Re: Contacts wanted: OVH, DigitalOcean, and Microsoft (Deutschland)

[Eric Kuhnke <eric.kuhnke () gmail com>]

Absolutely unrelated to Ronald's original post, but it's ironic that the
abuse@ address is itself heavily "abused", by commercial copyright
enforcement companies which think it's a catch-all address for things which
are not operationally related to the health of a network (BGP hijacks,
DDoS, spam email traffic, botnet/virus/worm/trojan traffic command and
control and such).

Despite the presence of a registered DMCA agent address[1][2] for an ASN,
many companies continue to flood abuse@ with copyright notices. Ask any ISP
that operates in the English language Internet but is not physically
located in the USA (NZ, AU, CA, etc) how many USA-specific legal threats
their abuse inbox receives. Usually for something like a residential
customer torrenting a TV show.

1: https://www.copyright.gov/dmca-directory/
2: https://www.copyright.gov/rulemaking/onlinesp/NPR/faq.html




On Tue, Mar 19, 2019 at 7:50 AM Rich Kulawiec <rsk () gsp org> wrote:

> On Tue, Mar 19, 2019 at 09:23:34AM -0400, Jeff McAdams wrote:
> > We would prefer, but don't require, that you use the web form because
> that
> > is integrated into the workflow of the groups that respond to those
> > reports.
>
> Why isn't abuse@ integrated into the workflow?  It darn well should be,
> (a) given that RFC 2142 has been "on the books" for 22 years and
> (b) given that methods for handling incoming abuse (or bug, or outage,
> or other) reports via email to role accounts are numerous and reliable.
>
> To be clear: if you want to offer a web form in addition to an abuse@
> address (or a security@ address, or a postmaster@ address) that's fine.
> But web forms are a markedly inferior means of communication and are
> clearly not a substitute for well-known/standardized role addresses that
> route to the appropriate people/processes.
>
> ---rsk