Shane Kerr wrote:
Frank,
Hi Shane,
Yes, that is correct. So the question is "why make it mandatory then?"
The example from hovland.cz in one of the last mails was pretty good. His customers do not have a working abuse department and maybe even no email address. So: a mandatory field is a good point to start discussing this with your customers ;o) Not only to stop abuse from those networks, but wich customer likes to have his resources abused and NOT know about it ? You can even sell it as a service ... A break-in is not only a problem to others, that are abused after the break-in, is also a problem for the service itself ... and is not everybody concerned, that his data could be stolen ? Im always happy to receive whatever report. I rather receive 30 reports leading to nothing (because they are simply wrong, like the reports from spamcop, that usally are reported from users that simply forgot that they susbribed to a customers newsletter once or are to lacy to unsubscibe), when just one shows me a potential security problem with my customers services. It a service for our customers, and they all love it, when we can keep them informed about new software versions, they should update to or similar. So: why should anybody not be interested if his services are hacked ? Another (somehow funny) example I had last week with a German ISP, we reported too. He replied, that hes not doing anything about break-ins into the services he runs for his customers, simply because its too expensive and he could not compete with others in the market, if he would. One of his root servers got hacked and the hacker installed an etherner-sniffer and read all the password from his other customers. The hacker then broke into another customers server and stole a lot of data. Now, the ISP is brought to court by this other customer, because hes a "Mitstoerer" in German law, he knew about the risk and did not do anything. And the police already ask us, if we informed that ISP about the spam coming from one if his machines. We surely said: yes. They then ask, if we got a reply and said yes again. I guess, he will loose this case and will be broke afterwards loosing his business completely. And all his customers will hopefully ask their new ISPs, if they have a working abuse department (that also good education).
If someone reports that an abuse mailbox is unresponsive to the RIPE NCC, they will investigate. If the RIPE NCC also finds the abuse mailbox is unresponsive, then they will alert the resource holder. If the resource holder has not fixed the problem within 30 days, then the resources will be revoked. If the holder tries to hide an unresponsive abuse mailbox, for example by adding a filter that allows RIPE NCC mails through but ignores all others, then resources will be revoked immediately.
I just think that such a policy has no chance of being approved. :)
Your probably right, but I think, its a shame that something like this is not possible. Kidn regards, Frank -- -- Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================