Re: [anti-spam-wg] Non-cooperation of RIPE ISP in investigating report of email abuse (spam)

  • From: peter h peter@localhost
  • Date: Sun, 13 Jan 2008 12:28:06 +0100

On Sunday 13 January 2008 11.02, John Draper wrote:
> der Mouse wrote:
> >> That aside, however, currently there is no policy or procedures for
> >> RIPE to follow up on incorrect contact information in the database.
> >> [...]
> >> In addition while RIPE has produced a number of documents [...]
> >> neither the NCC nor this WG are empowered to act to stop an ISP or
> >> their customers from [emitting abuse].
> >>     
> >
> > And there you have in a nutshell the reason why the net is so
> > abuse-ridden - RIPE should hever have had even so much as one address
> > assigned for them to delegate as long as either of those is true.
> >
> > Authority without responsibility.  Bad news wherever it's found.
> >
> > RIPE's authority needs to be revoked (their allocations yanked) until
> > they accept responsibility concomitant with it.  Of course, that won't
> > happen - and, as a result, we'll see abuse from RIPE space continue to
> > escalate.
> >
> >   
> >> So, in short, we are not the right people to whom to report this
> >> issue.
> >>     
> >
> > You are *exactly* the right people to report it to.  That you are
> > determined to wash your hands of the responsibility that goes with your
> > authority is in large part why RIPE space is so abuse-ridden; that
> > ICANN and the IANA are letting you get away with it is why it has
> > continued that way for so long (and, because they do the same nothing
> > with other RIRs, why the rest of the world has similar problems).
> >
> > /~\ The ASCII				der Mouse
> > \ / Ribbon Campaign
> >  X  Against HTML	       mouse@localhost
> > / \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
> >
> >
> >   
> I totally agree - when I was running SpamCrunchers,  I very aggressively 
> went after RIPE, APNIC and bitterly complained about some of their 
> database updating policies.  Eventually,  after really hitting them hard 
> with "Bogus Whois" complaints,  I started to get SOME action,  but that 
> was back in 2004.   No telling HOW irresponsible they are now,  and it 
> almost gives me the impression they RIPE and others, are on the take and 
> helping spammers.
> 
> Upstream providers can also help identify the spammers if one comes 
> across a BOGUS WHOIS.   I have UNIX Daemons that automatically deal with 
> BOGUS WHOIS complaining,  as it automatically checks every 3 weeks,  
> after a 3rd time,  it automatically sends another BOGUS WHOIS 
> complaint... then sends one to the upstream provider.
> 
> I definately agree that RIPE,  ARIN, and other IP Block assignment 
> agencies HAVE to take a good part of the responsibility for making it 
> very difficult to track down hostile traffic.
> 
> WHOIS queries were designed to allow security folks to track down 
> network problems of all sorts,  and they (RIPE,  ARIN) have the 
> responsibiity to keep their data updated.  So they should be part of the 
> solution instead of being part of the problem.
> 
> John
> 
> 
Even if RIPE pulled these netranges from spammers, how can advertized BGP-rotes
be enforced ? I was under the impression that routing at BGP-level
is a more or less "gentlemens aggreement(and subject to arbitrary 
route injections from time to time)

Pulling the ranges without authority to enforce the redrawal ia a moot.

-- 
        Peter Håkanson   

        There's never money to do it right, but always money to do it
        again ... and again ... and again ... and again.
        ( Det är billigare att göra rätt. Det är dyrt att laga fel. )