On Fri, Apr 6, 2012 at 8:48 AM, <Valdis.Kletnieks@vt.edu> wrote:
If it was industry-wide standard practice that just notifying a provider resulted in something being done, we'd not need things like Senderbase, which is after all basically a list of people who don't take action when notified...
[snip] Pot calling the kettle black. Before we talk about industry-wide practice about the providers "doing something". We should talk about industry-wide practice for "Black lists" doing something to correct entries, instead of just building up indiscriminate or irresponsibly maintained lists of networks or "scores" of networks that were targetted by a spammer at one time in the past. It's just as bad for a blacklist operator to not respond and "do something" for a network operator legitimately trying to resolve spam problems with their network and clear the listing as it is for a network abuse contact to not respond to a network operator. We should talk about industry-wide practices for how providers should be notified, what providers are actually supposed to do to "authenticate reports", because sometimes the report/notification itself is malicious or false abusive attempt to harass an innocent email user, and what exactly providers are actually expected to do with certain kinds of notification. The informal standard of "just call or send an e-mail to an abuse contact" is poorly specified. The informal standard of "the abuse contact should investigate and take immediate action" is poorly specified. Some of these things that are not specified by RFC should be specified by RFC as best practice. There should be abuse notification and response notification mechanisms other than free form e-mail. -- -JH