nanog mailing list archives

Re: Abuse Contact Handling

From: Matt Corallo <nanog () as397444 net>
Date: Fri, 6 Aug 2021 09:50:00 -0400

Costs real money to figure out, for each customer scanning parts of the internet, if they’re doing it legitimately or 
maliciously. Costs real money to look into whether someone is spamming or just sending bulk email that customers signed 
up for. And what do you do if it is legitimate? Lots of abuse reports don’t follow X-ARF, so now you have to have a 
human process than and chose which ones to ignore. Or you just tell everyone to fill out a common web form and then the 
data is all nice and structured and you can process it sanely.

Like Randy said, we don’t get to tell someone they’re managing their network wrong. If you don’t want to talk to AWS, 
don’t talk to AWS. If you want them to manage their network differently, reach out, understand their business concerns, 
help alleviate them. Maybe propose a second Abuse Contact type that only accepts X-ARF that they can use? There’s lots 
of things that could be done that are productive here.

Matt

On Aug 6, 2021, at 08:08, Mike Hammett <nanog () ics-il net> wrote:

I suppose if they did a better job of policing their own network, they wouldn't have as much hitting their e-mail 
boxes.



-----
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com

Midwest-IX
http://www.midwest-ix.com

From: "Matt Corallo" <nanog () as397444 net>
To: "Mike Hammett" <nanog () ics-il net>, "NANOG" <nanog () nanog org>
Sent: Thursday, August 5, 2021 3:44:43 PM
Subject: Re: Abuse Contact Handling

There's a few old threads on this from last year or so, but while unmonitored abuse contacts are terrible, similarly, 
people have installed automated abuse contact spammer systems which is equally terrible. Thus, lots of the large 
hosting 
providers have deemed the cost of actually putting a human on an abuse contact is much too high.

I'm not sure what the answer is here, but I totally get why large providers just say "we can better protect a web 
form 
with a captcha than an email box, go use that if there's real abuse".

Matt

On 8/5/21 09:14, Mike Hammett wrote:

What does the greater operator community think of RIR abuse contacts that are unmonitored autoresponders?



-----
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com

Midwest-IX
http://www.midwest-ix.com

Current thread:

Abuse Contact Handling Mike Hammett (Aug 05)
- Re: Abuse Contact Handling JORDI PALET MARTINEZ via NANOG (Aug 05)
- Re: Abuse Contact Handling Matt Corallo (Aug 05)
  - Re: Abuse Contact Handling JORDI PALET MARTINEZ via NANOG (Aug 05)
    - Re: Abuse Contact Handling Randy Bush (Aug 05)
  - Re: Abuse Contact Handling goemon--- via NANOG (Aug 05)
    - Re: Abuse Contact Handling richey goldberg (Aug 06)
  - Re: Abuse Contact Handling Mike Hammett (Aug 06)
    - Re: Abuse Contact Handling Matt Corallo (Aug 06)
    - Re: Abuse Contact Handling Mike Hammett (Aug 06)
    - Re: Abuse Contact Handling Suresh Ramasubramanian (Aug 06)
    - Re: Abuse Contact Handling Tom Beecher (Aug 06)
    - Re: Abuse Contact Handling Suresh Ramasubramanian (Aug 06)