there are three replies here. -------- rblayzor@inoc.net (Robert Blayzor) writes:
... Having our techs/engineers go through the abuse@ box every day to play hide and seek is a bit of an agonizing task that nobody really wants, especially at the volume it is today. If there was a standard that worked for this, we would certainly follow it.
the wonderful trouble about standards is that there are so many to choose from. spamcop has one. IETF's INCH may become another one. but until a good open source toolbox comes out for sending, receiving, filing, ticketing and measuring incident reports in some such format, it won't catch on.
As it is today, we have got to find something simple that works for the legit issues and something that doesn't burn up so many engineer/tech cycles.
i understand that position. but http just isn't a solution. before you deploy a forms-based approach, consider being more honest than that, and just bouncing all mail to abuse@ with a "we can't handle the internet" message. -------- ehall@ehsco.com ("Eric A. Hall") writes:
Standardized scripts would also be abused.
yes, of course they would. just like spamcop is the target of many joejobs, and the majority of IDS vendors still think SMTP headers are trustworthy. the "good open source toolbox" i postulated above would have to include a distributed membership model whereby network owners only accept complaints from entities they already know and trust, which would mean their own customers and their BGP peers. if you get abuse on THAT channel then you have recourse (disconnection, depeering, whatever). i've been writing since 1998 that a robust abuse reporting format and a complaints-follow-contracts submission path would cut abuse growth by 50%. but i guess in 1998 that didn't seem like an attractive enough goal. "can you hear me now?" -------- schampeo@hesketh.com (Steven Champeon) writes:
..., but I don't see how disabling RFC-mandated role accounts will do anything but further erode confidence in ISPs' willingness to respond to complaints.
two things. an rfc cannot mandate -- all internet standards are optional from the point of view of a network owner (or end user or implementor) -- and compliance is only necessary for locally selfish reasons (like being able to buy or sell services or products, for example.) and, isp's are already unwilling to respond to complaints, even those they could pick out of the dreck flowing into their abuse@ mailboxes, since doing this would only benefit their competitors. think about it -- you spend money on an abuse desk whose purpose is to shut down your customers; your competitor who spends less money on an abuse desk ends up with more revenue since that's where your spamming customer go when you shut 'em down.
As of today, fully 60% of my incoming mail is spam; 30% are bounces from accept-then-bounce servers; and we're quickly approaching 99% spam for several of the domains we host mail for.
60%? "luxury!"
The last thing we need is for ISPs to deal with their inbound problem by ignoring abuse reports or making it more difficult for victims to report spam or viruses originating from their networks.
that time is past. -- Paul Vixie