nanog mailing list archives
Re: Cloudflare Abuse Contact
From: Töma Gavrichenkov <ximaera () gmail com>
Date: Fri, 7 Jan 2022 21:35:10 +0200
Peace, On Fri, Jan 7, 2022 at 8:42 PM Mike Hale <eyeronic.design () gmail com> wrote:
The abuse email sends an auto-responder that tells you to use the web form. The web form is centered around their web hosting business; I figured I'd try general, but you can't submit it without punching in a URL that is hosted by Cloudflare (and they validate it ... you can't do https://bogus.site). What I'm seeing is a ton of abusive DNS traffic that's causing some issues, and there's no abuse form that works for this scenario.
Most probably, that means that the company doesn't have any counter abuse process whatsoever for requests like yours, so no matter where you push that, there won't be any action. Having said that, the aforementioned form accepts "https[: slash slash]cloudflare.com" as a valid URL so chances are requests to that URL are treated in the general sense. In the meantime, are you sure you'll be able to support your case with data? DNS is *mostly* a connection-less protocol, so how do you know these queries are coming from Cloudflare and not from a spoofed source? Lastly, have you tried to block the problematic Cloudflare IP range to see what would happen? E.g. does 1.1.1.1 still resolve your domains then, etc.? -- Töma
Current thread:
- Cloudflare Abuse Contact Mike Hale (Jan 07)
- Re: Cloudflare Abuse Contact Christopher Morrow (Jan 07)
- Re: Cloudflare Abuse Contact Nick Poulakos (Jan 07)
- Re: Cloudflare Abuse Contact Mike Hale (Jan 07)
- Re: Cloudflare Abuse Contact Töma Gavrichenkov (Jan 07)
- Re: Cloudflare Abuse Contact Hank Nussbacher (Jan 08)
- RE: Cloudflare Abuse Contact Jean St-Laurent via NANOG (Jan 07)
- Re: Cloudflare Abuse Contact Tanner Ryan via NANOG (Jan 07)
- Re: Cloudflare Abuse Contact Mike Hale (Jan 07)