Constant Abuse Reports / Borderline Spamming from RiskIQ
nuclearcat at nuclearcat.com
Mon Apr 13 14:52:15 UTC 2020
On 2020-04-13 17:25, Kushal R. wrote:
> From the past few months we have been receiving a constant stream of
> abuse reports from a company that calls themselves RiskIQ
> The problem isn’t the abuse reports themselves but the way they send
> them. We receive copies of the report, on our sales, billing,
> TECH-POCs and almost everything other email address of ours that is
> available publicly. It doesn’t end there, they even online on our
> website and start using our support live chat and as recently as
> tomorrow they I see that they have now started using Twitter
> (@riskiq_irt) to do the same.
> We understand these reports and deal with them as per our policies and
> timelines but this constant spamming by them from various channels is
> not appreciated.
> Does anyone have a similar experience with them?
If the problem of abuse legit and arises with enviable constancy, maybe
it is time to take fundamental measures to combat abuse?
I had to block port 25 by default on some operators and create a
self-care web page for removing it,
with the requirement to read legal agreement where consequences stated,
if the client start spamming.
For those who are bruteforcing other people's servers / credentials,
soft-throttling ACL had to be implemented.
And as they wrote earlier, it’s better to kick out exceptionally bad
customers than to destroy your reputation.
More information about the NANOG