Re: [anti-abuse-wg] anti-abuse-wg Digest, Vol 8, Issue 9
"Re: Contents of anti-abuse-wg digest..." Why does this discussion take so many words and arguments? 1. Primarily RIPE NCC needs or at least should need a proper overview of who its members are for several reasons that all have to do with internal processes like reaching out, billing and maintaining correct records, in short common business practice. 2. There is an abuse function for well ... abuse, so members can reach out to each other and amend whatever goes wrong. All this isn't strange or weird, but normal practice for any company, club, association, etc. As soon as an address isn't correct the company, club, association, university, etc. reaches out to the customer, member, student concerned in order to get new relevant data, so it can do billing, maintenance of records, send news, etc. If the customer, member, et al, does not respond, steps are taken to terminate the relation. This is common practice to any company, club, association, etc. and has, primarily, nothing to do with law enforcement of any kind, but with customer/member relations, correct records, due payment, etc. So how come that as soon as this discussion is about the Internet, whether domain name registrations or in this case IP addresses, this totally normal form of doing business is denied as being standard practice? If data is not correct and there is no way the, in this case RIPE NCC, member can be found, it is not so strange that, after a published notice with a due time frame, a relation is terminated. Certainly in a period of scarcity in IPv4 addresses, this should be common practice. (And if it happens to concern a criminal organisation, they won't show up any way. All others will within about 2 seconds of termination.) So if correct data is standard practice and law enforcement needs them for whatever reason, they can access this data either through Whois of through correct proceedings in the Dutch law. Like it should be. Correct data saves money in the end, for all concerned, and makes becoming a member less attractive for individuals or organisations that most of us agree don't need a place on the internet. I don't think LEAs ask for more than that, but as a RIPE member I would look at my own organisation first. LEAs need to deal with LIRs more than an RIR, I'd guess, so assist them in finding these LIRs. Wout
From: anti-abuse-wg-request@ripe.net Subject: anti-abuse-wg Digest, Vol 8, Issue 9 To: anti-abuse-wg@ripe.net Date: Wed, 11 Apr 2012 16:13:31 +0200
Send anti-abuse-wg mailing list submissions to anti-abuse-wg@ripe.net
To subscribe or unsubscribe via the World Wide Web, visit https://www.ripe.net/mailman/listinfo/anti-abuse-wg or, via email, send a message with subject or body 'help' to anti-abuse-wg-request@ripe.net
You can reach the person managing the list at anti-abuse-wg-owner@ripe.net
When replying, please edit your Subject line so it is more specific than "Re: Contents of anti-abuse-wg digest..."
Today's Topics:
1. Re: Introducing the RIPE NCC Report Form (julien tayon) 2. Re: current business practices (Frank Gadegast) 3. Re: Introducing the RIPE NCC Report Form (Chris Heinze) 4. Re: current business practices (Gert Doering) 5. Re: current business practices (Michele Neylon :: Blacknight) 6. Re: current business practices (Suresh Ramasubramanian) 7. Re: current business practices (Frank Gadegast)
----------------------------------------------------------------------
Message: 1 Date: Wed, 11 Apr 2012 15:49:01 +0200 From: julien tayon <julien@tayon.net> Subject: Re: [anti-abuse-wg] Introducing the RIPE NCC Report Form To: Brian Nisbet <brian.nisbet@heanet.ie> Cc: anti-abuse-wg@ripe.net Message-ID: <CAFpLVkyZQb0W3iCTMuq_uK3fBysQf8gHt8sP23MLypu3P4hriw@mail.gmail.com> Content-Type: text/plain; charset=UTF-8
2012/4/11 Brian Nisbet <brian.nisbet@heanet.ie>:
Chris,
"Chris" wrote the following on 11/04/2012 11:03:
On 04/10/2012 05:18 PM, Joe St Sauver wrote:
Maintenance of the database documenting who's been allocated/assigned space is *core* to RIPE's mission.
simply wrong. ripe's core is allocation. that's what they do. your mission is your private error.
Ripe's core is at least to provide **change management** over contact on allocation of internet resources (IP, AS) so that stakeholder's can cooperate, since internet protocols relies on swift cooperation between entities. Imagine a world in which you cannot reach a LIR or RIR having wrong BGP rules ?
Furthermore, RIPE NCC is bound by its contract with ICANN in its mission of allocating resources. I think reading the actual contract might settle the topic pretty fast.
Since I don't have the contract under my eyes right now, I will make a simple reasoning based on public informations and personnal experience.
Let's stick to the common sense of database first : *Data accuracy is the most important property of a database.* Ripe NCC is entitled to manage the whois database, therefore it is in their mission to ensure DB integrity.
If it is not convincing enough, let's remember data accuracy is considered by ICANN as a **MUST DO** for delegated entities (both for gTLD and resources). Just search ICANN web sites and you'll have extended papers explaining why accuracy matters, and how this responsability is also delegated. http://www.icann.org/en/gsearch/accuracy
In a world without accurate whois contact it will be the the strongest's rule that shall prevail.
What tickles me is how can RIPE NCC bill instances they don't have the **accurate** contacts ? Are there 2 DBs one for billing (with accurate data) and another one for public access with inaccurate data ?
RIPE NCC cant choose the parts it likes in its delegated mission from ICANN. A contract is a contract and RIPE NCC is bound by its duties regarding ICANN. If ICANN states RIPE NCC MUST have accurates data, and MUST enforce internet policies I cannot see how RIPE NCC or RIPE can decide it is does not fall into their responsabilities.
Now, all everybody needs to know : * what level of accuracy ICANN can realistcly expect from its delegates ? * what are the internet policies ICANN mentions ?
Cheers.
-- Jul Experienced freelance for years (having worked for ISP).
------------------------------
Message: 2 Date: Wed, 11 Apr 2012 16:08:11 +0200 From: Frank Gadegast <ripe-anti-spam-wg@powerweb.de> Subject: Re: [anti-abuse-wg] current business practices To: "anti-abuse-wg@ripe.net" <anti-abuse-wg@ripe.net> Message-ID: <4F85904B.8090203@powerweb.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
V
subpoena by deleting the wrong AS object from the database
;o)
Heh. ACK on the role. But I was thinking towards urging the ISP itself to take action (once you HAVE contacted them) on the abuse complaints. That's where the pressure of a lea agency can come in handy, if such a regulator is available.
Well, the only possibility would be the police. They do care here in Germany are kind of technical disadvanced :o(
There is some organizations this ISP is a member of (like the ECO), and they have also a abuse clearing board, but that one isnt really useful because it never did anything against their members ...
And why should they do something, they are not responsible for the resources ...
Kind regards, Frank
Pepijn
+++++++++++++++++++++++++++++++++++++++++++++
Disclaimer
Dit e-mailbericht kan vertrouwelijke informatie bevatten of informatie die is beschermd door een beroepsgeheim.
Indien dit bericht niet voor u is bestemd, wijzen wij u erop dat elke vorm van verspreiding, vermenigvuldiging
of ander gebruik ervan niet is toegestaan.
Indien dit bericht blijkbaar bij vergissing bij u terecht is gekomen, verzoeken wij u ons daarvan
direct op de hoogte te stellen via tel.nr 070 315 3500 of e-mail mailto:mail@opta.nl en het bericht te vernietigen.
Dit e-mailbericht is uitsluitend gecontroleerd op virussen.
OPTA aanvaardt geen enkele aansprakelijkheid voor de feitelijke inhoud en juistheid van dit bericht en er kunnen
geen rechten aan worden ontleend.
This e-mail message may contain confidential information or information protected by professional privilege.
If it is not intended for you, you should be aware that any distribution, copying or other form of use of
this message is not permitted.
If it has apparently reached you by mistake, we urge you to notify us by phone +31 70 315 3500
or e-mail mailto:mail@opta.nl and destroy the message immediately.
This e-mail message has only been checked for viruses.
The accuracy, relevance, timeliness or completeness of the information provided cannot be guaranteed.
OPTA expressly disclaims any responsibility in relation to the information in this e-mail message.
No rights can be derived from this message.
--
Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
------------------------------
Message: 3 Date: Wed, 11 Apr 2012 14:49:13 +0200 From: Chris Heinze <Chris.Heinze@consol.de> Subject: Re: [anti-abuse-wg] Introducing the RIPE NCC Report Form To: anti-abuse-wg@ripe.net Message-ID: <4F857DC9.8060905@consol.de> Content-Type: text/plain; charset=UTF-8
On 04/11/2012 02:13 PM, Brian Nisbet wrote:
ripe's core is allocation. that's what they do. your mission is your private error.
right, that sums it up nicely, thanks.
Once all of v4 space is allocated (soon now, soon), the primary job of the NCC and the other four RIRs will be keeping a good registry.
ripe's job isn't defined by and doesn't depend on whether or not v4 space is completely allocated (which it btw probably never will). keeping a good registry is as explained a service kindly provided by ripe to help - and it did that since the beginning.
regards,
Chris
------------------------------
Message: 4 Date: Wed, 11 Apr 2012 15:29:17 +0200 From: Gert Doering <gert@space.net> Subject: Re: [anti-abuse-wg] current business practices To: Suresh Ramasubramanian <ops.lists@gmail.com> Cc: shane@time-travellers.org, Brian Nisbet <brian.nisbet@heanet.ie>, anti-abuse-wg@ripe.net, Tobias Knecht <tk@abusix.com>, "Michele Neylon :: Blacknight" <michele@blacknight.ie>, Laura Cobley <laura@ripe.net>, Florian Weimer <fw@deneb.enyo.de>, Frank Gadegast <ripe-anti-spam-wg@powerweb.de>, Gert Doering <gert@space.net> Message-ID: <20120411132917.GN84425@Space.Net> Content-Type: text/plain; charset="us-ascii"
hi,
On Wed, Apr 11, 2012 at 06:50:02PM +0530, Suresh Ramasubramanian wrote:
On Wed, Apr 11, 2012 at 6:32 PM, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:
will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly).
suresh@frodo 03:54:25 :~$ telnet mamba.ripe.net smtp Trying 2001:67c:2e8:11::c100:1328... Trying 193.0.19.40... telnet: Unable to connect to remote host: Connection refused
Things seem to be RIPE for a change eh?
So, what exactly causes the assumption that mamba is supposed to be reachable from the outside, on Port 25?
$ host -t mx ripe.net ripe.net mail is handled by 250 postlady.ripe.net. ripe.net mail is handled by 200 postgirl.ripe.net.
Now, obviously, expecting anti-spammers to understand about MX records and how to read Received: lines might be asking for a bit much...
Gert Doering -- NetMaster -- have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
On 11 Apr 2012, at 16:38, Wout de Natris wrote:
"Re: Contents of anti-abuse-wg digest..."
Why does this discussion take so many words and arguments?
1. Primarily RIPE NCC needs or at least should need a proper overview of who its members are for several reasons that all have to do with internal processes like reaching out, billing and maintaining correct records, in short common business practice.
Which it already has and does.
2. There is an abuse function for well … abuse
Where? As has been discussed to death on this list (and elsewhere) there currently isn't a standardised abuse contact for an IP range and there is no obligation for any LIR to assign an abuse object (that they may designate) to an IP or range of IPs or are you referring to something else?
, so members can reach out to each other and amend whatever goes wrong.
All this isn't strange or weird, but normal practice for any company, club, association, etc. As soon as an address isn't correct the company, club, association, university, etc. reaches out to the customer, member, student concerned in order to get new relevant data, so it can do billing, maintenance of records, send news, etc. If the customer, member, et al, does not respond, steps are taken to terminate the relation. This is common practice to any company, club, association, etc. and has, primarily, nothing to do with law enforcement of any kind, but with customer/member relations, correct records, due payment, etc.
So how come that as soon as this discussion is about the Internet, whether domain name registrations or in this case IP addresses, this totally normal form of doing business is denied as being standard practice? If data is not correct and there is no way the, in this case RIPE NCC,
And here is where your logic breaks very badly While all IP addresses are going to be assigned to LIRs a lot of the discussion is about IP objects and blocks - these are usually assigned to LIR's customers RIPE can contact the LIR The LIR can probably contact their customer The disjoint could be in the database BUT Assuming like you have that an entry in the database can only relate directly to a LIR is wrong.
member can be found, it is not so strange that, after a published notice with a due time frame, a relation is terminated. Certainly in a period of scarcity in IPv4 addresses, this should be common practice. (And if it happens to concern a criminal organisation, they won't show up any way. All others will within about 2 seconds of termination.)
So if correct data is standard practice and law enforcement needs them for whatever reason, they can access this data either through Whois of through correct proceedings in the Dutch law. Like it should be. Correct data saves money in the end, for all concerned, and makes becoming a member less attractive for individuals or organisations that most of us agree don't need a place on the internet. I don't think LEAs ask for more than that, but as a RIPE member I would look at my own organisation first. LEAs need to deal with LIRs more than an RIR, I'd guess, so assist them in finding these LIRs.
Wout
From: anti-abuse-wg-request@ripe.net Subject: anti-abuse-wg Digest, Vol 8, Issue 9 To: anti-abuse-wg@ripe.net Date: Wed, 11 Apr 2012 16:13:31 +0200
Send anti-abuse-wg mailing list submissions to anti-abuse-wg@ripe.net
To subscribe or unsubscribe via the World Wide Web, visit https://www.ripe.net/mailman/listinfo/anti-abuse-wg or, via email, send a message with subject or body 'help' to anti-abuse-wg-request@ripe.net
You can reach the person managing the list at anti-abuse-wg-owner@ripe.net
When replying, please edit your Subject line so it is more specific than "Re: Contents of anti-abuse-wg digest..."
Today's Topics:
1. Re: Introducing the RIPE NCC Report Form (julien tayon) 2. Re: current business practices (Frank Gadegast) 3. Re: Introducing the RIPE NCC Report Form (Chris Heinze) 4. Re: current business practices (Gert Doering) 5. Re: current business practices (Michele Neylon :: Blacknight) 6. Re: current business practices (Suresh Ramasubramanian) 7. Re: current business practices (Frank Gadegast)
----------------------------------------------------------------------
Message: 1 Date: Wed, 11 Apr 2012 15:49:01 +0200 From: julien tayon <julien@tayon.net> Subject: Re: [anti-abuse-wg] Introducing the RIPE NCC Report Form To: Brian Nisbet <brian.nisbet@heanet.ie> Cc: anti-abuse-wg@ripe.net Message-ID: <CAFpLVkyZQb0W3iCTMuq_uK3fBysQf8gHt8sP23MLypu3P4hriw@mail.gmail.com> Content-Type: text/plain; charset=UTF-8
2012/4/11 Brian Nisbet <brian.nisbet@heanet.ie>:
Chris,
"Chris" wrote the following on 11/04/2012 11:03:
On 04/10/2012 05:18 PM, Joe St Sauver wrote:
Maintenance of the database documenting who's been allocated/assigned space is *core* to RIPE's mission.
simply wrong. ripe's core is allocation. that's what they do. your mission is your private error.
Ripe's core is at least to provide **change management** over contact on allocation of internet resources (IP, AS) so that stakeholder's can cooperate, since internet protocols relies on swift cooperation between entities. Imagine a world in which you cannot reach a LIR or RIR having wrong BGP rules ?
Furthermore, RIPE NCC is bound by its contract with ICANN in its mission of allocating resources. I think reading the actual contract might settle the topic pretty fast.
Since I don't have the contract under my eyes right now, I will make a simple reasoning based on public informations and personnal experience.
Let's stick to the common sense of database first : *Data accuracy is the most important property of a database.* Ripe NCC is entitled to manage the whois database, therefore it is in their mission to ensure DB integrity.
If it is not convincing enough, let's remember data accuracy is considered by ICANN as a **MUST DO** for delegated entities (both for gTLD and resources). Just search ICANN web sites and you'll have extended papers explaining why accuracy matters, and how this responsability is also delegated. http://www.icann.org/en/gsearch/accuracy
In a world without accurate whois contact it will be the the strongest's rule that shall prevail.
What tickles me is how can RIPE NCC bill instances they don't have the **accurate** contacts ? Are there 2 DBs one for billing (with accurate data) and another one for public access with inaccurate data ?
RIPE NCC cant choose the parts it likes in its delegated mission from ICANN. A contract is a contract and RIPE NCC is bound by its duties regarding ICANN. If ICANN states RIPE NCC MUST have accurates data, and MUST enforce internet policies I cannot see how RIPE NCC or RIPE can decide it is does not fall into their responsabilities.
Now, all everybody needs to know : * what level of accuracy ICANN can realistcly expect from its delegates ? * what are the internet policies ICANN mentions ?
Cheers.
-- Jul Experienced freelance for years (having worked for ISP).
------------------------------
Message: 2 Date: Wed, 11 Apr 2012 16:08:11 +0200 From: Frank Gadegast <ripe-anti-spam-wg@powerweb.de> Subject: Re: [anti-abuse-wg] current business practices To: "anti-abuse-wg@ripe.net" <anti-abuse-wg@ripe.net> Message-ID: <4F85904B.8090203@powerweb.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
V
subpoena by deleting the wrong AS object from the database
;o)
Heh. ACK on the role. But I was thinking towards urging the ISP itself to take action (once you HAVE contacted them) on the abuse complaints. That's where the pressure of a lea agency can come in handy, if such a regulator is available.
Well, the only possibility would be the police. They do care here in Germany are kind of technical disadvanced :o(
There is some organizations this ISP is a member of (like the ECO), and they have also a abuse clearing board, but that one isnt really useful because it never did anything against their members ...
And why should they do something, they are not responsible for the resources ...
Kind regards, Frank
Pepijn
+++++++++++++++++++++++++++++++++++++++++++++
Disclaimer
Dit e-mailbericht kan vertrouwelijke informatie bevatten of informatie die is beschermd door een beroepsgeheim.
Indien dit bericht niet voor u is bestemd, wijzen wij u erop dat elke vorm van verspreiding, vermenigvuldiging
of ander gebruik ervan niet is toegestaan.
Indien dit bericht blijkbaar bij vergissing bij u terecht is gekomen, verzoeken wij u ons daarvan
direct op de hoogte te stellen via tel.nr 070 315 3500 of e-mail mailto:mail@opta.nl en het bericht te vernietigen.
Dit e-mailbericht is uitsluitend gecontroleerd op virussen.
OPTA aanvaardt geen enkele aansprakelijkheid voor de feitelijke inhoud en juistheid van dit bericht en er kunnen
geen rechten aan worden ontleend.
This e-mail message may contain confidential information or information protected by professional privilege.
If it is not intended for you, you should be aware that any distribution, copying or other form of use of
this message is not permitted.
If it has apparently reached you by mistake, we urge you to notify us by phone +31 70 315 3500
or e-mail mailto:mail@opta.nl and destroy the message immediately.
This e-mail message has only been checked for viruses.
The accuracy, relevance, timeliness or completeness of the information provided cannot be guaranteed.
OPTA expressly disclaims any responsibility in relation to the information in this e-mail message.
No rights can be derived from this message.
--
Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
------------------------------
Message: 3 Date: Wed, 11 Apr 2012 14:49:13 +0200 From: Chris Heinze <Chris.Heinze@consol.de> Subject: Re: [anti-abuse-wg] Introducing the RIPE NCC Report Form To: anti-abuse-wg@ripe.net Message-ID: <4F857DC9.8060905@consol.de> Content-Type: text/plain; charset=UTF-8
On 04/11/2012 02:13 PM, Brian Nisbet wrote:
ripe's core is allocation. that's what they do. your mission is your private error.
right, that sums it up nicely, thanks.
Once all of v4 space is allocated (soon now, soon), the primary job of the NCC and the other four RIRs will be keeping a good registry.
ripe's job isn't defined by and doesn't depend on whether or not v4 space is completely allocated (which it btw probably never will). keeping a good registry is as explained a service kindly provided by ripe to help - and it did that since the beginning.
regards,
Chris
------------------------------
Message: 4 Date: Wed, 11 Apr 2012 15:29:17 +0200 From: Gert Doering <gert@space.net> Subject: Re: [anti-abuse-wg] current business practices To: Suresh Ramasubramanian <ops.lists@gmail.com> Cc: shane@time-travellers.org, Brian Nisbet <brian.nisbet@heanet.ie>, anti-abuse-wg@ripe.net, Tobias Knecht <tk@abusix.com>, "Michele Neylon :: Blacknight" <michele@blacknight.ie>, Laura Cobley <laura@ripe.net>, Florian Weimer <fw@deneb.enyo.de>, Frank Gadegast <ripe-anti-spam-wg@powerweb.de>, Gert Doering <gert@space.net> Message-ID: <20120411132917.GN84425@Space.Net> Content-Type: text/plain; charset="us-ascii"
hi,
On Wed, Apr 11, 2012 at 06:50:02PM +0530, Suresh Ramasubramanian wrote:
On Wed, Apr 11, 2012 at 6:32 PM, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:
will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly).
suresh@frodo 03:54:25 :~$ telnet mamba.ripe.net smtp Trying 2001:67c:2e8:11::c100:1328... Trying 193.0.19.40... telnet: Unable to connect to remote host: Connection refused
Things seem to be RIPE for a change eh?
So, what exactly causes the assumption that mamba is supposed to be reachable from the outside, on Port 25?
$ host -t mx ripe.net ripe.net mail is handled by 250 postlady.ripe.net. ripe.net mail is handled by 200 postgirl.ripe.net.
Now, obviously, expecting anti-spammers to understand about MX records and how to read Received: lines might be asking for a bit much...
Gert Doering -- NetMaster -- have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 306 bytes Desc: not available Url : https://www.ripe.net/ripe/mail/archives/anti-abuse-wg/attachments/20120411/7...
------------------------------
Message: 5 Date: Wed, 11 Apr 2012 13:32:48 +0000 From: "Michele Neylon :: Blacknight" <michele@blacknight.ie> Subject: Re: [anti-abuse-wg] current business practices To: Gert Doering <gert@space.net>, Suresh Ramasubramanian <ops.lists@gmail.com> Cc: "shane@time-travellers.org" <shane@time-travellers.org>, Brian Nisbet <brian.nisbet@heanet.ie>, "anti-abuse-wg@ripe.net" <anti-abuse-wg@ripe.net>, Tobias Knecht <tk@abusix.com>, Laura Cobley <laura@ripe.net>, Florian Weimer <fw@deneb.enyo.de>, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> Message-ID: <4F2538C315ACAC42AD334C533C247C47263EFF60@bkexchmbx01.blacknight.local>
Content-Type: text/plain; charset="us-ascii"
So this list is now turned into an "experts" exchange on SMTP?
*sigh*
-- Mr Michele Neylon Blacknight Solutions Hosting & Colocation, Brand Protection http://www.blacknight.com/ http://blog.blacknight.com/ http://mneylon.tel/ Intl. +353 (0) 59 9183072 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Fax. +353 (0) 1 4811 763 Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
________________________________________ From: Gert Doering [gert@space.net] Sent: 11 April 2012 14:29 To: Suresh Ramasubramanian Cc: Frank Gadegast; Laura Cobley; Florian Weimer; anti-abuse-wg@ripe.net; Brian Nisbet; chrish@consol.net; shane@time-travellers.org; Michele Neylon :: Blacknight; Gert Doering; Tobias Knecht Subject: Re: [anti-abuse-wg] current business practices
hi,
On Wed, Apr 11, 2012 at 06:50:02PM +0530, Suresh Ramasubramanian wrote:
On Wed, Apr 11, 2012 at 6:32 PM, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:
will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly).
suresh@frodo 03:54:25 :~$ telnet mamba.ripe.net smtp Trying 2001:67c:2e8:11::c100:1328... Trying 193.0.19.40... telnet: Unable to connect to remote host: Connection refused
Things seem to be RIPE for a change eh?
So, what exactly causes the assumption that mamba is supposed to be reachable from the outside, on Port 25?
$ host -t mx ripe.net ripe.net mail is handled by 250 postlady.ripe.net. ripe.net mail is handled by 200 postgirl.ripe.net.
Now, obviously, expecting anti-spammers to understand about MX records and how to read Received: lines might be asking for a bit much...
Gert Doering -- NetMaster -- have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
------------------------------
Message: 6 Date: Wed, 11 Apr 2012 18:50:02 +0530 From: Suresh Ramasubramanian <ops.lists@gmail.com> Subject: Re: [anti-abuse-wg] current business practices To: Frank Gadegast <ripe-anti-spam-wg@powerweb.de> Cc: shane@time-travellers.org, Brian Nisbet <brian.nisbet@heanet.ie>, anti-abuse-wg@ripe.net, Tobias Knecht <tk@abusix.com>, "Michele Neylon :: Blacknight" <michele@blacknight.ie>, Laura Cobley <laura@ripe.net>, Florian Weimer <fw@deneb.enyo.de>, Gert Doering <gert@space.net> Message-ID: <CAArzuosp9co8UyZW9Cogo6ov_-qt9hy9WeYgTP7OmGOY0q5z5A@mail.gmail.com> Content-Type: text/plain; charset=UTF-8
On Wed, Apr 11, 2012 at 6:32 PM, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:
will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly).
suresh@frodo 03:54:25 :~$ telnet mamba.ripe.net smtp Trying 2001:67c:2e8:11::c100:1328... Trying 193.0.19.40... telnet: Unable to connect to remote host: Connection refused
Things seem to be RIPE for a change eh?
-- Suresh Ramasubramanian (ops.lists@gmail.com)
------------------------------
Message: 7 Date: Wed, 11 Apr 2012 15:02:05 +0200 From: Frank Gadegast <ripe-anti-spam-wg@powerweb.de> Subject: Re: [anti-abuse-wg] current business practices To: Laura Cobley <laura@ripe.net> Cc: shane@time-travellers.org, Brian Nisbet <brian.nisbet@heanet.ie>, anti-abuse-wg@ripe.net, Tobias Knecht <tk@abusix.com>, "Michele Neylon :: Blacknight" <michele@blacknight.ie>, Florian Weimer <fw@deneb.enyo.de>, ops.lists@gmail.com, Gert Doering <gert@space.net> Message-ID: <4F8580CD.4000502@powerweb.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Laura Cobley wrote:
Dear Florian and all,
Hi,
(some details from our current experiences with RIPE NCC and accuracy of the RIPE objects)
we currently have one case where a really big German cablenet ISP is having exacly one abuse-eMail address for their tech-c, abuse-mailbox and admin-c, for all their objects.
And this one email has a domain, what does not belong to the ISP anymore, since November 2011, its currently owned by a domain grabber, because the ISP deleted the domain on purpose (on behalf of a change in the company name years ago). There is no other working contact information (phone lets you end up at their hotline where they have absolutly no idea about abuse), snail mail is no option, fax number is not supplied.
We tried mailing there peering contact, their normal customer email from their website, filled their online feedback form and then opened a normal ticket at RIPE NCC, were just told to open another ticket at RIPE NCC and invested about 5 hours already describing the problem at RIPE NCC. Simply no chance, RIPE NCC is responding to tickets on a daily basis, even during business hours (jesus, we will respond in about 5 minutes if something serious like that will happen to our networks). The interest at the RIPE NCC to fix database problems does not seem to have any priority.
Ah, I forgot: the maillist server mamba.ripe.net has technical problems during the last 3 weeks, we opened tickets for that as well and even got a response once, still not fixed, the maillist server is probably not reacheable for 90% of the members ... whoever will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly).
So: abuse does not have priority in a lot of peoples heads those days, even when they tell you that daily ...
(we have about 100 abuse incidents with that ISP monthly and the ISP even resides in the same country than we are, but its still, if they reside on the other side of the moon, maybe I should demonstrate if front of the office building with a big sign saying: "you dont have a working abuse appartment")
Kind regards, Frank
Over time, contact information in the RIPE Database can become outdated due to staffing changes, oversight and lack of knowledge on the part of the maintainer. Bringing the irregularity directly to the attention of this maintainer can be the quickest way to get it fixed.
If you subsequently experience difficulties with this, we can help you to get in touch with the maintainer by forwarding your report to the person responsible for the Internet number resource registration. Handling reports is a normal part of our operations within the RIPE NCC and the report form makes it easier to get in touch with us.
We ask you to include information such as mail delivery failure notices and copies of emails with headers, which clearly show the problem and the subsequent difficulties you are having. These help to substantiate the report. Our aim is to work together with you to further improve the quality of the data in the Internet number resource registry.
Best regards,
Laura Cobley RIPE NCC
On 4/6/12 8:45 PM, Florian Weimer wrote:
* Laura Cobley:
Using this form, you can now easily report various issues, including abnormalities in Internet number resource registrations, to us for further investigation.
I looked at "Incorrect contact information in the RIPE Database", and "I confirm that I have reported the incorrect information to all of the contacts listed in the relevant object" is a required checkbox.
This seems to require that complainants try postal addresses, phone and fax numbers before reporting errors in email addresses. Is this really your goal? Isn't this a step backwards?
--
Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
End of anti-abuse-wg Digest, Vol 8, Issue 9 *******************************************
Mr Michele Neylon Blacknight Solutions ♞ Hosting & Colocation, Brand Protection ICANN Accredited Registrar http://www.blacknight.com/ http://blog.blacknight.com/ http://blacknight.biz http://mneylon.tel Intl. +353 (0) 59 9183072 US: 213-233-1612 Locall: 1850 929 929 Direct Dial: +353 (0)59 9183090 Facebook: http://fb.me/blacknight Twitter: http://twitter.com/mneylon ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
Michele Neylon :: Blacknight wrote:
2. There is an abuse function for well … abuse
Where?
the (not working) abuse finder tool ? the new "forms" at ripe ?
And here is where your logic breaks very badly
Not SOO badly. If RIPE NCC finally will force the LIRs to have correct abuse contacts, it means that the LIR has to take care (well he inserted the objects himself or delegated access to them to his customer), its not interesting, if the customer provides correct details at all. The LIR has to provide them. And if he doesnt, well, punish him ... Kind regards, Frank
While all IP addresses are going to be assigned to LIRs a lot of the discussion is about IP objects and blocks - these are usually assigned to LIR's customers
RIPE can contact the LIR
The LIR can probably contact their customer
The disjoint could be in the database
BUT
Assuming like you have that an entry in the database can only relate directly to a LIR is wrong.
member can be found, it is not so strange that, after a published notice with a due time frame, a relation is terminated. Certainly in a period of scarcity in IPv4 addresses, this should be common practice. (And if it happens to concern a criminal organisation, they won't show up any way. All others will within about 2 seconds of termination.)
So if correct data is standard practice and law enforcement needs them for whatever reason, they can access this data either through Whois of through correct proceedings in the Dutch law. Like it should be. Correct data saves money in the end, for all concerned, and makes becoming a member less attractive for individuals or organisations that most of us agree don't need a place on the internet. I don't think LEAs ask for more than that, but as a RIPE member I would look at my own organisation first. LEAs need to deal with LIRs more than an RIR, I'd guess, so assist them in finding these LIRs.
Wout
From: anti-abuse-wg-request@ripe.net Subject: anti-abuse-wg Digest, Vol 8, Issue 9 To: anti-abuse-wg@ripe.net Date: Wed, 11 Apr 2012 16:13:31 +0200
Send anti-abuse-wg mailing list submissions to anti-abuse-wg@ripe.net
To subscribe or unsubscribe via the World Wide Web, visit https://www.ripe.net/mailman/listinfo/anti-abuse-wg or, via email, send a message with subject or body 'help' to anti-abuse-wg-request@ripe.net
You can reach the person managing the list at anti-abuse-wg-owner@ripe.net
When replying, please edit your Subject line so it is more specific than "Re: Contents of anti-abuse-wg digest..."
Today's Topics:
1. Re: Introducing the RIPE NCC Report Form (julien tayon) 2. Re: current business practices (Frank Gadegast) 3. Re: Introducing the RIPE NCC Report Form (Chris Heinze) 4. Re: current business practices (Gert Doering) 5. Re: current business practices (Michele Neylon :: Blacknight) 6. Re: current business practices (Suresh Ramasubramanian) 7. Re: current business practices (Frank Gadegast)
----------------------------------------------------------------------
Message: 1 Date: Wed, 11 Apr 2012 15:49:01 +0200 From: julien tayon<julien@tayon.net> Subject: Re: [anti-abuse-wg] Introducing the RIPE NCC Report Form To: Brian Nisbet<brian.nisbet@heanet.ie> Cc: anti-abuse-wg@ripe.net Message-ID: <CAFpLVkyZQb0W3iCTMuq_uK3fBysQf8gHt8sP23MLypu3P4hriw@mail.gmail.com> Content-Type: text/plain; charset=UTF-8
2012/4/11 Brian Nisbet<brian.nisbet@heanet.ie>:
Chris,
"Chris" wrote the following on 11/04/2012 11:03:
On 04/10/2012 05:18 PM, Joe St Sauver wrote:
Maintenance of the database documenting who's been allocated/assigned space is *core* to RIPE's mission.
simply wrong. ripe's core is allocation. that's what they do. your mission is your private error.
Ripe's core is at least to provide **change management** over contact on allocation of internet resources (IP, AS) so that stakeholder's can cooperate, since internet protocols relies on swift cooperation between entities. Imagine a world in which you cannot reach a LIR or RIR having wrong BGP rules ?
Furthermore, RIPE NCC is bound by its contract with ICANN in its mission of allocating resources. I think reading the actual contract might settle the topic pretty fast.
Since I don't have the contract under my eyes right now, I will make a simple reasoning based on public informations and personnal experience.
Let's stick to the common sense of database first : *Data accuracy is the most important property of a database.* Ripe NCC is entitled to manage the whois database, therefore it is in their mission to ensure DB integrity.
If it is not convincing enough, let's remember data accuracy is considered by ICANN as a **MUST DO** for delegated entities (both for gTLD and resources). Just search ICANN web sites and you'll have extended papers explaining why accuracy matters, and how this responsability is also delegated. http://www.icann.org/en/gsearch/accuracy
In a world without accurate whois contact it will be the the strongest's rule that shall prevail.
What tickles me is how can RIPE NCC bill instances they don't have the **accurate** contacts ? Are there 2 DBs one for billing (with accurate data) and another one for public access with inaccurate data ?
RIPE NCC cant choose the parts it likes in its delegated mission from ICANN. A contract is a contract and RIPE NCC is bound by its duties regarding ICANN. If ICANN states RIPE NCC MUST have accurates data, and MUST enforce internet policies I cannot see how RIPE NCC or RIPE can decide it is does not fall into their responsabilities.
Now, all everybody needs to know : * what level of accuracy ICANN can realistcly expect from its delegates ? * what are the internet policies ICANN mentions ?
Cheers.
-- Jul Experienced freelance for years (having worked for ISP).
------------------------------
Message: 2 Date: Wed, 11 Apr 2012 16:08:11 +0200 From: Frank Gadegast<ripe-anti-spam-wg@powerweb.de> Subject: Re: [anti-abuse-wg] current business practices To: "anti-abuse-wg@ripe.net"<anti-abuse-wg@ripe.net> Message-ID:<4F85904B.8090203@powerweb.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
V
subpoena by deleting the wrong AS object from the database
;o)
Heh. ACK on the role. But I was thinking towards urging the ISP itself to take action (once you HAVE contacted them) on the abuse complaints. That's where the pressure of a lea agency can come in handy, if such a regulator is available.
Well, the only possibility would be the police. They do care here in Germany are kind of technical disadvanced :o(
There is some organizations this ISP is a member of (like the ECO), and they have also a abuse clearing board, but that one isnt really useful because it never did anything against their members ...
And why should they do something, they are not responsible for the resources ...
Kind regards, Frank
Pepijn
+++++++++++++++++++++++++++++++++++++++++++++
Disclaimer
Dit e-mailbericht kan vertrouwelijke informatie bevatten of informatie die is beschermd door een beroepsgeheim.
Indien dit bericht niet voor u is bestemd, wijzen wij u erop dat elke vorm van verspreiding, vermenigvuldiging
of ander gebruik ervan niet is toegestaan.
Indien dit bericht blijkbaar bij vergissing bij u terecht is gekomen, verzoeken wij u ons daarvan
direct op de hoogte te stellen via tel.nr 070 315 3500 of e-mail mailto:mail@opta.nl en het bericht te vernietigen.
Dit e-mailbericht is uitsluitend gecontroleerd op virussen.
OPTA aanvaardt geen enkele aansprakelijkheid voor de feitelijke inhoud en juistheid van dit bericht en er kunnen
geen rechten aan worden ontleend.
This e-mail message may contain confidential information or information protected by professional privilege.
If it is not intended for you, you should be aware that any distribution, copying or other form of use of
this message is not permitted.
If it has apparently reached you by mistake, we urge you to notify us by phone +31 70 315 3500
or e-mail mailto:mail@opta.nl and destroy the message immediately.
This e-mail message has only been checked for viruses.
The accuracy, relevance, timeliness or completeness of the information provided cannot be guaranteed.
OPTA expressly disclaims any responsibility in relation to the information in this e-mail message.
No rights can be derived from this message.
--
Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
------------------------------
Message: 3 Date: Wed, 11 Apr 2012 14:49:13 +0200 From: Chris Heinze<Chris.Heinze@consol.de> Subject: Re: [anti-abuse-wg] Introducing the RIPE NCC Report Form To: anti-abuse-wg@ripe.net Message-ID:<4F857DC9.8060905@consol.de> Content-Type: text/plain; charset=UTF-8
On 04/11/2012 02:13 PM, Brian Nisbet wrote:
ripe's core is allocation. that's what they do. your mission is your private error.
right, that sums it up nicely, thanks.
Once all of v4 space is allocated (soon now, soon), the primary job of the NCC and the other four RIRs will be keeping a good registry.
ripe's job isn't defined by and doesn't depend on whether or not v4 space is completely allocated (which it btw probably never will). keeping a good registry is as explained a service kindly provided by ripe to help - and it did that since the beginning.
regards,
Chris
------------------------------
Message: 4 Date: Wed, 11 Apr 2012 15:29:17 +0200 From: Gert Doering<gert@space.net> Subject: Re: [anti-abuse-wg] current business practices To: Suresh Ramasubramanian<ops.lists@gmail.com> Cc: shane@time-travellers.org, Brian Nisbet<brian.nisbet@heanet.ie>, anti-abuse-wg@ripe.net, Tobias Knecht<tk@abusix.com>, "Michele Neylon :: Blacknight"<michele@blacknight.ie>, Laura Cobley<laura@ripe.net>, Florian Weimer<fw@deneb.enyo.de>, Frank Gadegast <ripe-anti-spam-wg@powerweb.de>, Gert Doering<gert@space.net> Message-ID:<20120411132917.GN84425@Space.Net> Content-Type: text/plain; charset="us-ascii"
hi,
On Wed, Apr 11, 2012 at 06:50:02PM +0530, Suresh Ramasubramanian wrote:
On Wed, Apr 11, 2012 at 6:32 PM, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:
will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly).
suresh@frodo 03:54:25 :~$ telnet mamba.ripe.net smtp Trying 2001:67c:2e8:11::c100:1328... Trying 193.0.19.40... telnet: Unable to connect to remote host: Connection refused
Things seem to be RIPE for a change eh?
So, what exactly causes the assumption that mamba is supposed to be reachable from the outside, on Port 25?
$ host -t mx ripe.net ripe.net mail is handled by 250 postlady.ripe.net. ripe.net mail is handled by 200 postgirl.ripe.net.
Now, obviously, expecting anti-spammers to understand about MX records and how to read Received: lines might be asking for a bit much...
Gert Doering -- NetMaster -- have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
Michele Neylon :: Blacknight wrote:
2. There is an abuse function for well … abuse
Where?
the (not working) abuse finder tool ? the new "forms" at ripe ?
And here is where your logic breaks very badly
Not SOO badly. If RIPE NCC finally will force the LIRs to have correct abuse contacts, it means that the LIR has to take care (well he inserted the objects himself or delegated access to them to his customer), its not interesting, if the customer provides correct details at all. The LIR has to provide them, there are only objects inherited from the LIR. And if he doesnt, well, punish the LIR ... Kind regards, Frank
While all IP addresses are going to be assigned to LIRs a lot of the discussion is about IP objects and blocks - these are usually assigned to LIR's customers
RIPE can contact the LIR
The LIR can probably contact their customer
The disjoint could be in the database
BUT
Assuming like you have that an entry in the database can only relate directly to a LIR is wrong.
member can be found, it is not so strange that, after a published notice with a due time frame, a relation is terminated. Certainly in a period of scarcity in IPv4 addresses, this should be common practice. (And if it happens to concern a criminal organisation, they won't show up any way. All others will within about 2 seconds of termination.)
So if correct data is standard practice and law enforcement needs them for whatever reason, they can access this data either through Whois of through correct proceedings in the Dutch law. Like it should be. Correct data saves money in the end, for all concerned, and makes becoming a member less attractive for individuals or organisations that most of us agree don't need a place on the internet. I don't think LEAs ask for more than that, but as a RIPE member I would look at my own organisation first. LEAs need to deal with LIRs more than an RIR, I'd guess, so assist them in finding these LIRs.
Wout
From: anti-abuse-wg-request@ripe.net Subject: anti-abuse-wg Digest, Vol 8, Issue 9 To: anti-abuse-wg@ripe.net Date: Wed, 11 Apr 2012 16:13:31 +0200
Send anti-abuse-wg mailing list submissions to anti-abuse-wg@ripe.net
To subscribe or unsubscribe via the World Wide Web, visit https://www.ripe.net/mailman/listinfo/anti-abuse-wg or, via email, send a message with subject or body 'help' to anti-abuse-wg-request@ripe.net
You can reach the person managing the list at anti-abuse-wg-owner@ripe.net
When replying, please edit your Subject line so it is more specific than "Re: Contents of anti-abuse-wg digest..."
Today's Topics:
1. Re: Introducing the RIPE NCC Report Form (julien tayon) 2. Re: current business practices (Frank Gadegast) 3. Re: Introducing the RIPE NCC Report Form (Chris Heinze) 4. Re: current business practices (Gert Doering) 5. Re: current business practices (Michele Neylon :: Blacknight) 6. Re: current business practices (Suresh Ramasubramanian) 7. Re: current business practices (Frank Gadegast)
----------------------------------------------------------------------
Message: 1 Date: Wed, 11 Apr 2012 15:49:01 +0200 From: julien tayon<julien@tayon.net> Subject: Re: [anti-abuse-wg] Introducing the RIPE NCC Report Form To: Brian Nisbet<brian.nisbet@heanet.ie> Cc: anti-abuse-wg@ripe.net Message-ID: <CAFpLVkyZQb0W3iCTMuq_uK3fBysQf8gHt8sP23MLypu3P4hriw@mail.gmail.com> Content-Type: text/plain; charset=UTF-8
2012/4/11 Brian Nisbet<brian.nisbet@heanet.ie>:
Chris,
"Chris" wrote the following on 11/04/2012 11:03:
On 04/10/2012 05:18 PM, Joe St Sauver wrote:
Maintenance of the database documenting who's been allocated/assigned space is *core* to RIPE's mission.
simply wrong. ripe's core is allocation. that's what they do. your mission is your private error.
Ripe's core is at least to provide **change management** over contact on allocation of internet resources (IP, AS) so that stakeholder's can cooperate, since internet protocols relies on swift cooperation between entities. Imagine a world in which you cannot reach a LIR or RIR having wrong BGP rules ?
Furthermore, RIPE NCC is bound by its contract with ICANN in its mission of allocating resources. I think reading the actual contract might settle the topic pretty fast.
Since I don't have the contract under my eyes right now, I will make a simple reasoning based on public informations and personnal experience.
Let's stick to the common sense of database first : *Data accuracy is the most important property of a database.* Ripe NCC is entitled to manage the whois database, therefore it is in their mission to ensure DB integrity.
If it is not convincing enough, let's remember data accuracy is considered by ICANN as a **MUST DO** for delegated entities (both for gTLD and resources). Just search ICANN web sites and you'll have extended papers explaining why accuracy matters, and how this responsability is also delegated. http://www.icann.org/en/gsearch/accuracy
In a world without accurate whois contact it will be the the strongest's rule that shall prevail.
What tickles me is how can RIPE NCC bill instances they don't have the **accurate** contacts ? Are there 2 DBs one for billing (with accurate data) and another one for public access with inaccurate data ?
RIPE NCC cant choose the parts it likes in its delegated mission from ICANN. A contract is a contract and RIPE NCC is bound by its duties regarding ICANN. If ICANN states RIPE NCC MUST have accurates data, and MUST enforce internet policies I cannot see how RIPE NCC or RIPE can decide it is does not fall into their responsabilities.
Now, all everybody needs to know : * what level of accuracy ICANN can realistcly expect from its delegates ? * what are the internet policies ICANN mentions ?
Cheers.
-- Jul Experienced freelance for years (having worked for ISP).
------------------------------
Message: 2 Date: Wed, 11 Apr 2012 16:08:11 +0200 From: Frank Gadegast<ripe-anti-spam-wg@powerweb.de> Subject: Re: [anti-abuse-wg] current business practices To: "anti-abuse-wg@ripe.net"<anti-abuse-wg@ripe.net> Message-ID:<4F85904B.8090203@powerweb.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
V
subpoena by deleting the wrong AS object from the database
;o)
Heh. ACK on the role. But I was thinking towards urging the ISP itself to take action (once you HAVE contacted them) on the abuse complaints. That's where the pressure of a lea agency can come in handy, if such a regulator is available.
Well, the only possibility would be the police. They do care here in Germany are kind of technical disadvanced :o(
There is some organizations this ISP is a member of (like the ECO), and they have also a abuse clearing board, but that one isnt really useful because it never did anything against their members ...
And why should they do something, they are not responsible for the resources ...
Kind regards, Frank
Pepijn
+++++++++++++++++++++++++++++++++++++++++++++
Disclaimer
Dit e-mailbericht kan vertrouwelijke informatie bevatten of informatie die is beschermd door een beroepsgeheim.
Indien dit bericht niet voor u is bestemd, wijzen wij u erop dat elke vorm van verspreiding, vermenigvuldiging
of ander gebruik ervan niet is toegestaan.
Indien dit bericht blijkbaar bij vergissing bij u terecht is gekomen, verzoeken wij u ons daarvan
direct op de hoogte te stellen via tel.nr 070 315 3500 of e-mail mailto:mail@opta.nl en het bericht te vernietigen.
Dit e-mailbericht is uitsluitend gecontroleerd op virussen.
OPTA aanvaardt geen enkele aansprakelijkheid voor de feitelijke inhoud en juistheid van dit bericht en er kunnen
geen rechten aan worden ontleend.
This e-mail message may contain confidential information or information protected by professional privilege.
If it is not intended for you, you should be aware that any distribution, copying or other form of use of
this message is not permitted.
If it has apparently reached you by mistake, we urge you to notify us by phone +31 70 315 3500
or e-mail mailto:mail@opta.nl and destroy the message immediately.
This e-mail message has only been checked for viruses.
The accuracy, relevance, timeliness or completeness of the information provided cannot be guaranteed.
OPTA expressly disclaims any responsibility in relation to the information in this e-mail message.
No rights can be derived from this message.
--
Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
------------------------------
Message: 3 Date: Wed, 11 Apr 2012 14:49:13 +0200 From: Chris Heinze<Chris.Heinze@consol.de> Subject: Re: [anti-abuse-wg] Introducing the RIPE NCC Report Form To: anti-abuse-wg@ripe.net Message-ID:<4F857DC9.8060905@consol.de> Content-Type: text/plain; charset=UTF-8
On 04/11/2012 02:13 PM, Brian Nisbet wrote:
ripe's core is allocation. that's what they do. your mission is your private error.
right, that sums it up nicely, thanks.
Once all of v4 space is allocated (soon now, soon), the primary job of the NCC and the other four RIRs will be keeping a good registry.
ripe's job isn't defined by and doesn't depend on whether or not v4 space is completely allocated (which it btw probably never will). keeping a good registry is as explained a service kindly provided by ripe to help - and it did that since the beginning.
regards,
Chris
------------------------------
Message: 4 Date: Wed, 11 Apr 2012 15:29:17 +0200 From: Gert Doering<gert@space.net> Subject: Re: [anti-abuse-wg] current business practices To: Suresh Ramasubramanian<ops.lists@gmail.com> Cc: shane@time-travellers.org, Brian Nisbet<brian.nisbet@heanet.ie>, anti-abuse-wg@ripe.net, Tobias Knecht<tk@abusix.com>, "Michele Neylon :: Blacknight"<michele@blacknight.ie>, Laura Cobley<laura@ripe.net>, Florian Weimer<fw@deneb.enyo.de>, Frank Gadegast <ripe-anti-spam-wg@powerweb.de>, Gert Doering<gert@space.net> Message-ID:<20120411132917.GN84425@Space.Net> Content-Type: text/plain; charset="us-ascii"
hi,
On Wed, Apr 11, 2012 at 06:50:02PM +0530, Suresh Ramasubramanian wrote:
On Wed, Apr 11, 2012 at 6:32 PM, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:
will receives this could please make a telnet mamba.ripe.net 25 from some IPs he own (best would be not using his or her usual IP, if he or she likes, lets see how big that problem really is, thats why I have to mail the most active people directly).
suresh@frodo 03:54:25 :~$ telnet mamba.ripe.net smtp Trying 2001:67c:2e8:11::c100:1328... Trying 193.0.19.40... telnet: Unable to connect to remote host: Connection refused
Things seem to be RIPE for a change eh?
So, what exactly causes the assumption that mamba is supposed to be reachable from the outside, on Port 25?
$ host -t mx ripe.net ripe.net mail is handled by 250 postlady.ripe.net. ripe.net mail is handled by 200 postgirl.ripe.net.
Now, obviously, expecting anti-spammers to understand about MX records and how to read Received: lines might be asking for a bit much...
Gert Doering -- NetMaster -- have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279
icann does use this measure against registrars, not too infrequently --srs (iPad) On 11-Apr-2012, at 21:34, Frank Gadegast <ripe-anti-spam-wg@powerweb.de> wrote:
If RIPE NCC finally will force the LIRs to have correct abuse contacts, it means that the LIR has to take care (well he inserted the objects himself or delegated access to them to his customer), its not interesting, if the customer provides correct details at all. The LIR has to provide them, there are only objects inherited from the LIR.
And if he doesnt, well, punish the LIR ...
Suresh Ramasubramanian wrote:
icann does use this measure against registrars, not too infrequently
and most domain registry also do ... I would say, its common sense to validate email addresses in the database of internet resources. RIPE NCC is not doing this Is there somebody from the other RIRs on this list ? Are other RIRs validating the abuse email addresses ? Kind regards, Frank
--srs (iPad)
On 11-Apr-2012, at 21:34, Frank Gadegast<ripe-anti-spam-wg@powerweb.de> wrote:
If RIPE NCC finally will force the LIRs to have correct abuse contacts, it means that the LIR has to take care (well he inserted the objects himself or delegated access to them to his customer), its not interesting, if the customer provides correct details at all. The LIR has to provide them, there are only objects inherited from the LIR.
And if he doesnt, well, punish the LIR ...
-- Mit freundlichen Gruessen, -- MOTD: "have you enabled SSL on a website or mailbox today ?" -- PHADE Software - PowerWeb http://www.powerweb.de Inh. Dipl.-Inform. Frank Gadegast mailto:frank@powerweb.de Schinkelstrasse 17 fon: +49 33200 52920 14558 Nuthetal OT Rehbruecke, Germany fax: +49 33200 52921 ======================================================================
On Wed, Apr 11, 2012 at 05:38:11PM +0200, Wout de Natris wrote:
1. Primarily RIPE NCC needs or at least should need a proper overview of who its members are for several reasons that all have to do with internal processes like reaching out, billing and maintaining correct records, in short common business practice.
yes, but let's please not confuse this with the RIPE database. -Peter
participants (6)
-
Frank Gadegast
-
Frank Gadegast
-
Michele Neylon :: Blacknight
-
Peter Koch
-
Suresh Ramasubramanian
-
Wout de Natris