On 05.10.2016 14:06, oconor@email.cz wrote:
Unfortunately for us (as an ISP) it's not just about passing these messages. If we don't want to be accused from not stopping something illegal we knew about, we need some feedback - what have been done to prevent this to happen in the future.
If you pass on the complaint to me, I'll give you the feedback that I will deal with it (using "you" and "I" as examples, obviously). While I do have the responsibility to verify that my server has not been compromised, I am not obliged to provide detailed information on how I deal with complaints. Also, just because some complaining party does not like the traffic passing through my server, it does not mean that I automatically have a legally binding obligation to prevent that traffic.
Don't get me wrong, I do take complaints seriously, and I always strive to work with my ISPs to resolve issues in an amicable manner. However, I do that because I choose to be a good netizen. Sometimes I don't do anything at all, because it either does not make any sense or would violate the "just passing through" concept (e.g. I never use any form of traffic content inspection).
It's really time consuming and that's why I would like to combine tor with some IPS for automation of the "policy set process".
I can see what motivates you. Personally, I can't think of a scenario where I would use automation to set outbound traffic policies (inbound traffic is a different matter, fail2ban comes to mind). I am interested in other people's opinion regarding the prospect of an automated tool to generate exit policies.
-Ralph