- Automation is far less important than clue. Attempting to compensate for lack of a sufficient number of sufficiently- intelligent, experienced, diligent staff with automation is a known-losing strategy, as anyone who has ever dealt with an IVR system knows.
Given that most of us use routers instead of pigeons to transport our packets, I would suggest that railing against automation is a lost cause here.
- Poorly-desigged and poorly-run operations markedly increase the workload for their own abuse desks.
This sounds like a blanket condemnation of the majority of ISPs in today's Internet.
- A nominally competent abuse desk handles reports quickly and efficiently. A good abuse desk DOES NOT NEED all those reports because it already knows. (For example, large email providers should have large numbers of spamtraps scattered all over the 'net and should be using simple methods to correlate what arrives at them to provide themselves with an early "heads up". This won't catch everything, of course, but it doesn't have to.)
Why is it that spamtraps are not mentioned at all in MAAWG's best practices documents except the one for senders, i.e. mailing list operators? Note that if an ISP does have a network of spamtraps, then they have an automated reporting system, which you denounced in your first point. I agree that simply automating things will not make anything better, but intelligent automation is good for you and me and the ISP who implements it. An intelligent automation system could identify a spam source and immediately block the port 25 traffic until it can be investigated by a human being. --Michael Dillon