Absolutely unrelated to Ronald's original post, but it's ironic that the abuse@ address is itself heavily "abused", by commercial copyright enforcement companies which think it's a catch-all address for things which are not operationally related to the health of a network (BGP hijacks, DDoS, spam email traffic, botnet/virus/worm/trojan traffic command and control and such). Despite the presence of a registered DMCA agent address[1][2] for an ASN, many companies continue to flood abuse@ with copyright notices. Ask any ISP that operates in the English language Internet but is not physically located in the USA (NZ, AU, CA, etc) how many USA-specific legal threats their abuse inbox receives. Usually for something like a residential customer torrenting a TV show. 1: https://www.copyright.gov/dmca-directory/ 2: https://www.copyright.gov/rulemaking/onlinesp/NPR/faq.html On Tue, Mar 19, 2019 at 7:50 AM Rich Kulawiec <rsk@gsp.org> wrote:
We would prefer, but don't require, that you use the web form because
On Tue, Mar 19, 2019 at 09:23:34AM -0400, Jeff McAdams wrote: that
is integrated into the workflow of the groups that respond to those reports.
Why isn't abuse@ integrated into the workflow? It darn well should be, (a) given that RFC 2142 has been "on the books" for 22 years and (b) given that methods for handling incoming abuse (or bug, or outage, or other) reports via email to role accounts are numerous and reliable.
To be clear: if you want to offer a web form in addition to an abuse@ address (or a security@ address, or a postmaster@ address) that's fine. But web forms are a markedly inferior means of communication and are clearly not a substitute for well-known/standardized role addresses that route to the appropriate people/processes.
---rsk