The communication issues is one area where common standards
would help
and this is why we are looking into such standards for abuse
reporting
including multiple ways to communicate and lookup such data.
The reporting issues need not be spam related
DDoS is a big enough issue here to justify a notification mechanism.
If there is a hijacked machine on the net then the ISP resonsible needs
to know ASAP.
I agree. The question is what kind of value proposition can we give
them? Simply blocking them might be a crude weapon.
"A machine on your network may be causing grief in my network,
please fix"
"You are being impersonated by spam from this address"
Value to notifier
* May cause attack to stop
* Can hold source accountable
Value to receiver
* Public interest
* Avoid more intrusive contact attempts
* Reduce value of capturing machines on the receiver's network
* Deter attacks
* Shut down attacks faster
* Reduce liabilities
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg