ACSP Suggestion 2009.20: Report Spam Facility at ARIN

Suggestion

Author: Jon Shipp   
Submitted On: 20 October 2009

Description:

Companies sending spam are providing no contact details or way to report abuse.

There should be some method to report the involvement of these companies, or to send cease and desist letters, otherwise you are protecting persons deliberately breaking the law.

You may be popular with the spamming companies for not requiring them to provide an online contact address, but from the point of view of consumer protection, you appear to be condoning their actions.

Even if there is just a ‘report spam’ facility at ARIN to enable companies to be identified and then have their address and email abuse address made available if they repeat offend, this would potentially go a long way to stop illegal activity.

Timeframe: Immediate

Status: Closed   Updated: 03 November 2009

Tracking Information

ARIN Comment

3 November 2010

Thank you for your suggestion asking for efforts by ARIN to help combat SPAM. ARIN already does require that all recipients of number resources directly from ARIN provide contact information for issues regarding their networks. In fact, ARIN will not make an allocation to an organization that does not have its contact information properly registered. ARIN publishes this contact information in WHOIS.

You can use this contact information to report abusive activity to the ISP or company responsible for the network from which the abuse originates. Most ISPs are responsive to concerns about hackers and spammers on their networks. If you are unsuccessful in resolving this situation with the ISP, you may wish to contact one of the Third Party organizations whose primary purpose is to track and report spam. ARIN does not have the community mandate or the authority to investigate or prosecute claims of hacking or mail abuse.

The responsibility for maintaining accurate contact information belongs to the organization that is associated with the record. However, if ARIN is notified that information found in WHOIS is out of date, ARIN staff will investigate and work to get updated information from the responsible organization. If ARIN staff is unable to get updated information, it will mark the results in WHOIS accordingly.

If you are interested in seeing abuse POCs a requirement in WHOIS, you may wish to avail yourself of ARIN’s Policy Development Process. You can find information on how to participate in it at: https://www.arin.net/policy/pdp.html.