Re: Should abuse mailboxes have quotas?

[Dan Hollis <goemon () sasami anime net>]

On Thu, 27 Oct 2016, Jimmy Hess wrote:
> On Thu, Oct 27, 2016 at 1:35 PM, Dan Hollis <goemon () sasami anime net> wrote:
> > not so much malice as gross incompetence.
> > running spamfilters on your abuse@ mailbox, really? that is, for those which
> > actually have an abuse mailbox that doesn't bounce outright.
> Sorry about that,  many networks do perform standard filtering on
> messages to Abuse contacts based on DNS RBLs,  SPF/DMARC
> policy enforcement,  virus scans,  etc,  and do send a SMTP Reject on
> detected spam or malware.

This is a good way to get your block listed on RBLs.

> For many networks;  files sent to abuse mailboxes are likely aliased to the
> normal mailbox of sysadmins who have access to high privileges.    As such,
> these mailboxes may require even stronger protection  than other accounts,
> because of increased risk   (when a mistake is made).

If anyone actually does this, it is incompetence beyond comprehension.

> There is a reason that phone numbers, and not just e-mail addresses are listed
> in the WHOIS records......
>
> If you get a SMTP reject, then call the the Abuse POC of the organization you
> need to report abuse from.....

Again, good way to end up on RBLs. I encourage competitors to heavily filter their POCs.

Oh yes, and also be sure your phone numbers are out of date.

-Dan