCC is located on this spectrum.
Dear Florian, On 4/11/12 5:31 PM, Florian Weimer wrote:
* Laura Cobley:
We ask you to include information such as mail delivery failure notices and copies of emails with headers, which clearly show the problem and the subsequent difficulties you are having. These help to substantiate the report. Our aim is to work together with you to further improve the quality of the data in the Internet number resource registry.
Laura, I'm afraid you haven't answered my question. Let's suppose I've experienced a reproducible email delivery issue which affects a role object. I have reported this to related role and person objects by *email*, but after a reasonable time period, the situation has not been addressed. I have not sent letters to the postal addresses of those objects, or have tried the phone and fax numbers. Can I still use the report form?
The different pieces of contact information are all potential ways to get in touch with the Internet number resource holder. If you have difficulties reaching them via any of those details, you can report this to us. I would recommend making a reasonable attempt to contact them first though, for example by giving them a phone call if you find that their email addresses are no longer working. I hope this answers your question. Best regards, Laura Cobley RIPE NCC
Sorry if this comes across as obnoxious, but among WHOIS operators, there is a whole spectrum of policies regarding incorrect contact information, ranging from "we care about a single incorrect email address" to "we need proof that mail cannot be delivered to that postal address *and* that no one by that name lives or does business at that place". I'm just curious where RIPE NCC is located on this spectrum.
Hello Laura, Reading most of the comments posted here, I see that most, if not all, want a clear accountability from the networks that provide our link to the Internet. Certainly, the RIPE NCC Report Form is a good start. But as so many have stated the lack of accountability and sheer indifference on behalf of some networks in handling Abuse / Spam reports. A case in point that I like to bring to everyone's attention is Maxis Communications Bhd, in Malaysia. Since 2009, I have traced and reported Abuse violations to Maxis Communications Bhd abuse team [ABUSE@maxis.com.my], but I just discovered that this network had ignored all my previous violations reports, as I just received the following "Not read" and "deleted without being read" confirmation notices in my inbox: To: Mail Abuse For Maxis Communications Bhd; Cc: Federal Trade Commission; junk@brightmail.com; nonregistered@coldrain.net; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com; abuse@craigslist.org; postmaster@craigslist.org Subject: REPORTING SPAM Sent: Thu, 15 Apr 2010 18:23:44 +0800 was deleted without being read on Thu, 12 Apr 2012 19:03:21 +0800 ++++ To: Mail Abuse For Maxis Communications Bhd; Cc: Malaysian RMP; Federal Trade Commission; junk@brightmail.com; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: Spam: REPORTING SCAM/FRAUD Sent: Tue, 1 Sep 2009 06:47:31 +0800 was deleted without being read on Thu, 12 Apr 2012 19:12:52 +0800 ++++ To: Mail Abuse For Maxis Communications Bhd; Cc: Federal Trade Commission; junk@brightmail.com; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: REPORTING SPAM Sent: Mon, 27 Jul 2009 18:49:27 +0800 was deleted without being read on Thu, 12 Apr 2012 19:15:08 +0800 ++++ To: Mail Abuse For Maxis Communications Bhd Cc: Federal Trade Commission; junk@brightmail.com; nanas@killfile.org; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: REPORTING SPAM Sent: Thu, 23 Apr 2009 19:46:12 +0800 was deleted without being read on Thu, 12 Apr 2012 19:12:51 +0800 ++++ To: Mail Abuse For Maxis Communications Bhd; Cc: Federal Trade Commission; junk@brightmail.com; nanas@killfile.org; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: Spam: REPORTING SCAM/SPAM Sent: Thu, 7 May 2009 08:23:39 +0800 was deleted without being read on Thu, 12 Apr 2012 19:12:51 +0800 ++++ As these confirmations show, a network like Maxis Communications Bhd can simply choose not to respond, and completely ignore network violations reports, and after a few years [yes, YEARS] delete such reports as if nothing had happened. To be fair, I have copied this network's technical contact Muhadzir Abdul Majid [zay@maxis.com.my] as well as their Whois only contact, Chiau Tik Tan [cttan@maxis.net.my] so that they can for themselves what actually happens when someone reports and sends an abuse report to Maxis Communications Bhd. Thank you, Reza Farzan rezaf@mindspring.com
On Thu, Apr 12, 2012 at 1:51 PM, Reza Farzan <rezaf@mindspring.com> wrote:
Since 2009, I have traced and reported Abuse violations to Maxis Communications Bhd abuse team [ABUSE@maxis.com.my], but I just discovered that this network had ignored all my previous violations reports, as I just received the following "Not read" and "deleted without being read" confirmation notices in my inbox:
Dear Reza, there is one scenario where you would get those messages in error: they use MS Exchange 2010 SP1 and somebody moves the messages from Inbox to a personal folder. This occurs if you've requested read receipt. http://support.microsoft.com/kb/2471964 -- Mr. Esa Laitinen Tel. +41 76 200 2870 skype/yahoo: reunaesa Blog: http://happiloppuuahistaa.blogspot.com
It also doesn't mean that "nobody" read the emails They could be going to multiple people. On 12 Apr 2012, at 13:42, Esa Laitinen wrote:
On Thu, Apr 12, 2012 at 1:51 PM, Reza Farzan <rezaf@mindspring.com> wrote: Since 2009, I have traced and reported Abuse violations to Maxis Communications Bhd abuse team [ABUSE@maxis.com.my], but I just discovered that this network had ignored all my previous violations reports, as I just received the following "Not read" and "deleted without being read" confirmation notices in my inbox:
Dear Reza,
there is one scenario where you would get those messages in error: they use MS Exchange 2010 SP1 and somebody moves the messages from Inbox to a personal folder. This occurs if you've requested read receipt. http://support.microsoft.com/kb/2471964
-- Mr. Esa Laitinen Tel. +41 76 200 2870 skype/yahoo: reunaesa Blog: http://happiloppuuahistaa.blogspot.com
Mr Michele Neylon Blacknight Solutions ♞ Hosting & Colocation, Brand Protection ICANN Accredited Registrar http://www.blacknight.com/ http://blog.blacknight.com/ http://blacknight.biz http://mneylon.tel Intl. +353 (0) 59 9183072 US: 213-233-1612 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Facebook: http://fb.me/blacknight Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Reza Farzan wrote:
Well, only about 8% of our daily reports return a "message read" or "ticket opened" or whatever else positiv message. Its clear that even more lazy network admins will publish accurate, but unattended abuse email contacts, when the abuse-c is mandatory. But at least it can be prooved, that an abuse report WAS delivered correctly more often, what already helps further legal activities (its a big difference in German law, if somebody had knowledge or not). And it helps statistics and the database itself ... And its also clear that abuse reporting reduces abuse, at least here with us. We started to deliver 3000 abuse report daily 3 year ago, we are now down to 800 per day. The RIPE database is also getting better and our methods also, we started with about 12% of reports that could not be delivered at all, simply because the domain of the abuse contact had a domain without MX or A record or the mailserver did not respond at all. This rate is now down to about 4.5% But we still have about 5% witout any abuse email address at all ... BTW: we only had 10 abuse reports this year to @maxis.com.my I know a lot of networks that are worse than that ... Kind regards, Frank
Hello Laura,
Reading most of the comments posted here, I see that most, if not all, want a clear accountability from the networks that provide our link to the Internet. Certainly, the RIPE NCC Report Form is a good start.
But as so many have stated the lack of accountability and sheer indifference on behalf of some networks in handling Abuse / Spam reports. A case in point that I like to bring to everyone's attention is Maxis Communications Bhd, in Malaysia.
Since 2009, I have traced and reported Abuse violations to Maxis Communications Bhd abuse team [ABUSE@maxis.com.my], but I just discovered that this network had ignored all my previous violations reports, as I just received the following "Not read" and "deleted without being read" confirmation notices in my inbox:
To: Mail Abuse For Maxis Communications Bhd; Cc: Federal Trade Commission; junk@brightmail.com; nonregistered@coldrain.net; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com; abuse@craigslist.org; postmaster@craigslist.org Subject: REPORTING SPAM Sent: Thu, 15 Apr 2010 18:23:44 +0800
was deleted without being read on Thu, 12 Apr 2012 19:03:21 +0800
++++
To: Mail Abuse For Maxis Communications Bhd; Cc: Malaysian RMP; Federal Trade Commission; junk@brightmail.com; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: Spam: REPORTING SCAM/FRAUD Sent: Tue, 1 Sep 2009 06:47:31 +0800
was deleted without being read on Thu, 12 Apr 2012 19:12:52 +0800
++++
To: Mail Abuse For Maxis Communications Bhd; Cc: Federal Trade Commission; junk@brightmail.com; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: REPORTING SPAM Sent: Mon, 27 Jul 2009 18:49:27 +0800
was deleted without being read on Thu, 12 Apr 2012 19:15:08 +0800
++++
To: Mail Abuse For Maxis Communications Bhd Cc: Federal Trade Commission; junk@brightmail.com; nanas@killfile.org; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: REPORTING SPAM Sent: Thu, 23 Apr 2009 19:46:12 +0800
was deleted without being read on Thu, 12 Apr 2012 19:12:51 +0800
++++
To: Mail Abuse For Maxis Communications Bhd; Cc: Federal Trade Commission; junk@brightmail.com; nanas@killfile.org; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: Spam: REPORTING SCAM/SPAM Sent: Thu, 7 May 2009 08:23:39 +0800
was deleted without being read on Thu, 12 Apr 2012 19:12:51 +0800
++++
As these confirmations show, a network like Maxis Communications Bhd can simply choose not to respond, and completely ignore network violations reports, and after a few years [yes, YEARS] delete such reports as if nothing had happened.
To be fair, I have copied this network's technical contact Muhadzir Abdul Majid [zay@maxis.com.my] as well as their Whois only contact, Chiau Tik Tan [cttan@maxis.net.my] so that they can for themselves what actually happens when someone reports and sends an abuse report to Maxis Communications Bhd.
Thank you,
Reza Farzan rezaf@mindspring.com
-- Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
look, i and others are trying to get ripe ncc to actually fix a rather lackadaisical attitude to ip allocation and whois accuracy what you are doing here seems to be using the list as an abuse desk substitute for reaching an isp with ip space in malaysia, which last i checked was still getting ip space from apnic, not ripe --srs (iPad) On 12-Apr-2012, at 17:21, "Reza Farzan" <rezaf@mindspring.com> wrote:
Hello Laura,
Reading most of the comments posted here, I see that most, if not all, want a clear accountability from the networks that provide our link to the Internet. Certainly, the RIPE NCC Report Form is a good start.
But as so many have stated the lack of accountability and sheer indifference on behalf of some networks in handling Abuse / Spam reports. A case in point that I like to bring to everyone's attention is Maxis Communications Bhd, in Malaysia.
Since 2009, I have traced and reported Abuse violations to Maxis Communications Bhd abuse team [ABUSE@maxis.com.my], but I just discovered that this network had ignored all my previous violations reports, as I just received the following "Not read" and "deleted without being read" confirmation notices in my inbox:
To: Mail Abuse For Maxis Communications Bhd; Cc: Federal Trade Commission; junk@brightmail.com; nonregistered@coldrain.net; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com; abuse@craigslist.org; postmaster@craigslist.org Subject: REPORTING SPAM Sent: Thu, 15 Apr 2010 18:23:44 +0800
was deleted without being read on Thu, 12 Apr 2012 19:03:21 +0800
++++
To: Mail Abuse For Maxis Communications Bhd; Cc: Malaysian RMP; Federal Trade Commission; junk@brightmail.com; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: Spam: REPORTING SCAM/FRAUD Sent: Tue, 1 Sep 2009 06:47:31 +0800
was deleted without being read on Thu, 12 Apr 2012 19:12:52 +0800
++++
To: Mail Abuse For Maxis Communications Bhd; Cc: Federal Trade Commission; junk@brightmail.com; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: REPORTING SPAM Sent: Mon, 27 Jul 2009 18:49:27 +0800
was deleted without being read on Thu, 12 Apr 2012 19:15:08 +0800
++++
To: Mail Abuse For Maxis Communications Bhd Cc: Federal Trade Commission; junk@brightmail.com; nanas@killfile.org; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: REPORTING SPAM Sent: Thu, 23 Apr 2009 19:46:12 +0800
was deleted without being read on Thu, 12 Apr 2012 19:12:51 +0800
++++
To: Mail Abuse For Maxis Communications Bhd; Cc: Federal Trade Commission; junk@brightmail.com; nanas@killfile.org; nonregistered@coldrain.net; report@dcm.mailprove.com; spam@mailpolice.com; spam@sendusspam.com; submitspam@fortinet.com Subject: Spam: REPORTING SCAM/SPAM Sent: Thu, 7 May 2009 08:23:39 +0800
was deleted without being read on Thu, 12 Apr 2012 19:12:51 +0800
++++
As these confirmations show, a network like Maxis Communications Bhd can simply choose not to respond, and completely ignore network violations reports, and after a few years [yes, YEARS] delete such reports as if nothing had happened.
To be fair, I have copied this network's technical contact Muhadzir Abdul Majid [zay@maxis.com.my] as well as their Whois only contact, Chiau Tik Tan [cttan@maxis.net.my] so that they can for themselves what actually happens when someone reports and sends an abuse report to Maxis Communications Bhd.
Thank you,
Reza Farzan rezaf@mindspring.com
participants (12)
-
Brian Nisbet -
Esa Laitinen -
Florian Weimer -
Frank Gadegast -
Gert Doering -
Laura Cobley -
Michele Neylon :: Blacknight -
peter h -
Reza Farzan -
Suresh Ramasubramanian -
Thor Kottelin -
Vissers, Pepijn