Automatic abuse reports

Hal Murray hmurray at megapathdsl.net
Wed Nov 13 05:57:17 UTC 2013


William Herrin <bill at herrin.us> said:
> That's the main problem: you can generate the report but if it's about
> some doofus in Dubai what are the odds of it doing any good?

It's much worse than that.

Several 500 pound gorillas expect you to jump through various hoops to report 
abuse.  Have you tried reporting a drop box to Yahoo or Google lately?

On top of that, many outfits big enough to own a CIDR block are outsourcing 
their mail to Google.  Google has a good spam filter.  It's good enough to 
reject spam reports to [email protected]<hosted-by-google>

I wonder what would happen if RIRs required working abuse mailboxes.  There 
are two levels of "working".  The first is doesn't bounce or get rejected 
with a sensible reason.  The second is actually gets acted upon.

If you were magically appointed big-shot in charge of everything, how long 
would you let an ISP host a spammer's web site or DNS server or ...?  What 
about retail ISPs with zillions of zombied systems?


-- 
These are my opinions.  I hate spam.







More information about the NANOG mailing list