On 2022-01-17 8:40 a.m., Scott Mutter via mailop wrote:
At the same time, I understand why Mailops preaches that they send abuse reports to the owner of the IP address - which, again, may be several company levels up from the individual that actually has root to the server and can take more immediate action against the abuse. I'm not really going to cry foul that Microsoft, Gmail, Yahoo, all the other big name mail services aren't actually sending the abuse reports to the administrators of the servers that matter. Ideally, sure, the reports would go to the IP owner and that would filter down to the root administrator of the server. That doesn't happen very often - if ever. Perhaps this is something these IP owners (i.e. vultr.com <http://vultr.com>, Linode, etc) need to address. Perhaps these IP owners need to require it so that when a customer signs up for their services, they have to provide an email address to forward feedback loop messages to for their assigned IP?
There is already a mechanism for this called 'rwhois'. Operating an 'rwhois' server is simple and easy, and when customers sign-up, they should understand that the presentation of this information is required for service, and that they consent.. (to satisfy GDPR ;) ...
It can easily be automated, and then contact information for the actual operator can be found. This helps the hosting provider, their customer, and the general public.
Let's not make it complicated, or try to re-invent the wheel. Accurate IP whois is part of the foundation of the internet. And connectivity between networks is a privilege not a right.
So, instead of blocking Linode/Microsoft/GCloud or whomever seems to have a lot of bad guys on it at a particular moment, we can block or report to the individual operator.
Of course, there are those hosting companies (Multicom) that haven't had a working rwhois server for years, and dispite ARIN and other complainers haven't fixed it..
And if a hoster allows 'fake' information in their 'rwhois' records, or has a pattern of not addressing bad actors, or keeps renting out IP space to new bad guys, THEN you can can start tagging/flagging/reporting the hosting company as a whole.
-- "Catch the Magic of Linux..." ------------------------------------------------------------------------ Michael Peddemors, President/CEO LinuxMagic Inc. Visit us at http://www.linuxmagic.com @linuxmagic A Wizard IT Company - For More Info http://www.wizard.ca "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd. ------------------------------------------------------------------------ 604-682-0300 Beautiful British Columbia, Canada This email and any electronic data contained are confidential and intended solely for the use of the individual or entity to which they are addressed. Please note that any views or opinions presented in this email are solely those of the author and are not intended to represent those of the company. _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
