Re: [anti-spam-wg] Non-cooperation of RIPE ISP in investigating report of email abuse (spam)
To: der Mouse mouse@localhost
From: John Draper lists@localhost
Date: Sun, 13 Jan 2008 02:02:17 -0800
der Mouse wrote:
I totally agree - when I was running SpamCrunchers, I very aggressively
went after RIPE, APNIC and bitterly complained about some of their
database updating policies. Eventually, after really hitting them hard
with "Bogus Whois" complaints, I started to get SOME action, but that
was back in 2004. No telling HOW irresponsible they are now, and it
almost gives me the impression they RIPE and others, are on the take and
That aside, however, currently there is no policy or procedures for
RIPE to follow up on incorrect contact information in the database.
In addition while RIPE has produced a number of documents [...]
neither the NCC nor this WG are empowered to act to stop an ISP or
their customers from [emitting abuse].
And there you have in a nutshell the reason why the net is so
abuse-ridden - RIPE should hever have had even so much as one address
assigned for them to delegate as long as either of those is true.
Authority without responsibility. Bad news wherever it's found.
RIPE's authority needs to be revoked (their allocations yanked) until
they accept responsibility concomitant with it. Of course, that won't
happen - and, as a result, we'll see abuse from RIPE space continue to
So, in short, we are not the right people to whom to report this
You are *exactly* the right people to report it to. That you are
determined to wash your hands of the responsibility that goes with your
authority is in large part why RIPE space is so abuse-ridden; that
ICANN and the IANA are letting you get away with it is why it has
continued that way for so long (and, because they do the same nothing
with other RIRs, why the rest of the world has similar problems).
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse@localhost
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
Upstream providers can also help identify the spammers if one comes
across a BOGUS WHOIS. I have UNIX Daemons that automatically deal with
BOGUS WHOIS complaining, as it automatically checks every 3 weeks,
after a 3rd time, it automatically sends another BOGUS WHOIS
complaint... then sends one to the upstream provider.
I definately agree that RIPE, ARIN, and other IP Block assignment
agencies HAVE to take a good part of the responsibility for making it
very difficult to track down hostile traffic.
WHOIS queries were designed to allow security folks to track down
network problems of all sorts, and they (RIPE, ARIN) have the
responsibiity to keep their data updated. So they should be part of the
solution instead of being part of the problem.