On Tue, 2008-04-15 at 10:56 +0530, Suresh Ramasubramanian wrote:
If you have high enough numbers of the stuff to report, do what large ISPs do among themselves, set up and offer an ARF'd / IODEF feedback loop or some other automated way to send complaints, that is machine parseable, and that's sent - by prior agreement - to a specific address where the ISP can process it, and quite probably prioritize it above all the "j00 hxx0r3d m3 by doing dns lookups!!!!" email.
So how do the little guys play in this sandbox? My log files and spam reports are just as legit as the super-secret-handshake club guys are, and I'd like to get some respect. After all, I may be the first one to report it. Please keep a few things in mind though: - It needs to be simple to use. Web forms are a non-starter. - The output from any parsers needs to be human readable. There are too many auto-whatsit formatters for us to sit down and code to every one. - I'd like to see an actual response beyond an autoreply saying that you can't tell me who the customer is or what actions were taken. - I like dealing with other small operations and edus because humans actually do read the reports, and things get done (Thanks!). I've given up sending abuse reports to large consumer ISPs and all freemail providers because I'm not a member of the club. Any response that I'm lucky enough to get generally says something like "You did not include the email headers in your complaint so we are closing this incident" when I reported and FTP brute force. --Chris