Abuse response [Was: RE: Yahoo Mail Update]

Chris Boyd cboyd at gizmopartners.com
Wed Apr 16 05:38:33 UTC 2008

On Tue, 2008-04-15 at 10:56 +0530, Suresh Ramasubramanian wrote:
> If you have high enough numbers of the stuff to report, do what large
> ISPs do among themselves, set up and offer an ARF'd / IODEF feedback
> loop or some other automated way to send complaints, that is machine
> parseable, and that's sent - by prior agreement - to a specific
> address where the ISP can process it, and quite probably prioritize it
> above all the "j00 hxx0r3d m3 by doing dns lookups!!!!" email. 

So how do the little guys play in this sandbox?  My log files and spam
reports are just as legit as the super-secret-handshake club guys are,
and I'd like to get some respect.  After all, I may be the first one to
report it.

Please keep a few things in mind though:

- It needs to be simple to use.  Web forms are a non-starter.

- The output from any parsers needs to be human readable.  There are too
many auto-whatsit formatters for us to sit down and code to every one.

- I'd like to see an actual response beyond an autoreply saying that you
can't tell me who the customer is or what actions were taken.

- I like dealing with other small operations and edus because humans
actually do read the reports, and things get done (Thanks!).

I've given up sending abuse reports to large consumer ISPs and all
freemail providers because I'm not a member of the club. Any response
that I'm lucky enough to get generally says something like "You did not
include the email headers in your complaint so we are closing this
incident" when I reported and FTP brute force.


More information about the NANOG mailing list