Get started by forwarding your abuse reports

UPDATE: Please use Data Channels for ALL report forwarding (SMTP, XARF submissions etc.) The current process listed in this document will soon be disabled.

 

Overview

The most important step to start with AbuseHQ is forwarding your network’s or MTA’s abuse data. You will need your mail administrator (if this is someone else) to help you with this step.

 

Please alias the abuse@, postmaster@ traffic, and any other role address that receives abuse reports to [email protected] (where ‘example’ is replaced by the AbuseHQ hostname you requested).

⚠️ Manual forwarding using an email client does not work!

 

If you’re using Gmail or other services that require a forwarding verification opt-in, the verification emails will be delivered to your AbuseHQ mailbox.

 

Inbound Processing Automation

AbuseHQ includes 500+ different parsers for tens of thousands of reporters that consume abuse, copyright, vulnerability, and threat reports, automatically extracting the relevant metadata in each report.

An example is when you forward reports from shadowserver.org, AbuseHQ automatically downloads the related Shadowserver CSV file creating a single event for each line in the report.

 

Better Visibility

With threat analysis automation, the more abuse reports you send to AbuseHQ, your visibility of network security issues will be better.

Meanwhile, your work effort will decrease since Abusix will start doing all the hard work for you.

The following two are several must-have data sources for many network operators.

Once you have started forwarding traffic to AbuseHQ, the “Top Reporter” widget in AbuseHQ Statistics will give you valuable insights about each reporter AbuseHQ catches!

Notion Image

 

 

 

Send us a message

Having trouble with your setup or a technical issue? Get in touch with our team of Abusix experts.

Click the chat button at the bottom and send us your questions. Alternatively, you can email us at [email protected]