Best practices for abuse@ mailbox and network abuse complaint handling?
Douglas Otis
dotis at mail-abuse.org
Sun May 13 15:03:30 UTC 2007
On May 12, 2007, at 8:57 PM, K K wrote:
>
> On 5/11/07, william(at)elan.net <william at elan.net> wrote:
>> On Fri, 12 May 2007, John Levine wrote:
>> >> The issue I see with most of the options (abuse.net, spamcop,
>> etc) is
>> >
>> > Hey, leave abuse.net out of this, please. It's just a database
>> of contact addresses.
>
> And it does a fine job at being a database of DOMAIN contact
> addresses, but what abuse.net doesn't do is provide any
> information on NETWORK contacts, it will only look up names, not
> IPs -- for those the victim need to be clueful enough to know what
> an ASN is and how to look up the ASN contact details...
>
> I was hoping that there would be someplace like abuse.net where we
> could register our IPs and ASN, so non-NANOGers could know to
> contact network-abuse@ when they think our network is attacking them?
Perhaps abuse.net could include links to:
http://www.cymru.com/BGP/asnlookup.html
http://www.completewhois.com/
http://www.routeviews.org/
etc.
The desire seems to be network operations are to remain unaffected by
spam sourced by the ASN. Some view spam as a user problem, and not a
network management issue. A resent paper published on ASRG on how to
operate a black-hole list excluded mention of ASNs. The nature of
the Internet however requires more attention to the ASN.
>> Personally I generally report non-spam complaints to same abuse
>> designated mailbox (it is abuse after all) but also CC data from
>> abuse contacts from ASN whois.
>
> That's exactly the problem -- non-spam complaints end up going to
> the same abuse designated mailbox, but outside of NANOG nobody even
> knows what ASN stands for.
There is a reason for that.
-Doug
More information about the NANOG
mailing list