[arin-ppml] Policy Proposal 2003-1: Required Performance of Abuse Contact
Shawn Bakhtiar
shashaness at gmail.com
Thu Aug 28 19:57:09 EDT 2025
Thank You Bill!
I really appreciate the input, and these are all great suggestions. I will certainly do my homework and reach out again to the group with more specific questions on the topic.
As I said in my email to Alison,
AWS (of all people), auto responds to any email sent to the abuse email on record for a given IP segment. It includes a ticket number, and without me having to follow up (usually a few days later) an email back often having remediated the issue, or in the rare instances where the they did not remedy the issue, explaining why the behavior is not abuse or a violation of their policies.
Digital Ocean does the same thing (without a ticket number). So do several midsize providers. Hit and miss with anything smaller than a /24.
Microsoft (where the preponderance of abusive behaviors come from) and Google. Do nothing. Literally nothing. I have OSSEC notification logs in which a single IP address with a Microsoft abuse POC, continues to scan different customer's networks, looking for Wordpress vulnerabilities, and has done so for over a month, without any remediation.
The aforementioned policy is a common sense one already being (voluntarily) done by a good number of the providers out there. I am very curious as to what objections anyone could have to it, and how we can address those concerns so we can put what seems like a very common sense policy into place. We need to bring accountability back to the internet.
Again, thank you for the guidance, I look forward to any and all questions, comments, and or concerns.
> On Aug 28, 2025, at 3:24 AM, William Herrin <bill at herrin.us> wrote:
>
> On Wed, Aug 27, 2025 at 11:45 AM Shawn Bakhtiar <shashaness at gmail.com> wrote:
>> I would like to re-introduce the following Policy Proposal from 2003 to hold abuse POCs accountable.
>> https://www.arin.net/vault/participate/policy/drafts/2003/2003_1/
>
>>> Changes to ARIN’s policies may be made via submission of a policy proposal
>>> via ARIN’s Policy Devcelopment Process - more details available here
>>> - https://www.arin.net/participate/policy/pdp/
>
> Hi Shawn,
>
> I note that the practical question of "how do I submit a policy
> proposal" is not answered in
> https://www.arin.net/participate/policy/pdp/, or if it is, it's buried
> so deeply I can't find it.
>
> What you probably want is the policy proposal template, which you can
> find here: https://www.arin.net/participate/policy/pdp/appendix_b/
>
> You can also discuss policy changes here on the mailing list without
> making a formal proposal. That would enable you to gather information
> which could inform a formal proposal.
>
> I recommend you sift through the mailing list archives at
> https://lists.arin.net/pipermail/arin-ppml/ and read the original
> discussions around proposal 2003-1. This can help you understand what
> defects in that proposal led to it failing to reach consensus.
>
> Finally, I note that there have been other off and on discussions
> about the published POCs and their utility. It might be worth digging
> into them as well. Try a Google search such as, "site:lists.arin.net
> abuse poc"
>
> Regards,
> Bill Herrin
>
>
>
> --
> William Herrin
> bill at herrin.us
> https://bill.herrin.us/
More information about the ARIN-PPML
mailing list