Re: abuse report management system
Aaron Thoreson wrote:
procmail, arffilter (http://wordtothewise.com/products/arffilter.html),
We use procmail to filter the inbound messages through 'arffilter' (to
read ARF - formatted attachments/messages) which then goes on to a perl
script that fetches certain header information. Then we process it
daily and watch for spikes, new sources, etc. I agree that a human need
examine the content and make final decisions, as the subject lines and
formatting of various organizations' abuse complaints vary wildly.
You'll be constantly amending your procmail rules and modifying your
The only affordable system I've seen out there is Word to the Wise's
Abacus system. I'm sure Remedy or something similar has a product, but
as far as open source, I'm not sure.
Please don't kill me for this but we offer this capability with MPP. It
is not open source but affordable. We can do all kinds of custom
processing based on email content.
Wojciech Ziniewicz wrote:
2009/8/11 Andy Davidson <email@example.com>:
This is dangerous, you wouldn't want your customers to see the original
abuse request, and you wouldn't like outsiders to be able to cut off
customers by filing invented abuse emails that trigger the threshold
automated system. Serious allegations need to be checked with the
for example, netflow records, and you may require to build a different
process based on messages from law enforcement agencies or similar.
Abuse handling is a specialist skill and should be done by humans.
I dont want any of theese.
What i want is a system that will trap abuse emails and notify me when
certain client reaches the trigger of let's say 10 abuse emails per
month. Then i would analyze the records and decide about warning him
about the sittuation and finally possibly cutting him of. We often do
such things to our bussiness customers - if they send tons of spam
using our ip addrs we can cut them off after 2 warnings (in Poland
sending spam is a crime) .