North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Best practices for [email protected] mailbox and network abuse complaint handling?
While 99.99% of our [email protected] mail is either spam or complaints about spoofed spam forging our domains as the source and has nothing to do with network operations, about once a month something truly network related will come into that mailbox, and my team won't be alerted to these events in a timely manner. Only fix I can see right now is for us to make it part of our daily workload to troll the [email protected] mailbox on the off chance that something in there is relevant to network operations/security/CERT. Is this what other NANOs do? The clueful victims will look up our ASN/ARIN records and eventually make the right phone call -- or report the problem to law enforcement, who definitely know how to reach us ;) I'm hoping to find either a better and widely accepted way to handle non-spam-related network abuse complaints (hacking, DoS, etc), or at least best practices for triage on the huge volume of mail that comes into [email protected], procedures such that the rare legitimate complaint about non-spam network abuse can be routed to my team in a timely manner. Thanks, Kevin
|