Hi, On Wed, Apr 29, 2020 at 01:44:42PM +0200, Serge Droz via anti-abuse-wg wrote:
Coming from the incident response side, I'm tiered of people constantly telling me, that issues are not their problem
How would this proposal help with said problem?
- It will catch the cases where some miss configuration happened indeed
This is already caught today. The RIPE NCC *does* abuse-c mailbox validation today.
- It will make it impossible for orgs to say "We never received a report"
How so? Yes, there is a mailbox. But if someone doesn't care, why would they not still claim "I have never seen a report"?
- It allows us to enumerate better who does good work and who doesn't.
And how does *this proposal* have any influence on this? I'm usually more of an reporter than a responder, but I've seen both sides - and [as I've said before...] you don't get orgs that do not care to magically expend resources on abuse handling by introducing more mailbox verification procedures. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279