Hallam-Baker, Phillip wrote:
Thanks for the pointer, it may not be exactly what I am after, I
will look further.
I believe that RFC 1183 defines an RP RR for a similar
purpose. But in
most cases it is already known who the owner of the network is either
via abuse.net or WHOIS information for the IP addresses. When spam is
reported, most of the time it is reported to the right
responsible party.
The issue came up in the context of phishing at a meeting attending
by leading banks. It can take a substantial length of time to get
a site taken down even with the full assistance of the FBI etc.
Some of these issues are jurisdictional, but others are pure
communication issues.
The communication issues is one area where common standards would help
and this is why we are looking into such standards for abuse reporting
including multiple ways to communicate and lookup such data.
Nevertheless, standards for abuse reporting including possible DNS
implications would be very useful assuming that the ISPs will take
action on it and actually do something. That has not always
been the case.
I think what has to happen here is to give people a real value
prpoposition. people are now very concerned about the problem
of having hijacked machines on their networks. I don't think those
were at all common back in 1990.
I agree. The question is what kind of value proposition can we give
them? Simply blocking them might be a crude weapon.
Yakov
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg