On Mon, September 28, 2020 5:04 pm, Matt Corallo wrote:
Hi all,
I run a few relatively-small exit nodes, and still get a decent flow of
the usual Fail2Ban, blocklist.de, and such
garbage to abuse PoCs. I tend to proactively find appropriate abuse/noc
contacts to provide a response informing them of
how they can appropriately block all Tor exits from their SSH ports if
they wish, but often get either no or indignant
responses about how sending a stream of garbage abuse reports is a useful
service to the internet (nevermind that most
large providers don't bother handling abuse reports anymore because of
exactly this behavior). After a reply or two I
usually add senders to a blocklist and bounce them at the mailserver with
a notice about spam not being useful.
Is there any interest in building up a shared blocklist of senders who
feel its their right to send Fail2Ban emails in
non-machine-parsable formats and not bother handling replies to their
emails they expect others to handle, or does
anyone already have such a list?
I believe you should bring this question to the mailops and/or SDLU
mailing lists. It's contentious to start blocking people who are trying to
do the right thing or who have even built collective services (sourced
from more than just one operator) around doing so, but your experience is
an important one to take into consideration. Certainly the abuse of abuse
desks is something that larger organizations know all too well and overall
it actually decreases the effectiveness of fighting spam and other abuse.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays