I agree ARIN should not be the Internet police. Civil law handles these things in the US.
From: "Scott Leibrand" <[email protected]> To: "Shawn Bakhtiar" <[email protected]> Cc: "arin-ppml" <[email protected]> Sent: Thursday, August 28, 2025 7:14:18 PM Subject: Re: [arin-ppml] Policy Proposal 2003-1: Required Performance of Abuse Contact Just block them, as Matt suggested. Or sue them, if they're harming your business in some meaningful way that can't be trivially handled by blocking their abusive subnets. Or contact law enforcement if there's actual criminal trespass or some other law being broken. ARIN is not set up to be the Internet police, and I would oppose any efforts to make it try to play that role. As Matt eloquently elucidated, any requirements ARIN could enforce would likely make things worse for everyone holding ARIN IP addresses for very little tangible social benefit. -Scott On Thu, Aug 28, 2025 at 4:57 PM Shawn Bakhtiar < [ mailto:[email protected] | [email protected] ] > wrote: Thank You Bill! I really appreciate the input, and these are all great suggestions. I will certainly do my homework and reach out again to the group with more specific questions on the topic. As I said in my email to Alison, AWS (of all people), auto responds to any email sent to the abuse email on record for a given IP segment. It includes a ticket number, and without me having to follow up (usually a few days later) an email back often having remediated the issue, or in the rare instances where the they did not remedy the issue, explaining why the behavior is not abuse or a violation of their policies. Digital Ocean does the same thing (without a ticket number). So do several midsize providers. Hit and miss with anything smaller than a /24. Microsoft (where the preponderance of abusive behaviors come from) and Google. Do nothing. Literally nothing. I have OSSEC notification logs in which a single IP address with a Microsoft abuse POC, continues to scan different customer's networks, looking for Wordpress vulnerabilities, and has done so for over a month, without any remediation. The aforementioned policy is a common sense one already being (voluntarily) done by a good number of the providers out there. I am very curious as to what objections anyone could have to it, and how we can address those concerns so we can put what seems like a very common sense policy into place. We need to bring accountability back to the internet. Again, thank you for the guidance, I look forward to any and all questions, comments, and or concerns. > On Aug 28, 2025, at 3:24 AM, William Herrin < [ mailto:[email protected] | > [email protected] ] > wrote: > > On Wed, Aug 27, 2025 at 11:45 AM Shawn Bakhtiar < [ > mailto:[email protected] | [email protected] ] > wrote: >> I would like to re-introduce the following Policy Proposal from 2003 to hold >> abuse POCs accountable. >> [ https://www.arin.net/vault/participate/policy/drafts/2003/2003_1/ | >> https://www.arin.net/vault/participate/policy/drafts/2003/2003_1/ ] > >>> Changes to ARIN’s policies may be made via submission of a policy proposal >>> via ARIN’s Policy Devcelopment Process - more details available here >>> - [ https://www.arin.net/participate/policy/pdp/ | >>> https://www.arin.net/participate/policy/pdp/ ] > > Hi Shawn, > > I note that the practical question of "how do I submit a policy > proposal" is not answered in > [ https://www.arin.net/participate/policy/pdp/ | > https://www.arin.net/participate/policy/pdp/ ] , or if it is, it's buried > so deeply I can't find it. > > What you probably want is the policy proposal template, which you can > find here: [ https://www.arin.net/participate/policy/pdp/appendix_b/ | > https://www.arin.net/participate/policy/pdp/appendix_b/ ] > > You can also discuss policy changes here on the mailing list without > making a formal proposal. That would enable you to gather information > which could inform a formal proposal. > > I recommend you sift through the mailing list archives at > [ https://lists.arin.net/pipermail/arin-ppml/ | > https://lists.arin.net/pipermail/arin-ppml/ ] and read the original > discussions around proposal 2003-1. This can help you understand what > defects in that proposal led to it failing to reach consensus. > > Finally, I note that there have been other off and on discussions > about the published POCs and their utility. It might be worth digging > into them as well. Try a Google search such as, "site: [ > http://lists.arin.net/ | lists.arin.net ] > abuse poc" > > Regards, > Bill Herrin > > > > -- > William Herrin > [ mailto:[email protected] | [email protected] ] > [ https://bill.herrin.us/ | https://bill.herrin.us/ ] _______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ( [ mailto:[email protected] | [email protected] ] ). Unsubscribe or manage your mailing list subscription at: [ https://lists.arin.net/mailman/listinfo/arin-ppml | https://lists.arin.net/mailman/listinfo/arin-ppml ] Please contact [ mailto:[email protected] | [email protected] ] if you experience any issues. _______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
_______________________________________________ ARIN-PPML You are receiving this message because you are subscribed to the ARIN Public Policy Mailing List ([email protected]). Unsubscribe or manage your mailing list subscription at: https://lists.arin.net/mailman/listinfo/arin-ppml Please contact [email protected] if you experience any issues.
