[RFCI-Discuss] Re: hebergement-online.com abuse submission
(RFCI-Discuss Digest, Vol 36, Issue 2)
Administrative Account
hostmaster at Plectere.com
Mon Jan 9 13:46:37 EST 2006
Hello,
I'm just guessing, but you didn't demonstrate the existence of an
active abusable IP. If I could (not so humbly) suggest a format more like:
Domain is in use:
% dig ns1.hebergement-online.com a @g.gtld-servers.net
; <<>> DiG 9.3.2 <<>> ns1.hebergement-online.com a @g.gtld-servers.net
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45591
;; flags: qr rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;ns1.hebergement-online.com. IN A
;; ANSWER SECTION:
ns1.hebergement-online.com. 172800 IN A 62.193.206.148
...
Followed by the evidence that you attempted to contact them (which looks
good to me).
Showing as you did that the IP appears in the glue (i.e. the
ADDITIONAL SECTION) of the response to a query on another domain is not
likely considered sufficient (it could just be a lie - like many 'MX's)
and the mere existance of an SOA is not itself abusable. But here someone
from rfci can say whether my conjecture is correct.
I notice that AMEN has moved from phishing to snake-oil sales
recently (amenpro.com is also one of their domains as are many other
variations of AMEN).
Paul Shupak
hostmaster at plectere.com
More information about the RFCI-Discuss
mailing list