On Tue, Mar 19, 2019 at 09:17:23AM -0700, Eric Kuhnke wrote:
Absolutely unrelated to Ronald's original post, but it's ironic that the abuse@ address is itself heavily "abused", by commercial copyright enforcement companies which think it's a catch-all address for things which are not operationally related to the health of a network [snip]
I've seen this movie and have implemented various mitigation approaches to it -- none of which constitute a "solution" but all of which help. 1. Block the addresses originating this traffic. There's no need for staff/processes on the receiving end to put up with spam. (If it's UBE, then it's spam -- by definition. The content and intention are irrelevant.) 2. Use procmail to redirect it where it needs to go. 3. Set up (non-public) Mailman-operated mailing lists for each role account and use the moderation queue on those as a throttling tool. (This works best in conjunction with (2). Let procmail do some of the heavy/straightforward lifting and sort the rest out later.) This also makes it easy to archive everything by subscribing an address that's an append-only mailbox. 4. Funnel the output of (2) and/or (3) into one of the many ticketing systems with priority assigned based on the characteristics of the senders as observed over time. ---rsk