Amazon, you really should know better.
Source ip: 54.240.4.4
Source Registry ARIN
Kind Group
Full Name Amazon SES Abuse
Handle ASA152-ARIN
Email email-abuse@amazon.com
RCPT To:<email-abuse@amazon.com>
<<< 550 #5.1.0 Address rejected.
550 5.1.1 <email-abuse@amazon.com>... User unknown
DATA
<<< 503 #5.5.1 RCPT first
Jul 29 09:47:27 yuri sendmail[14067]: x6TGlQe4014062: to=<email-abuse@amazon.com>, ctladdr=<goemon@sasami.anime.net> (500/500), delay=00:00:01, xdelay=00:00:01, mailer=esmtp92, relay=amazon-smtp.amazon.com. [207.171.188.4], dsn=5.1.1, stat=User unknown
Dan,
I don’t really have the time to parse the debug output you sent. If you want me, or most others, to pay attention to your post, please provide a more detailed explanation of what the deal is than “Really, amazon?”
-mel
Really??? You cant parse “User unknown”...
Dan is simply pointed out how ridiculous it is that amazon lists a non-existent email address with Arin for abuse.
So yeah... really amazon?
"User unknown" is pretty clear.
But whatever.
-Dan
Then update your ARIN records to reflect that. Fully agree with Dan on this one.
Imagine ARIN did a take from RIPE NCC [Policy Proposal Idea?] and a
policy came into effect of validating ALL 'OrgAbuseEmail' objects listed
in the ARIN database. And revoked the resources from those that failed
to respond after multiple attempts.
Christoffer Hansen wrote:
I thought it was already a requirement that the POC info had to be validated once a year and accurate?
... :wondering: Works fine for me. If sending from $CORP e-mail account
hosted on O365 infrastructure.
Christoffer
Even if it existed it would just be an autoresponder telling you that your email wasn't read and to go resubmit the report on their website.
Maybe they should change it to noreply@amazon.com.
Rob
Both yes and now. See below:*
"""
We are sorry to hear that you received unwanted email through Amazon SES.
Please note, this reporting address is only for mail sent via Amazon SES
(emails originated from 54.240.0.0/18). If you have a complaint about
other AWS abuse (e.g. EC2), please submit your complaint here:
https://aws.amazon.com/forms/report-abuse
If you did not provide the following information, please contact
email-abuse@amazon.com again with:
1. The full headers of the objectionable email message. For examples of
how to find email headers, see
https://support.google.com/mail/answer/22454?hl=en .
2. The type of abuse you are experiencing. For example, you didn't sign
up to receive emails from the sender, the sender doesn’t have an opt-out
option, etc.
Thank you for the report!
Sincerely,
The Amazon SES Team
"""
*) The contents I got back after firing Test E-mail from $CORP email
account on O365 infrastructure.
Christoffer
Because at the times of USENIX the very next reply to such a message
would've been "what are the steps to reproduce your problem".
Scott -
Alas, you have a fundamental misunderstanding about the nature of ARIN… we don’t do anything other than implement policies that this community wants. If the community developed a policy to require Abuse POC’s validation, and said policy made clear that failure to do so was to result in revocation, then ARIN would indeed implement the policy (and that includes revocation for those who ignored the policy.)
This is actually exactly the way the US Government asked us to operate in 1997 - "Creation of ARIN will give the users of IP numbers (mostly Internet service providers, corporations and other large institutions) a voice in the policies by which they are managed and allocated within the North American region.” <https://www.nsf.gov/news/news_summ.jsp?cntn_id=102819>. Further, this support was reiterated by the USG recently in 2012 - "The American Registry for Internet Numbers (ARIN) is the RIR for Canada, many Caribbean and North Atlantic islands, and the United States. The USG participates in the development of and is supportive of the policies, processes, and procedures agreed upon by the Internet technical community through ARIN.” <https://www.ntia.doc.gov/blog/2012/united-states-government-s-internet-protocol-numbering-principles>
We’ve see the lawyer route as well, and I have zero doubt in both the enforceability of the ARIN registration services agreements and ARIN’s ability to operate the registry according to the community policy.
So, my advice is that this community not make policy that it doesn’t want to see implemented (and if you have interest or concern about ARIN policies, then I’d recommend get involved in their development – https://www.arin.net/get-involved/)
i.e. the good news is that this community gets to decide how IP addresses are managed in the region (as opposed to some federal agency) – the consequence is that we really do manage the registry as directed by this community, so please try to avoid self-immolation if at all possible…
Thanks!
/John
John Curran
President and CEO
American Registry for Internet Numbers
Just to be precise, such a policy (2019-04) is still in a discussion
phase in RIPE and has already seen significant resistance.
You can, however, point fingers at APNIC instead, where pretty much
the same policy proposal from the same authors (prop-125) was already
implemented in apnic-127-v006 "Internet Number Resource Policies".
I think they will be planning to reach out to ARIN with the same text
right after the RIPE process ends this way or another.
Yup; I think that was most of his point:
POC Email addresses MUST be whitelisted ahead of/through every protection
device/software you deploy on incoming mail.
Cheers,
-- jra
OK, I'll bite. What reasons are they giving for their resistance? (And if known,
what are the *real* reasons if different?)
OK, I'll bite. What reasons are they giving for their resistance? (And
if known,
what are the *real* reasons if different?)
https://www.ripe.net/ripe/mail/archives/ncc-services-wg/2018-October/thread.html
Here's a good place to start: https://ripe78.ripe.net/archives/steno/37/
^F, "You're done", enjoy!