[79425] in North American Network Operators' Group
Re: Spam (un)blocking
daemon@ATHENA.MIT.EDU (Hank Nussbacher)
Thu Apr 7 02:30:49 2005
Date: Thu, 07 Apr 2005 09:15:46 +0300
To: Daniel Senie <dts@senie.com>
From: Hank Nussbacher <hank@mail.iucc.ac.il>
Cc: nanog@merit.edu
In-Reply-To: <6.2.1.2.2.20050406183304.04eaa8d0@mail.amaranth.net>
Errors-To: owner-nanog@merit.edu
At 06:43 PM 06-04-05 -0400, Daniel Senie wrote:
Since the uptake on IRT has been slow, and after much internal discussion,
RIPE has decided to add an "abuse-mailbox" attribute. For further details see:
https://www.ripe.net/ripe/maillists/archives/db-wg/2005/msg00015.html
-Hank
>At 06:10 PM 4/6/2005, JP Velders wrote:
>
>
>> > Date: Wed, 6 Apr 2005 14:54:08 -0400
>> > From: Adam Jacob Muller <adam@gotlinux.us>
>> > Subject: Spam (un)blocking
>>
>> > [ ... ]
>> > Second, is there some way to mark my block of addresses is owned by
>> > responsible responsive system administrators.
>>
>>Over here in "RIPE land" so to speak, several ISP's (most notably
>>FIRST members) have put a lot of effort in getting 'IRT' objects in
>>the RipeDB.
>>
>>$ whois -h whois.ripe.net -r 194.171.31.0 | egrep
>>'^(inetnum|remarks|mnt-irt):'
>>inetnum: 194.171.31.0 - 194.171.31.255
>>remarks: utilized by 802.1x authenticated guests utilizing EduRoam
>>remarks: see http://www.eduroam.nl/ for more information
>>remarks: in case of abuse: abuse@cwi.nl and cert@surfnet.nl
>>mnt-irt: irt-SURFnet-CERT
>
>And this is MUCH appreciated. When trying to figure out where to send spam
>complaints, a network that's taken the time to put their abuse address in
>their records certainly appears to at least care, and so gets better treatment.
>
>>That IRT object (I believe there were efforts underway for a similar
>>system in the ARINdb, but I haven't followed it for over a year :( )
>>is an object to identify the "Incident Response Team" which can be
>>contacted regarding certain blocks of space.
>>
>>$ whois -h whois.ripe.net -r irt-SURFnet-CERT | egrep
>>'^(irt|signature|encryption|remarks|mnt-by):'
>>irt: irt-SURFNET-CERT
>>signature: PGPKEY-A6D57ECE
>>encryption: PGPKEY-A6D57ECE
>>remarks: SURFNET-CERT is the Computer Emergency
>>remarks: Response Team of SURFnet
>>remarks: This is a TI accredited CSIRT
>>remarks: (see http://www.ti.terena.nl/teams/level2.html)
>>mnt-by: TRUSTED-INTRODUCER-MNT
>>
>>More information can be found in Google, or on the FAQ by Jan Meijer:
>>http://www.surfnetters.nl/meijer/tf-csirt/irt-object-faq.html
>>
>> > We have tech support on duty 24/7 and abuse complaints are dealt
>> > with in a timely manner, so I am wondering if there is a way to
>> > communicate our willingness to help in the fight against spam.
>>
>>Replace spam with abuse and you have something like the IRT object. ;D
>>
>>No doubt someone on NANOG knows what's happening with the ARIN version ;)
>>(or if there will be one, if people want it, etc.)
>
>SWIPs can hold abuse contact info. Again, this is a good thing for folks
>to do.
>
>
>+++++++++++++++++++++++++++++++++++++++++++
>This Mail Was Scanned By Mail-seCure System
>at the Tel-Aviv University CC.
