BCP for Abuse Desk

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Tue May 30 22:59:03 UTC 2006


On Tue, 30 May 2006 15:02:21 PDT, Dave Rand said:
> Of late, I have found many large ISPs that are employing anti-spam filters on
> their [email protected] addresses.
> 
> Needless to say, they seem surprised that their customers have any abuse
> issues involving spam at all :-)

Paging Randy Bush - one of your competitors is on the phone... :)

> I know that there was a Abuse Desk BCP working group started a few years ago.
> Can anyone give me an update on BCP practices that I can refer ISPs to?

http://asrg.sp.am/subgroups/bcp.shtml says:

"Previous BCP subgroup has been active from September of 2003 until December of
2003 when it was shutdown due to lack of active members. This subgroup is
currently in formation, will be restarting as soon as we have enough interested
participants."

Oooh... Kaay..

Really though, all the BCP you need is:

1) Make sure the '[email protected]' and '[email protected]' addresses accept mail and actually
go to live people that can take action (rather than routing to /dev/null or
bouncing because the mailbox is full).
2) Don't put a spam filter in front of the spam reporting address.
3) Take *meaningful* action that actually fixes the problem.
  3a) Don't send back a "this spam isn't from us" canned message when the
  headers clearly show it came from you, etc....
  3b) No pink contracts.
  3c) Do a basic check on new customers.  http://www.spamhaus.org/Rokso/ is
  a good start.
  3d) Make sure your ToS allows nuking a spamming/abusive host.
  3e) Then *use* that clause in the ToS when needed.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20060530/84d45ac7/attachment.sig>


More information about the NANOG mailing list