Re: Abuse response [Was: RE: Yahoo Mail Update]

["Suresh Ramasubramanian" <ops.lists () gmail com>]

On Tue, Apr 15, 2008 at 11:04 AM, Paul Ferguson <fergdawg () netzero net> wrote:
>  In fact, we have done just that -- develop a standard boilerplate
>  very similar to what PIRT uses in its notification(s) to the
>  stakeholders in phishing incidents.

The boilerplate is no damned use.  PIRT - and you - should be focusing
on feedback loops, and that would practically guarantee instant
takedown, especially when the notification is sent by trusted parties.

>  Again, our success rate is somewhere in the 50% neighborhood.

With the larger providers it will get to 100% once you go the feedback
loop route.

Do ARF, do IODEF etc.  You will find it much easier for abuse desks
that care to process your reports.  You will also find it easier to
feed these into nationwide incident response / alert systems like
Australia's AISI (google it up, you will like the concept I think)

srs