Re: Abuse Desks

[Matt Corallo via NANOG <nanog () nanog org>]

Ah, I'd pasted the following in a response to the mail you responded to:

~$ whois 208.68.4.129
Comment:        ---------------
Comment:        208.68.4.128/28 and 208.68.7.128/28 provide privacy services
Comment:        (incl running tor exit node(s)!)
Comment:        Abuse reports will be handled but there is likely not much that can be done.
Comment:        Send abuse to abuse at privacysvcs net.
Comment:        ---------------
...
RAbuseEmail:  see-comments-no-bots () example com

Now you can decide to pass judgement on the idea that someone may want to run a Tor exit node (my data says a good chunk
of users are regular internet users in Iran, and I'm not routing hidden service traffic, where a most of the
morally-repugnant crap happens), but that's beside the point - outbound ports are super limited, and outbound SSH is
rate-limited appropriately.

Matt

On 4/29/20 7:00 PM, William Herrin wrote:
> On Wed, Apr 29, 2020 at 3:36 PM Matt Corallo <nanog () as397444 net> wrote:
> > I do, in this case, have such a right, because I know exactly what is going on in my network,
>
> Hi Matt,
>
> If someone in your address space is knock-knocking on a stranger's ssh
> ports (your example, not mine), you have some work to do convincing me
> of your supreme security.
>
> Don't get me wrong: I've felt the pain of the auto-generated spam
> complaint that scrubbed exactly the headers I need to figure out what
> happened. But if you're round-filing complaints solely because they
> were generated by a program, you're doing it really wrong.
>
> Regards,
> Bill Herrin