AbuseIO’s main features:

• Receive (through a mailserver handler, e.g. Postfix) abuse messages and automatically parse them into abuse reports
• Combine reports that already have an open case to reduce the amount of noise
• Classify each type of abuse and create actions on specific cases
• Create locally defined customers and/or netblocks or easily integrate your own IPAM system to resolve IP addresses to customers
• Set automatic (re)notifications per case or customer
• Set automatic escalation paths, triggers and actions
• Allow customers to reply, close or add notes to cases, keeping them organized
• Link customers to a self help portal in case they need more help
• Works with IPv4 and IPv6 addresses
• Hook events to external scripts, i.e. tooling that places hosts in quarantaine

Available parsers / collectors:

• Any RFC compliant ARF formatted message
• Any RFC compliant FBL Messages (Feedback Loop)
• Any DNS based RBL
• Shadowserver (www.shadowserver.org)
• SpamCop (www.spamcop.net)
• IP Echelon (www.ip-echelon.com)
• fail2ban reporting service (www.blocklist.de)
• Junk Email Filter (www.junkemailfilter.com)
• Google Safe Browsing reports for ASN’s (safebrowsingalerts.googlelabs.com)
• Project Honey Pot (www.projecthoneypot.org)
• Clean MX (http://www.clean-mx.de)
• Cyscon / C-SIRT (https://www.c-sirt.org)
• Netcraft (http://www.netcraft.com/)
• SpamExperts (https://www.spamexperts.com)
• USGO-Abuse
• Microsoft SNDS
• Abuse-IX (https://www.abuseinformationexchange.nl/)
• Woody (http://www.woody.ch/)
• Webiron (https://www.webiron.com/)
• Copyright Compliance
• Cegtek (http://www.cegtek.com/)
• Juno (http://www.juno.com/)

Parsers being developed:

• Bambenek
• Arbor
• Autoshun
• Brute Force Blocker project
• DragonBot
• Malc0de
• abuse.ch
• Open blacklist
• Phishtank
• CI Army (http://www.ciarmy.com/#list)