Sending an automated message over e-mail without a working reply address in the From: field and SMTP sender address is a type of spam, and you might choose to report as such. That is, the "report" itself is abuse, because no mechanism is provided to reply to a person who sent the message. Domain/IP contacts are contacts to be reached by humans, not "dumping addresses" for automatic message robots that cannot handle replies and coordinate to resolve issues. If the message had a valid return path, then it may make sense, to reply with a message that states you require the destination IP address that was supposedly attacked, before your investigation starts. If they have bonafide abuse to report, then they should be cooperative in providing sufficient details to efficiently locate records of that abuse. It would be understandable, if any efforts to locate alleged abuse based on such limited information were limited, or deferred, until the reporter could provide sufficient details to properly identify the abuse in the future via monitoring, or by extracting logs for traffic to the reported destination addresses. Those are my thoughts on the matter. Regards, -- -JH On 8/26/12, Jay Hennigan <jay@west.net> wrote:
OK, we're pretty vigilant about policing abusers on our network. This just showed up from "no-reply@abuse.bz". Please see my responses inline. Mail origin IP is from an ISP in the Netherlands. Some information redacted to protect the guilty.