How to submit an abuse report

This document contains instructions on how to successfully submit an abuse report, what to include and what formalities you must comply with in order for your submission to be taken into consideration.

Please bear in mind that security on the internet is a common goal best achieved if everybody does their best, we appreciate and will react to abuse reports, but in order to handle them properly and filter out all the spam, we require you to follow some simple guidelines while doing so.

1. All reports must be written in English by a human being with a valid reply-to address, if you are not able to communicate in somehow clear English, please have a coworker assist you. We do not have the resources to communicate back and forth to try to interpret your repport.
2. Any attachments must be in plain-text, png or jpeg format. Don't expect us to click any links in your initial email, include everything you need to tell us in this first mail.
3. In case of attacks you must include
   1. Full timestamp with timezones.
   2. Destination and source address and port where applicable.
   3. Any generated log files or received email with full headers and no modification - logfiles however should be cropped.
4. In case of spam
   1. Full timestamp with timezones.
   2. Full copy of received mails with full headers.
5. In case of vulnerabilities
   1. Clear description of the issue
   2. Reference to CVE's where applicable
   3. Proof of concept, where applicable
6. Be prepared to engage with our technicians and respond to any inquiries.
7. Make sure the proper people are in the loop from the beginning in order to resolve the issue as quickly as possible.

Any submission that does not comply with the above will be discarded without further notice and/or be provided with a reference to this document.