nanog mailing list archives
RE: Abuse response
From: <michael.dillon () bt com>
Date: Tue, 15 Apr 2008 14:01:26 +0100
- Automation is far less important than clue. Attempting to compensate for lack of a sufficient number of sufficiently- intelligent, experienced, diligent staff with automation is a known-losing strategy, as anyone who has ever dealt with an IVR system knows.
Given that most of us use routers instead of pigeons to transport our packets, I would suggest that railing against automation is a lost cause here.
- Poorly-desigged and poorly-run operations markedly increase the workload for their own abuse desks.
This sounds like a blanket condemnation of the majority of ISPs in today's Internet.
- A nominally competent abuse desk handles reports quickly and efficiently. A good abuse desk DOES NOT NEED all those reports because it already knows. (For example, large email providers should have large numbers of spamtraps scattered all over the 'net and should be using simple methods to correlate what arrives at them to provide themselves with an early "heads up". This won't catch everything, of course, but it doesn't have to.)
Why is it that spamtraps are not mentioned at all in MAAWG's best practices documents except the one for senders, i.e. mailing list operators? Note that if an ISP does have a network of spamtraps, then they have an automated reporting system, which you denounced in your first point. I agree that simply automating things will not make anything better, but intelligent automation is good for you and me and the ISP who implements it. An intelligent automation system could identify a spam source and immediately block the port 25 traffic until it can be investigated by a human being. --Michael Dillon
Current thread:
- Re: Abuse response [Was: RE: Yahoo Mail Update], (continued)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Chris Boyd (Apr 15)
- RE: Abuse response [Was: RE: Yahoo Mail Update] michael.dillon (Apr 16)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Rich Kulawiec (Apr 16)
- RE: Abuse response [Was: RE: Yahoo Mail Update] Frank Bulk (Apr 16)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Valdis . Kletnieks (Apr 16)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Chris Boyd (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Paul Ferguson (Apr 14)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Paul Ferguson (Apr 14)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Suresh Ramasubramanian (Apr 14)
- RE: Abuse response michael.dillon (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Rich Kulawiec (Apr 15)
- RE: Abuse response michael.dillon (Apr 15)
- Re: Abuse response Rich Kulawiec (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] William Herrin (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Marshall Eubanks (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] William Herrin (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Marshall Eubanks (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] William Herrin (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Rich Kulawiec (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Steve Atkins (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] William Herrin (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Steve Atkins (Apr 15)
- Re: Abuse response [Was: RE: Yahoo Mail Update] Suresh Ramasubramanian (Apr 14)