12. Registration and validation of ?abuse-c? and ?abuse-mailbox?
The PDF document hosted on this page is the authoritative version of the Policy Manual. The web version is provided to make it easier for readers to quickly browse the different sections of the Manual.
In the event of a conflict between the web version and the pdf version of the Manual, the pdf version shall control.
This document and/or information was originally written in Spanish, the official language of Uruguay, the country where LACNIC is legally incorporated and whose laws and regulations LACNIC must meet. Likewise, unofficial information and/or documents are also written in Spanish, as this is the language in which most of LACNIC's collaborators and officers work and communicate. We do our best to ensure that our translations are reliable and serve as a guide for our non-Spanish-speaking members. However, discrepancies may exist between the translations and the original document and/or information written in Spanish. In this case, the original text written in Spanish will always prevail.
All resources that use LACNIC's registration systems must include a mandatory abuse-c contact attribute (abuse contact) in their corresponding WHOIS entries, with at least one valid, monitored, and actively managed abuse-mailbox that allows sending manual or automatic reports regarding abusive behavior, security issues, and the like.
Unrestricted access to the “abuse-mailbox” attribute must be available via whois, APIs and future technologies.
Considering the hierarchical nature of the objects, child objects of those directly distributed by LACNIC (for example, sub-assignments) are covered by the parent objects and their own “abuse-c” attribute is optional.
Following usual practices, other “e-mail” attributes may be included for other purposes.
• Must require intervention by the recipient.
• Must not require the use of a form to report abuse.
• Must guarantee that abuse reports, logs, headers, examples, etc. relating to the case of abuse are received.
The procedure, to be developed by LACNIC, must meet the following objectives:
1) A simple process that guarantees its functionality and the fulfillment of its purpose.
2) It should confirm that the person performing the validation:
• understands the procedure and the LACNIC policies in force;
• regularly monitors the “abuse-mailbox”;
• takes measures in connection thereto;
• responds to the abuse report.
3) Include an “Initial” validation period of fifteen (15) days.
4) If this validation fails, “escalate”, by any possible means, to the rest of the available contacts within an additional period of fifteen (15) days.
LACNIC will periodically validate compliance with the policy, at least twice a year and whenever “abuse-c” attributes are created or modified.
Failure of an organization to comply with this section occurs if it has not been validated during the “initial” or the “additional” validation periods.
Fraudulent behavior (for example, an “abuse-mailbox” that only replies to emails from LACNIC or to emails having a specific subject or body) or failure to comply with the remaining aspects of this policy (ignoring or improper attention to cases of abuse) may be reported to LACNIC for re-validation according to 12.4.