Anti-Abuse Working Group Minutes

Wednesday, 28 October 2008, 13:30 - JW Marriott Hotel, Dubai, UAE
Chair: Brian Nisbet
Scribe: Fergal Cunningham
Jabber: Jos Boumans

A. Administrative Matters

The working group (WG) Chair, Brian Nisbet, welcomed the attendees and explained that the WG Co-Chair, Richard Cox, was unable to attend. He mentioned that Richard hopes to attend the WG session at RIPE 58. He pointed out that this was the first session of the Anti-Abuse WG since its change from the Anti-Spam WG.

The minutes from RIPE 56 were approved with no comments and there were no updates to the current agenda.

Brian extended his thanks to the RIPE NCC for its help with setting up the Anti-Abuse WG.

Brian went through the charter for the new Anti-Abuse WG and explained the differences between it and the previous Anti-Spam WG charter.

The new charter can be viewed on the Anti-Abuse WG pages at:
http://www.ripe.net/ripe/wg/anti-abuse/index.html

Brian said that spam is a symptom of bigger problems so the charter allows the formation of the Anti-Abuse WG. He noted that there is a list in the charter of some obvious abuse types, with point five being the most obvious - all systems and mechanisms, technical and non-technical used to create, control and make money from such abuse.

He explained that there is no set process to add new items to the list but this should be easy to do so through the WG mailing list. He added the important caveat that the WG does not view areas such as cyber-squatting or hosting illegal content as being part of its remit.

Brian added that all subscribers to the Anti-Spam WG mailing list had been added to the Anti-Abuse WG mailing list so that the WG has not lost anybody.

He emphasised that this mailing list is not the email address to use to report abuse or spam. It is not the Anti-Abuse WG’s job to contact Internet Service Providers (ISPs) about these issues.

He concluded this section by noting that presentations are planned for RIPE 58.

B. Updates

B1. Developments in Anti-Abuse

Brian noted that HEANET supplies broadband to schools in Ireland. Content filtering is almost line rate on the gigabit interfaces that are being plugged into it. It can handle the 500 or 600 MB going through it.

B2. Legislation

There were no updates.

B3. Products

There were no updates.

B4. Recent List Discussion

Most discussion on the mailing list has been about the new charter for the Anti-Abuse WG formation.

C. Technical Measures

C1. Sender Verification

There were no updates.

C2. Filtering

There were no updates.

C3 Source Identification

There were no updates.

C4 Others

There were no updates.

D. Interactions

D1. Working Groups

The Chair noted that there had been discussion on contact details in the RIPE Database. There is currently no policy stating that people have to have correct details and because of this people have suffered abuse. People have asked about change. The Anti-Abuse WG is not planning this change process, which might be something for the Database WG, but the Anti-Abuse WG will have input.

A representative from the Serious Organised Crime Agency (SOCA) in the UK pointed out that there was a bill in the US on anti-phishing that would make it illegal to register incorrect WHOIS data.

Brian said it would be very interesting to see what effect this will have on the Regional Internet Registry (RIR) Databases. He noted that there would be discussion with the Cooperation WG on this and that the chairs of the Anti-Abuse and Database WGs are not going to write a policy proposal. This is something that might require community support and will come up again. There is currently not a lot of interaction so far because the Anti-Abuse WG is new, but the chairs hope to talk very
soon with other groups to see what people are doing with regard to points D2-D5, below.

D2. Other ISPs

There was a comment that there was currently a spam initiative from Microsoft and some ISPs to bring those who are spamming to court. They are also making a database of spammers. There is also a German initiative to create a “white list” because people sometimes want advertising and this allows companies to send advertising and not have it considered as spam.

Brian said that he had seen initiatives like this and hopefully it will reduce instances of phishing. He added that the challenge is that people are quick to report spam and this affects genuine advertisers. He noted that the WG would be interested in more information because this is the type of thing the WG wants to hear about. It is also the sort of subject matter the WG would like for presentations at future RIPE Meetings.

D3. Anti-Abuse Groups

No update.

D4. RIRs

There were no updates.

D5. IETF

There were no updates.

E. Documents

E1. Updates to ripe-409
Brian asked people to look at the RIPE Document ripe-409, “Good Practice in Minimising E-mail Abuse” and asked for any
updates. He noted that there might be things missing that need to be added. He will send the request to the mailing list. The WG will then look at creating new draft documents.

E2. Creation of New Documentation

The Chair noted that the ripe-409 document could be a core document for the WG on protecting networks through technical and non-technical measures. He asked if people had suggestions for white papers for law enforcement or any priorities that people would like to mention. There were no comments.

Z. A.O.B.

Brian asked if there were any further comments. There were none.

He said that the new WG would require guidance and assistance on what people want the WG to do. He will look at targeting people to speak at RIPE 58.

Brian concluded the session by thanking the attendees and reiterating that people should look at the Anti-Abuse WG Charter and contribute to discussions on the mailing list in the build-up to RIPE 58.