Re: Mailing list SPF Failure

On 17/05/2024 5:45, Karl Auer wrote: On Thu, 2024-05-16 at 19:27 -0700, Michael Thomas wrote: On 5/16/24 7:22 PM, Scott Q. wrote: Mike, you do realize Google/Gmail rejects e-mails with invalid/missing SPF right ? I was receiving the mail while NANOG had no SPF record, so no? Any receiver

Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

On 5/16/24 21:53, Brandon Zhi wrote: Are APNs like a vpn for mobile devices to access the public internet? Based on the experience that I used Mobile roaming outside my country. The provider would connect back to the original country via local providers. When roaming, the home mobile

Re: Mailing list SPF Failure

Same, this address for me is also gmail. This is what Gmail shows me from earlier today, when the SPF record was not present : Message ID < bff409fd0177c9caf1461e2439691...@polarismail--com.w.emailarray.com> Created at: Thu, May 16, 2024 at 11:59 AM (Delivered after 77 seconds) From: "Scott Q."

Re: Mailing list SPF Failure

On Thu, 2024-05-16 at 19:27 -0700, Michael Thomas wrote: > On 5/16/24 7:22 PM, Scott Q. wrote: > > Mike, you do realize Google/Gmail rejects e-mails with > > invalid/missing SPF right ? > > I was receiving the mail while NANOG had no SPF record, so no? Any > receiver would be really stupid take

Re: Mailing list SPF Failure

On 5/16/24 7:36 PM, John R. Levine wrote: I think a lot of us have nanog whitelisted or otherwise special cased. I don't and gmail is my backend. That's trivial falsification that lack of an SPF records alone will cause gmail rejects. Mike Also, it's been pumping out list mail for

Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

On 5/16/24 6:55 PM, John Levine wrote: It appears that Brandon Martin said: I think the issue with their lack of effectiveness on spam calls is due to the comparatively small number of players in the PSTN (speaking of both classic TDM and modern IP voice-carrying and signaling networks)

Re: Mailing list SPF Failure

> > I'm surprised nobody noticed for close to 10 days. Probably because it wasn't 10 days. On Thu, May 16, 2024 at 10:26 PM Scott Q. wrote: > I'm surprised nobody noticed for close to 10 days. I was away from work > and upon coming back I saw the little discussion there was , in my Spam >

Re: Mailing list SPF Failure

I think a lot of us have nanog whitelisted or otherwise special cased. Also, it's been pumping out list mail for decades and I expect has a close to zero complaint rate so even without the SPF ths IPs it sends from have a good reputation. On Thu, 16 May 2024, Scott Q. wrote: I'm surprised

Re: Mailing list SPF Failure

On 5/16/24 7:22 PM, Scott Q. wrote: Mike, you do realize Google/Gmail rejects e-mails with invalid/missing SPF right ? I was receiving the mail while NANOG had no SPF record, so no? Any receiver would be really stupid take a single signal as disqualifying. Mike If you want to tell them

Re: Mailing list SPF Failure

I'm surprised nobody noticed for close to 10 days. I was away from work and upon coming back I saw the little discussion there was , in my Spam folder. On Thursday, 16/05/2024 at 18:56 John R. Levine wrote: On Thu, 16 May 2024, William Herrin wrote: > The message content (including the message

Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

It appears that Brandon Martin said: >I think the issue with their lack of effectiveness on spam calls is due >to the comparatively small number of players in the PSTN (speaking of >both classic TDM and modern IP voice-carrying and signaling networks) >world allowing lots of regulatory

Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

On 5/16/24 4:17 PM, Brandon Martin wrote: I think the issue with their lack of effectiveness on spam calls is due to the comparatively small number of players in the PSTN (speaking of both classic TDM and modern IP voice-carrying and signaling networks) world allowing lots of regulatory

Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

On Thu, May 16, 2024 at 07:17:37PM -0400, Brandon Martin wrote: > I suspect that's why we've had some success with getting BGP security > not just addressed in guidance but actually practically improved. Ben Cartwright-Cox's axiom (paraphrased): "The real reason the Internet works is that we want

Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

On 5/16/24 16:05, Josh Luthman wrote: The FCC has spent the last several years hounding us voice providers over spam calls.  They've implemented laws.  They have required us to do paperwork.  Have they been successful in that task? Now do you think they're going to properly understand what an

Re: Mailing list SPF Failure

On 5/16/24 3:54 PM, William Herrin wrote: On Thu, May 16, 2024 at 12:03 PM John Levine wrote: It appears that Michael Thomas said: Since probably 99% of the mail from NANOG is through this list, it hardly matters since SPF will always fail. Sorry, but no. A mailing list puts its own

Re: Mailing list SPF Failure

On Thu, 16 May 2024, William Herrin wrote: The message content (including the message headers) is theoretically not used for SPF validation. In practice, some SPF validators don't have direct access to the SMTP session so they rely on the SMTP session placing the envelope sender in the

Re: Mailing list SPF Failure

On Thu, May 16, 2024 at 12:03 PM John Levine wrote: > It appears that Michael Thomas said: > >Since probably 99% of the mail from NANOG is through this list, it > >hardly matters since SPF will always fail. > > Sorry, but no. A mailing list puts its own envelope return address on > the message

Re: FCC proposes Internet Routing Security Reporting Requirements

Dear all, A fact sheet has now been published, with much more detail and considerations: https://docs.fcc.gov/public/attachments/DOC-402609A1.pdf This is a VERY interesting read! Kind regards, Job

Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

So the FCC is efficient enough to understand BGP vulnerabilities but not efficient enough to understand what a spam call is? On Thu, May 16, 2024 at 4:20 PM Job Snijders wrote: > On Thu, May 16, 2024 at 04:05:21PM -0400, Josh Luthman wrote: > > Now do you think they're going to properly

Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

On Thu, May 16, 2024 at 04:05:21PM -0400, Josh Luthman wrote: > Now do you think they're going to properly understand what an SS7 or > vulnerability is? The FCC organised several sessions (private and public) where they invited knowledgeable people from this community to help edifice them on what

Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

The FCC has spent the last several years hounding us voice providers over spam calls. They've implemented laws. They have required us to do paperwork. Have they been successful in that task? Now do you think they're going to properly understand what an SS7 or vulnerability is? On Thu, May 16,

Re: Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

Are APNs like a vpn for mobile devices to access the public internet? Based on the experience that I used Mobile roaming outside my country. The provider would connect back to the original country via local providers. *Brandon Zhi* HUIZE LTD www.huize.asia | www.ixp.su |

Re: Mailing list SPF Failure

It appears that Michael Thomas said: >On 5/16/24 8:11 AM, Peter Potvin via NANOG wrote: >> Appears there’s no SPF record at all now for nanog.org >> , which is not ideal… > >Since probably 99% of the mail from NANOG is through this list, it >hardly matters since SPF will

Re: Meet NANOG's New Executive Director! N91 Agenda is LIVE! + More

On Thu, May 16, 2024 at 02:23:52PM -0400, Nanog News wrote: > *Jonathan Black has been appointed NANOG Executive Director* > > In his new role, Jonathan will be responsible for the organization's > operational management and will collaborate with the NANOG Board to > refine, articulate, and

Meet NANOG's New Executive Director! N91 Agenda is LIVE! + More

*Meet NANOG's New Executive Director!* *VIDEO - Interview with Jonathan Black * *Jonathan Black has been appointed NANOG Executive Director* In his new role, Jonathan will be responsible for the organization's operational management and will collaborate with the NANOG Board to refine,

[NANOG-announce] Meet NANOG's New Executive Director! N91 Agenda is LIVE! + More

*Meet NANOG's New Executive Director!* *VIDEO - Interview with Jonathan Black * *Jonathan Black has been appointed NANOG Executive Director* In his new role, Jonathan will be responsible for the organization's operational management and will collaborate with the NANOG Board to refine,

Should FCC look at SS7 vulnerabilities or BGP vulnerabilities

Should FCC focus on SS7 vulnerabilities or BGP vulnerabilities? https://www.404media.co/email/79f7367c-bd3c-4bff-ac9f-85c738d08bec/ https://www.fcc.gov/ecfs/document/10427582404839/1 Additional comments from Kevin Briggs: "I have seen what appears to be reliable information related to

Re: Mailing list SPF Failure

On 5/16/24 8:59 AM, Scott Q. wrote: Uhm, not really. An SPF failure is really bad even though DKIM works. It might depend what they do with DMARC but even so, there's no reason they can't just add that IP to their SPF record. SPF has from day one been known to be broken with mailing lists.

Re: Mailing list SPF Failure

Uhm, not really. An SPF failure is really bad even though DKIM works. It might depend what they do with DMARC but even so, there's no reason they can't just add that IP to their SPF record. >From what I see, it's been broken at least since May 6-7. On Thursday, 16/05/2024 at 11:37 Michael

Re: Mailing list SPF Failure

On 5/16/24 8:11 AM, Peter Potvin via NANOG wrote: Appears there’s no SPF record at all now for nanog.org , which is not ideal… Since probably 99% of the mail from NANOG is through this list, it hardly matters since SPF will always fail. What is more important is that they

Re: Mailing list SPF Failure

Appears there’s no SPF record at all now for nanog.org, which is not ideal… Kind regards, Peter Potvin On Thu, May 16, 2024 at 02:59 Bjørn Mork wrote: > "Scott Q." writes: > > > Anyone else getting SPF failures on all messages sent to the list > > ? > > > > I see them all originating from

Re: Q: is RFC3531 still applicable?

Bill, I would just make it /64s all the way down. Subnetting a /64 is like taking half-breaths from a snorkel: why bother when the supply is effectively infinite? -mel > On May 16, 2024, at 3:35 AM, William Herrin wrote: > > On Wed, May 15, 2024 at 10:09 PM Mel Beckman wrote: >> The RFC

Re: Q: is RFC3531 still applicable?

On Wed, May 15, 2024 at 10:09 PM Mel Beckman wrote: > The RFC seems to be concerned with aggregation efficiency, and while that may > be a concern someday, so far computer and memory capacity has far outstripped > prefix growth in the default-free zone. > > If you can explain why a /64 would

Re: Mailing list SPF Failure

"Scott Q." writes: > Anyone else getting SPF failures on all messages sent to the list > ? > > I see them all originating from 50.31.151.76 but nanog.org's SPF > record doesn't list that as allowed. I see the same. nanog.org mail is originated from 2001:1838:2001:8:0:0:0:20 or 50.31.151.76,