In message
, William Herrin writes:
> On Thu, Sep 15, 2016 at 7:30 PM, Mark Andrews wrote:
> > Then there is SPF. A fare portion of the reason why the SPF record
> > failed, despite it being architectually cleaner than using TXT
> > records, is that some nameservers gave bad responses to SPF qu
On 2016-09-15 16:03, Owen DeLong wrote:
> Please explain to me how one modifies a request or response without
> managing to “control the content” or “influence the meaning or purpose”?
>
> Blocking a request or simply failing to answer MIGHT be within the law,
> but returning a false record certa
In message <9442fcb1-e039-4edd-8a0f-f5f351bc9...@truenet.com>, Eric Tykwinski w
rites:
> Ironically, I always wondered why I was told not to publish SPF records,
> since it did make more sense to have both, and slowly remove the TXT
> records later. Thanks for the heads upâ¦
>
> What do you thi
On Thu, Sep 15, 2016 at 7:30 PM, Mark Andrews wrote:
> Then there is SPF. A fare portion of the reason why the SPF record
> failed, despite it being architectually cleaner than using TXT
> records, is that some nameservers gave bad responses to SPF queries.
Hi Mark,
I'm going to stop you there.
Ironically, I always wondered why I was told not to publish SPF records, since
it did make more sense to have both, and slowly remove the TXT records later.
Thanks for the heads up…
What do you think really is best practice now?
Sincerely,
Eric Tykwinski
TrueNet, Inc.
P: 610-429-8300
> On S
In message
, "Aaron C. de Bruyn" writes:
>
> On Thu, Sep 15, 2016 at 2:45 PM, Mark Andrews wrote:
> >
> > Aaron,
> >How am I supposed to know which DNS vendor to contact? DNS
> >
>
> Sorry--I should have added a /sarcasm tag. :)
>
>
> > The best way to get this fixed would be for n
That's interesting.
heyaaron.com is one big huge catch-all that funnels into my Google Apps for
Domains mailbox.
There's one account, it has a good password, and it's protected by a Ubikey.
I'd be interested in seeing a copy of the headers from that e-mail.
-A
On Thu, Sep 15, 2016 at 3:15 PM,
On Thu, Sep 15, 2016 at 2:45 PM, Mark Andrews wrote:
>
> Aaron,
>How am I supposed to know which DNS vendor to contact? DNS
>
Sorry--I should have added a /sarcasm tag. :)
> The best way to get this fixed would be for nameservers to be checked
> for protocol compliance, by the parent
In message
, William Herrin writes:
> On Thu, Sep 15, 2016 at 12:22 PM, Aaron C. de Bruyn wrot
> e:
> > On Thu, Sep 15, 2016 at 12:31 AM, Mark Andrews wrote:
> >> QWEST isn't the only DNS provider that has broken nameservers. One
> >> shouldn't have to try and contact every DNS operator to ge
I don't think this is standard across the board with Telus.
I've also heard (rumours?) of a similar $250 prefix change free associated with
Shaw/AS6327 changes before, and also a much larger $750 change prefix change
fee with BELL-GT/AS6539, but the customers I know who use them definitely don't
> On Sep 14, 2016, at 12:14 AM, Jean-Francois Mezei
> wrote:
>
> On 2016-09-13 03:42, LHC wrote:
>> I believe that the CRTC has rules against censorship - meaning that
>> Videotron, Bell etcetera have a choice between following the CRTC code or
>> the provincial law (following one = sanctions
Sure. My question was whether every TELUS BGP customer was being charged for
these too, or if I’m the only one. If I’m the only one, then I’m obviously
caught in some administrative black hole there that I would like to get myself
out of. This is something that has only started happening in t
Mel,
If you are speaking of RPKI based origin validation, I am not sure
"automated / global enforcement system" is a useful description. It does
provide a consistent means for address holders to declare AS's authorized
to announce prefixes, and a means for remote ASs to compare received
updates
So, to be blunt, I would cast this as their charging you NRC for manual
work because of their failure to automate this.
--
Hugo Slabbert | email, xmpp/jabber: h...@slabnet.com
pgp key: B178313E | also on Signal
On Thu 2016-Sep-15 15:09:33 -0400, Jason Lixfeld wrote:
Last time I asked
Last time I asked, that wasn’t something that they had implemented, and had no
definite plans to do so within any timeframe that was on their radar.
> On Sep 15, 2016, at 2:50 PM, Steven Schecter wrote:
>
> I question their motivation here and would follow up by asking if they
> support filter
On Thu, Sep 15, 2016 at 10:19 AM, wrote:
> Remember that Windows XP didn't enable IPv6 by default, and *still* has
> some 10%
> market share.
>
Yeah, I'm still fighting that battle.
https://goo.gl/photos/xFguK4FL2iydnLhE7
-A
I question their motivation here and would follow up by asking if they
support filtering by IRRdb and are merely trying to encourage the practice?
/Steve
On Thu, Sep 15, 2016 at 2:07 PM, Jason Lixfeld
wrote:
> If there are any ISPs who use TELUS/AS852 for IP Transit over BGP, I’d be
> interest
On 9/15/16 11:28 AM, Ken Chase wrote:
> I feel this can be a public topic:
>
> Rogers just charged us that for an update (one update, multiple entries).
> We had to go through their quotation machinery too, took like 4-5 days.
> Additional
> time was wasted because we contacted their tech dept dir
I feel this can be a public topic:
Rogers just charged us that for an update (one update, multiple entries).
We had to go through their quotation machinery too, took like 4-5 days.
Additional
time was wasted because we contacted their tech dept directly at the start.
(which
is what I do for all
If there are any ISPs who use TELUS/AS852 for IP Transit over BGP, I’d be
interested in hearing from you.
I’d like to compare notes to see if you are also paying $250 for each BGP
prefix filter updated request, or if we’re the only ones…
Thanks in advance!
On Thu, 15 Sep 2016 09:22:10 -0700, "Aaron C. de Bruyn" said:
> On Thu, Sep 15, 2016 at 12:31 AM, Mark Andrews wrote:
>
> > QWEST isn't the only DNS provider that has broken nameservers. One
> > shouldn't have to try and contact every DNS operator to get them to
> > use protocol compliant servers
On Thu, Sep 15, 2016 at 12:22 PM, Aaron C. de Bruyn wrote:
> On Thu, Sep 15, 2016 at 12:31 AM, Mark Andrews wrote:
>> QWEST isn't the only DNS provider that has broken nameservers. One
>> shouldn't have to try and contact every DNS operator to get them to
>> use protocol compliant servers.
>
> S
On Thu, Sep 15, 2016 at 12:31 AM, Mark Andrews wrote:
> QWEST isn't the only DNS provider that has broken nameservers. One
> shouldn't have to try and contact every DNS operator to get them to
> use protocol compliant servers.
>
Save yourself some time. Contact the DNS software vendors. ;)
-A
In case anyone is wondering why I've been harping on about EDNS
compliance this is why. Failure to follow the protocol can result
in DNS lookup failures. nara.gov is signed and the recursive server
performs DNSSEC validation and sends queries with DNS COOKIEs.
BADVERS is NOT a valid response to
24 matches
Mail list logo
