[143151] in North American Network Operators' Group
Re: [BULK] Re: SORBS contact
daemon@ATHENA.MIT.EDU (Michelle Sullivan)
Sat Jul 30 23:21:19 2011
Date: Sun, 31 Jul 2011 05:20:34 +0200
From: Michelle Sullivan <matthew@sorbs.net>
In-reply-to: <CAAAwwbWBSzqcQEhKuNPopDYHEZz_VdV7TbRzs5Nw0evNbV3_6Q@mail.gmail.com>
To: Jimmy Hess <mysidia@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Jimmy Hess wrote:
> On Sat, Jul 30, 2011 at 7:57 AM, Michelle Sullivan <matthew@sorbs.net
> <mailto:matthew@sorbs.net>> wrote:
>
> Rich Kulawiec wrote:
> > On Sat, Jul 30, 2011 at 01:45:52AM -0400, Dan Collins wrote:
> [snip]
>
> later in the document, Webmaster@ is not in the required list.
> As per
> my previous email, the webservers (all of them) report another email
>
> [snip]
>
>
> I wouldn't fault SORBS for not supporting optional addresses such as
> webmaster@.
> I would fault SORBS for automatically listing someone e-mailing
> webmaster@ though,
> as implied above. Whether the actual RFC existed or not.
>
> It's probably true that all the standard addresses are likely to be
> subject to abuse. info@ sure is.
>
> However, they should not be listed without at least analyzing the
> content of the actual message.
> To decide if it is in fact abuse, OR if it's just a human failure,
> somebody attempting to contact
> an admin address/service that does not exist.
>
> There mere act of attempting to contact multiple standard addresses
> alone, is certainly
> not proof of abuse.
A valid and well put argument. I don't know what we do with stuff to
webmaster@ however I do know that it is possible that messages to it
will go into the spamtrap system. (the spamtrap system has multiple
entry points, and a mail going in does not guarentee a listing, but it
is likely, especially if the message is repeated to multiple addresses
and therefore is 'bulk'.)
Michelle
--
Vulnerabilities are weaknesses associated with an organisations assets that maybe exploited by a threat causing unwanted incidents.
http://www.mhix.org/
