[feedback-report] ARF spec oversights
christopher at pobox.com
Wed May 24 21:59:50 PDT 2006
Hi Mike & J.D.,
I guess I didn't make my point clear enough. Unless your "standard"
produces something that me, as an ISP abuse-desk manager, can actually
*use* and RELY upon, there's no point having any standard at all.
As it stands - what's in your standard is no use to me. I cannot
authorize action against my customers without confirmed, verified,
substantiated, authenticated reports with evidence. It is NOT my
problem how some other ISP designs their GUI to facility abuse
reporting - but if they want me to take action based on their reports,
I refuse to do so if they don't bother to put the effort in to prevent
mistaken reports, and give me what I need to protect my customers
against malicious ones.
Don't take my word for it - phone up your own ISP and ask their abuse
desk what they do with AOL "TOS" complaints. You will find that we
all ignore them, even ARF compliant ones, because 90%+ are mistaken
reports, and we either do not have the time to read mounds of AOL
users personal emails looking for individual ones that might be spam,
or, we take an ethical position that it's not right that we *should*
be reading AOL users personal emails.
If you improve your standard by incorporating my suggestions, that's
the pressure that ISPs need to improve their GUIs to comply with your
standard, which is all I need an an abuse-desk manager to properly and
immediately act on genuine abuse complaints. Win. Win. Win.
More information about the abuse-feedback-report