8 Nov
2014
8 Nov
'14
2:20 a.m.
On Sat, Nov 8, 2014 at 2:00 AM, Roland Dobbins <rdobbins@arbor.net> wrote:
On 8 Nov 2014, at 1:56, srn.nanog@prgmr.com wrote:
But right now how should we be doing it?
Once you get the ASN or at least the domain name of the ISP providing service to the reflecting host, several major reputable ISPs (including my employer, who I can't name because I'm not an official spokesperson) will welcome RFC 5070 "IODEF" reports for general network abuse and RFC 5965 "MARF" format for email abuse, directed to abuse@ the main domain for that ISP. http://www.ietf.org/rfc/rfc5070.txt http://www.ietf.org/rfc/rfc5965.txt -- Paul W Bennett