de-peering for security sake

TR Shaw tshaw at oitc.com
Fri Dec 25 22:41:19 UTC 2015


ARF (http://www.rfc-editor.org/rfc/rfc5965.txt <http://www.rfc-editor.org/rfc/rfc5965.txt>, https://www.rfc-editor.org/rfc/rfc6650.txt) and X-ARF (http://www.x-arf.org/index.html <http://www.x-arf.org/index.html>) are used quite alot and many, like Yahoo, only accept ARF reports on abusive emails.

you might want to read MAAWG’s BCP: https://www.m3aawg.org/sites/default/files/document/M3AAWG_Feedback_Reporting_Recommendation_BP-2014-02.pdf <https://www.m3aawg.org/sites/default/files/document/M3AAWG_Feedback_Reporting_Recommendation_BP-2014-02.pdf>

Tom

> On Dec 25, 2015, at 5:12 PM, Clayton Zekelman <clayton at mnsi.net> wrote:
> 
> Just an off the cuff thought but if the format of the abuse messages could be standardized so handling them would be semi-automated somewhat like ACNS notices, it might improve response.
> 
> Maybe such a format already exists and just isn't widely used.
> 
> Sent from my iPhone
> 
>> On Dec 25, 2015, at 4:52 PM, Mikael Abrahamsson <swmike at swm.pp.se> wrote:
>> 
>>> On Fri, 25 Dec 2015, Colin Johnston wrote:
>>> 
>>> why do the chinese network folks never reply and action abuse reports, normal slow speed network abuse is tolerated, but not high speed deliberate abuse albeit compromised machines
>> 
>> This is not a chinese problem, this is a general ISP problem. Most ISPs do not respond to abuse reports.
>> 
>> -- 
>> Mikael Abrahamsson    email: swmike at swm.pp.se




More information about the NANOG mailing list