UPDATE: Please use Data Channels for ALL report forwarding (SMTP, XARF submissions etc.) The current process listed in this document will soon be disabled.
The most important step to start with AbuseHQ is forwarding your network's or MTA's abuse data. You will need your mail administrator (if this is someone else) to help you with this step. Please alias the abuse@, postmaster@ traffic, and any other role address that receives abuse reports to abuse@EXAMPLE.abusehq.net (where 'example' is replaced by the AbuseHQ hostname you requested).
If you're using Gmail or other services that require a forwarding verification opt-in, the verification emails will be delivered to your AbuseHQ mailbox.
Make sure to click the link in those emails to start forwarding abuse reports to AbuseHQ.
Inbound Processing Automation
AbuseHQ includes 500+ different parsers for tens of thousands of reporters that consume abuse, copyright, vulnerability, and threat reports, automatically extracting the relevant metadata in each report.
An example is when you forward reports from shadowserver.org, AbuseHQ automatically downloads the related Shadowserver CSV file creating a single event for each line in the report.
With threat analysis automation, the more abuse reports you send to AbuseHQ, your visibility of network security issues will be better.
Meanwhile, your work effort will decrease since Abusix will start doing all the hard work for you.
The following two are several must-have data sources for many network operators.
Once you have started forwarding traffic to AbuseHQ, the "Top Reporter" widget in AbuseHQ Statistics will give you valuable insights about each reporter AbuseHQ catches!
To learn more about Abuse Reports, we recommend the following articles:
Send us a message
Having trouble with your set up or a technical issue? Get in touch with our team of Abusix experts.
Click the chat button at the bottom and send us your questions. Alternatively, you can email us at firstname.lastname@example.org