Re: PlayStationNetwork blocking of CGNAT public addresses
Maybe its time then for a global accepted, unified way to send/report abuse? That should solve most of the issues and end points would be able to deal with it in a common way and only would need to think about how to integrate it in their crm's etc. We are all using the same medium, but attempt to communicate issues using several methods. Perhaps iana can use those (m/b)illions they got from selling tld's and cook something up. Kind regards, Alexander Maassen - Technical Maintenance Engineer Parkstad Support BV- Maintainer DroneBL- Peplink Certified Engineer -------- Oorspronkelijk bericht --------Van: Baldur Norddahl <baldur.norddahl@gmail.com> Datum: 22-09-16 14:10 (GMT+01:00) Aan: nanog@nanog.org Onderwerp: Re: PlayStationNetwork blocking of CGNAT public addresses On 22 September 2016 at 10:42, Alexander Maassen <outsider@scarynet.org> wrote:
So you ignore/don't deal with the abuse coz it's shipped in a format you refuse to handle?
And you don't even bother telling the reporter you would like it in a per ip format? Or make attempts to make it work the way they report it (split out the ip's and modify the to be forwarded mail to only contain the ip's belonging to that customer)????
You will have to remember that these are automated mails from the reporter. If I write them back it goes into their bit bucket, because they do not really care enough to bother replying. I am betting they are sending out thousands mails each day and they can not handle manually replying to all of that. In the same way we receive a large amount of automated mail so we have to be able to handle it automatically. Send me something sane and I will make a script that forwards it. Send me something unusable and I wont - but I will not do manual handling of your automated mail. All I am trying to do here is tell people that send abuse mails not to combine multiple abuse complaints in one mail, because that makes it harder for everybody and makes it more likely that your mail will be dropped as too much work. Double so if your abuse mails is from an automated system, because I will try to match your automated system with my own. However it is much harder to make a system that can edit your complaint and duplicate it to several recipients, than it is to run a simple filter that just forwards the mail as is. As to PSN they will usually send multiple mails if the abuse is ongoing. At some point they will send a mail with just one IP and that one gets forwarded. So we are dropping some of the mails, but the users eventually get notified anyway. It is not ideal but it works. Regards, Baldur
http://x-arf.org/ ? -- Hugo Slabbert | email, xmpp/jabber: hugo@slabnet.com pgp key: B178313E | also on Signal On September 22, 2016 5:31:12 AM PDT, Alexander Maassen <outsider@scarynet.org> wrote:
Maybe its time then for a global accepted, unified way to send/report abuse? That should solve most of the issues and end points would be able to deal with it in a common way and only would need to think about how to integrate it in their crm's etc. We are all using the same medium, but attempt to communicate issues using several methods. Perhaps iana can use those (m/b)illions they got from selling tld's and cook something up.
Kind regards, Alexander Maassen - Technical Maintenance Engineer Parkstad Support BV- Maintainer DroneBL- Peplink Certified Engineer
On Thu, 22 Sep 2016 14:31:12 +0200, Alexander Maassen said:
Maybe its time then for a global accepted, unified way to send/report abuse?
YOu mean ike these RFCs? (OK, so it's an XML schema. Just be glad it isn't ASN.1 :) 5070 The Incident Object Description Exchange Format. R. Danyliw, J. Meijer, Y. Demchenko. December 2007. (Format: TXT=171529 bytes) (Updated by RFC6685) (Status: PROPOSED STANDARD) (DOI: 10.17487/RFC5070) 6684 Guidelines and Template for Defining Extensions to the Incident Object Description Exchange Format (IODEF). B. Trammell. July 2012. (Format: TXT=23550 bytes) (Status: INFORMATIONAL) (DOI: 10.17487/RFC6684) 6685 Expert Review for Incident Object Description Exchange Format (IODEF) Extensions in IANA XML Registry. B. Trammell. July 2012. (Format: TXT=4363 bytes) (Updates RFC5070) (Status: PROPOSED STANDARD) (DOI: 10.17487/RFC6685) 7203 An Incident Object Description Exchange Format (IODEF) Extension for Structured Cybersecurity Information. T. Takahashi, K. Landfield, Y. Kadobayashi. April 2014. (Format: TXT=57694 bytes) (Status: PROPOSED STANDARD) (DOI: 10.17487/RFC7203) 7495 Enumeration Reference Format for the Incident Object Description Exchange Format (IODEF). A. Montville, D. Black. March 2015. (Format: TXT=19891 bytes) (Status: PROPOSED STANDARD) (DOI: 10.17487/RFC7495)
On Thu, Sep 22, 2016 at 02:31:12PM +0200, Alexander Maassen wrote:
Maybe its time then for a global accepted, unified way to send/report abuse???
There are -- see Valdis's followup. But there's still no viable substitute for a working abuse@ address with clueful eyeballs on the other side of it. Every responsible and professional operation on this planet has that. The really good ones learn from what shows up there and pro-actively deal with abuse issues before anyone else is bothered by them, which not only makes them better netizens but reduces the volume of incoming complaints. ---rsk
participants (4)
-
Alexander Maassen -
Hugo Slabbert -
Rich Kulawiec -
Valdis.Kletnieks@vt.edu