[Job Offer] Nagios/Cacti/Centreon project - freelancers only

[Imri Zvik]

Hello everybody,

The company I work for is looking for a sub contractor, for a
Nagios/Cacti/Centreon project.
The project includes basic (bw/errors/pps/cpu/memory/etc)
monitoring/graphing of a few dozen network devices (Only out of the
box/publicly available plugins/checks/graphs are required - No
development of new graphs/plugins/etc).
We estimate the project will take around 5-6 days (net.), and the
project is scheduled to start ASAP.
The end customer is located in Bnei Brak.

Please contact me off-list for more information.

Best regards,

Imri

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: [JOB OFFER] Junior/Mid-Senior Linux/UNIX system administrator for an integration company

[Imri Zvik]

2012/3/21 vordoo :
>> On 03/21/2012 11:09 AM, Imri Zvik wrote:
>>
>> Hi,
>>
>> The company I work for (Oasis Technologies - You can read more about
>> the company at: http://www.oasis-tech.net/)  is currently looking for
>> junior/mid-senior system administrator for it's Linux/UNIX &
>
>
> The list below dos not look so  junior to me.

Junior OR Mid-Senior.

> Let's not waist time, what is the salary.  ~ Grosso Modo +/- Just to clarify
> how senior is senior

This is not something I'm going to discuss on a public list, for the
obvious reasons.
I've replied to you off-list, and I request that any other
inquiry/question will be directed to me off-list.
.
>
> Thanks.
>
>> Middleware professional services team.
>>
>> Requirements from candidate:
>>
>> 1. At least 2 years of proven Linux/Unix servers administration experience
>> in
>> a production environment (Linux and Solaris are a must), including
>> installation, configuration, maintenance,
>> troubleshooting and tuning.
>>
>> 2. Experience with writing shell scripts - A must.
>>
>> 3. Experience with writing perl scripts - A must.
>>
>> 4. Experience with complex TCP/IP environments (including, but not limited
>> to,
>> subnets,vlans,routing, load balancing, firewalls, etc) - A must.
>>
>> 5. Familiarity with the following protocols/frameworks, and experience with
>> administrating at least one implementation of said protocols/framework:
>>  * SMTP/IMAP/POP3
>>  * Radius
>>  * DNS
>>  * SNMP
>>  * HTTP
>>* CGI
>>  * SQL
>>* LDAP
>>
>> 6. Hands-on experience with virtualization (Vmware, KVM) - A must.
>>
>> 7. Experience with Cacti - Advantage.
>>
>> 8. Experience with storage systems/infrastructure - Big advantage.
>>
>> 9. Experience with backup systems/infrastructure - Big advantage.
>>
>> 10. Experience with developing Java web based applications - Advantage.
>>
>> 11. Valid driver's licence - A must.  .
>>
>> This is a full time gig, *including on-call rotation 24/7/365*.
>> We are not interested in out sourcing this position.
>>
>> The job includes working on various customers sites (In the
>> geographical area of Gadera - Hedera).
>>
>> If you are interested, please send your CV to me, off-list.
>> If you have questions regarding the job or the company, please contact
>> me off-list.
>> If you know someone, who isn't subscribed to this mailing list, who
>> might be interested, please feel free to forward this mail.
>>
>> -- imriz
>>
> ___
> Linux-il mailing list
> Linux-il@cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
>
>
> ___
> Linux-il mailing list
> Linux-il@cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

[JOB OFFER] Junior/Mid-Senior Linux/UNIX system administrator for an integration company

[Imri Zvik]

Hi,

The company I work for (Oasis Technologies - You can read more about
the company at: http://www.oasis-tech.net/)  is currently looking for
junior/mid-senior system administrator for it's Linux/UNIX &
Middleware professional services team.

Requirements from candidate:

1. At least 2 years of proven Linux/Unix servers administration experience in
a production environment (Linux and Solaris are a must), including
installation, configuration, maintenance,
troubleshooting and tuning.

2. Experience with writing shell scripts - A must.

3. Experience with writing perl scripts - A must.

4. Experience with complex TCP/IP environments (including, but not limited to,
subnets,vlans,routing, load balancing, firewalls, etc) - A must.

5. Familiarity with the following protocols/frameworks, and experience with
administrating at least one implementation of said protocols/framework:
* SMTP/IMAP/POP3
* Radius
* DNS
* SNMP
* HTTP
* CGI
* SQL
* LDAP

6. Hands-on experience with virtualization (Vmware, KVM) - A must.

7. Experience with Cacti - Advantage.

8. Experience with storage systems/infrastructure - Big advantage.

9. Experience with backup systems/infrastructure - Big advantage.

10. Experience with developing Java web based applications - Advantage.

11. Valid driver's licence - A must.  .

This is a full time gig, *including on-call rotation 24/7/365*.
We are not interested in out sourcing this position.

The job includes working on various customers sites (In the
geographical area of Gadera - Hedera).

If you are interested, please send your CV to me, off-list.
If you have questions regarding the job or the company, please contact
me off-list.
If you know someone, who isn't subscribed to this mailing list, who
might be interested, please feel free to forward this mail.

-- imriz

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

[JOB OFFER] UNIX/Linux system administrator

[Imri Zvik]

Hi,

Smile 012 is looking for a system administrator with the following 
skills/experience/knowledge:

1. At least 2 years of proven Linux/Unix servers administration experience in 
a production environment (Linux and Solaris are a must, but HPUX experience 
is a big advantage), including installation, configuration, maintenance, 
troubleshooting and tuning.

2. Experience with writing shell scripts.

3. Experience with writing perl scripts.

4. Experience with complex TCP/IP environments (including, but not limited to, 
subnets,vlans,routing, load balancing, firewalls, etc).

5. Familiarity with the following protocols, and experience with 
administrating at least one implementation of said protocols: 
* SMTP 
* Pop 
* IMAP 
* Radius
* DNS
* SNMP
* HTTP
* SQL

6. Experience with HP SiteScope and HP Business Availability Center - A big 
advantage.

7. Experience with Cacti - Advantage.

8. Experience with storage systems/infrastructure - Advantage.

9. Experience with developing Java web based applications - Advantage.


This is a full time gig, including on-call rotation.
We are not interested in out sourcing this position.

The job is located in our HQ in Petach Tiqwa.

If you are interested, please send your CV to me, off-list.


___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

[JOB OFFER] System administrator

[Imri Zvik]

Disclaimer: 
I am not affiliated with this company. I was asked by a friend to pass this 
along. All the CVs/inquiries should be sent directly to the contact listed in 
the forwarded message. 
 
--  Forwarded Message  --


Hi-tech Company is looking for a seasoned Linux / Communications/ Data 
Security Sys Admin with at least 5 years of experience in a medium /large 
multinational company (minimum 500 PC/servers).

 

Required skills

 

·Linux Red Hat and/ or other flavors

·Communications – TCP/IP, MPLS, Cisco Routers, Switches and IPT. 

·Data Security – good knowledge of Checkpoint FW1, Juniper SSL-VPN, 
Symantec SEP Endpoint, eSafe and/or Fortinet application firewalls

·Oracle DB 

·Storage – NetApp

·Backup CA BrightStore

·Windows XP / Windows 2003 Server – advantage

·  Great Inter-personal skills.

·  Willing to travel abroad

·  Willing to work at unusual hours.

CVs to: ta...@oasis-tech.net
---

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: ISP Suggestion

[Imri Zvik]

On Monday 26 October 2009 14:24:11 geoffrey mendelson wrote:
> Except for early morning, I can no longer watch YouTube videos. They  
> run for a few seconds, stop for a while and continue, then they stop  
> for a while and continue. If I switch to Netvision, they play smoothly.

Wierd... 

Could you please provide a sniff (PCAP format) of the problem (off-list, of 
course)? It would be very helpful.



___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: ISP Suggestion

[Imri Zvik]

On Monday 26 October 2009 14:01:52 geoffrey mendelson wrote:
> Actually I want traffic shaping. I want my VoIP to work. I want my  
> email. I'd like YouTube to work too, but 012 has not quite caught on  
> to that.

Could you please elaborate? I'm not aware of any issues with YouTube, and I 
would gladly make sure that such issues would be inspected in-depth.

> Everything else can wait, as long as it goes through such as  
> BitTorrent, http downloads of big files, etc, something else 012 has  
> not quite figured out.

Same here.




___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: [Israel.pm] CPAN Mirror in Israel

[Imri Zvik]

On Friday 31 July 2009 16:47:33 Ilya A. Volynets-Evenbakh wrote:
> I need an Israel-based CPAN mirror too.
>
> Shlomi Fish wrote:
> > On Thursday 30 July 2009 20:11:47 Lior Kaplan wrote:
> >  
> >
> >> Can you prove demand for this mirror?
> >>
> >>    
> >
> > Well, it is needed by many Israeli Perl programmers who are often using
> > CPAN. I need it, and if anyone on the CCed mailing list could make use of
> > it, please let us know, too.
> >
> > Regards,
> >
> >   Shlomi Fish


Me too.

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: Service/port based routing

[Imri Zvik]

On Sunday 28 June 2009 13:10:53 shimi wrote:
> Packet marking & additional routing table. Quick "HOWTO" here:
> http://archive.cert.uni-stuttgart.de/suse-security/2005/01/msg8.html
>
> HTH,
>
> -- Shimi
> 


You should be able do that with a simple iptables rule (without using 
different routing tables). man iptables and look for the ROUTE target.

   ROUTE
   This is used to explicitly override the core network stack's routing 
decision.  mangle table.

   --oif ifname
  Route the packet through `ifname' network interface

   --iif ifname
  Change the packet's incoming interface to `ifname'

   --gw IP_address
  Route the packet via this gateway

   --continue
  Behave like a non-terminating target and continue traversing the 
rules.  Not valid in combination with `--iif' or `--tee'

   --tee  Make a copy of the packet, and route that copy to the given 
destination. For the original, uncopied packet, behave like a non-terminating 
target and continue traversing  the  rules.   Not
  valid in combination with `--iif' or `--continue'

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: How to count dropped connections

[Imri Zvik]

On Tuesday 09 June 2009 15:13:43 Shachar Shemesh wrote:
> > If the TCP-level connection is dropped before an HTTP request is
> > received then I'm not sure Apache's log will show it (just tried this
> > on a Ubuntu desktop, don't know how much it indicates for CentOS 5).
> >  
>
> Do you count that as a successful connection? It sounds to me like it is
> not, which means that apache not listing it is actually a good thing.
>
> What I would be worried about (not very, mind you) is SYN floods and
> other stuff. Some failed TCP connections should not be counted (SYN is
> invalid, three way handshake did not complete due to client
> considerations, retransmitted SYNs etc.). The only way I can think of to
> find those is a sniffer (I don't know of any tcpdump rules that can
> match those, and I wouldn't trust its performance anyway, so I think a
> dedicated one would work best).

How about using iptables to count the TCP packets containing SYN's and 
comparing it to the access_log entries? There are a couple of pitfalls here 
that needs to be addressed (like retransmition of SYN packets), but this 
could probably be avoided by using parsing script, which would eliminate the 
duplicates.



___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

RE: the cost of switching to IPv6?

[Imri Zvik]

015 used to support ipv6 natively with no extra payment - But had no
demand for this service.

If there is a demand, contact me off list, and I will check what's the
current status of the service.



-Original Message-
From: linux-il-boun...@cs.huji.ac.il
[mailto:linux-il-boun...@cs.huji.ac.il] On Behalf Of Geoffrey Mendelson
Sent: Friday, May 01, 2009 8:08 AM
To: Hetz Ben Hamo
Cc: linux-il
Subject: Re: the cost of switching to IPv6?

On Fri, May 1, 2009 at 3:29 AM, Hetz Ben Hamo  wrote:
> Hi,
>
> I know TCP/IP but I'm not an expert on this issue, so I want to ask
> about the following scenario:

Neither am I, but here goes.


> According to an article in The Register
> (http://www.theregister.co.uk/2009/04/30/ipv4_depletion/), ARIN (the
> group that gives IP's) will make life a bit harder when companies
> would ask for additional IP's.

ARIN are going nuts with power. They have been sending people who own
number blocks email asking them to join without payment, but if you do
you agree to pay for your number block (probably an inital and
recurring fees) when they decide to start charging. If you don't agree
they can't make you pay, but they are liable to start giving away the
ranges of people who don't pay.

> So, I was wondering: I'm almost sure that by now, most of the big
> ISP's here in Israel have some IPV6 infrastructure and some IP's, but
> what would it take to migrate clients to IPV6? here are more specific
> questions:

They probably don't. IPv6 costs more money to maintain and slows
things down in a  mixed environment. I found that things get faster
here because I only have a local IPv6 infrastructure that is poorly
supported, if I turn it off whenever possible.

Considering my (and others recent experience with local ISPs, I would
debate the existence of an IPv4 infrastructure at Israeli ISPs.


> 1. Can a translation from V4 to V6 can occur at the ISP level,
> removing the need to replace home routers/modems?

No, it would be of no use. They would have to use some sort of IPv4 to
IPv6 conversion on the fly in their routers which adds cost to
maintain, run and support. Most of the web service providers only
provide IPV4 connections anyway, and they and their ISP's would have
to upgrade.

Obviously they will someday, but I'm sure the big companies will try
their best to avoid it.

> 2. If not, what would be required to be done by the end user/home user
> if his ISP will switch to V6?

A new router with ISPv6 support and translation. Since 99% of the home
users in Israel tunnel, they would have to change the tunneling
software. Considering you can buy an IPv4 router with 80211.g Wifi for
130 NIS it will be a long time before an enhanced IPv6 router will
come down to the price that everyone will pay for one.

> 3. If someone has a server at a hosting company, or he gets a static
> IP, does he/she needs to ask for another V6 IP?

Yes, you need both. There is only one DNS system, so you won't have to
change anything, just make sure your DNS provider supports IPv6 and
you keep your IP addresses updated.

Because of the way things work around here, I would expect that you
will be able to get IPv6 service soon from your ISP. You will have to
pay extra for the service (probably commerical rates at first), and
get a new router.

For the first year or two, you probably won't get to any sites outside
of your ISP until IIX is upgraded and the other ISPs upgrade their
networks and interconnections.

The main factor is money, most companies, especially in these times
won't spend money for new technology just because it is new
technology, and I doubt that any ISP can justify IPv6 unless they can
charge real costumers real money to do it.

How much would you be willing to pay extra for IPv6? 100 NIS a month?
500? 1000? How many people you know would be willing to pay anything
at all?

Geoff.
-- 
Geoffrey S. Mendelson N3OWJ/4X1GM
Jerusalem, Israel

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

RE: the cost of switching to IPv6?

[Imri Zvik]

-Original Message-
From: linux-il-boun...@cs.huji.ac.il
[mailto:linux-il-boun...@cs.huji.ac.il] On Behalf Of Geoffrey Mendelson
Sent: Friday, May 01, 2009 8:08 AM
To: Hetz Ben Hamo
Cc: linux-il
Subject: Re: the cost of switching to IPv6?

On Fri, May 1, 2009 at 3:29 AM, Hetz Ben Hamo  wrote:
> Hi,
>
> I know TCP/IP but I'm not an expert on this issue, so I want to ask
> about the following scenario:

Neither am I, but here goes.


> According to an article in The Register
> (http://www.theregister.co.uk/2009/04/30/ipv4_depletion/), ARIN (the
> group that gives IP's) will make life a bit harder when companies
> would ask for additional IP's.

ARIN are going nuts with power. They have been sending people who own
number blocks email asking them to join without payment, but if you do
you agree to pay for your number block (probably an inital and
recurring fees) when they decide to start charging. If you don't agree
they can't make you pay, but they are liable to start giving away the
ranges of people who don't pay.

> So, I was wondering: I'm almost sure that by now, most of the big
> ISP's here in Israel have some IPV6 infrastructure and some IP's, but
> what would it take to migrate clients to IPV6? here are more specific
> questions:

They probably don't. IPv6 costs more money to maintain and slows
things down in a  mixed environment. I found that things get faster
here because I only have a local IPv6 infrastructure that is poorly
supported, if I turn it off whenever possible.

Considering my (and others recent experience with local ISPs, I would
debate the existence of an IPv4 infrastructure at Israeli ISPs.


> 1. Can a translation from V4 to V6 can occur at the ISP level,
> removing the need to replace home routers/modems?

No, it would be of no use. They would have to use some sort of IPv4 to
IPv6 conversion on the fly in their routers which adds cost to
maintain, run and support. Most of the web service providers only
provide IPV4 connections anyway, and they and their ISP's would have
to upgrade.

Obviously they will someday, but I'm sure the big companies will try
their best to avoid it.

> 2. If not, what would be required to be done by the end user/home user
> if his ISP will switch to V6?

A new router with ISPv6 support and translation. Since 99% of the home
users in Israel tunnel, they would have to change the tunneling
software. Considering you can buy an IPv4 router with 80211.g Wifi for
130 NIS it will be a long time before an enhanced IPv6 router will
come down to the price that everyone will pay for one.

> 3. If someone has a server at a hosting company, or he gets a static
> IP, does he/she needs to ask for another V6 IP?

Yes, you need both. There is only one DNS system, so you won't have to
change anything, just make sure your DNS provider supports IPv6 and
you keep your IP addresses updated.

Because of the way things work around here, I would expect that you
will be able to get IPv6 service soon from your ISP. You will have to
pay extra for the service (probably commerical rates at first), and
get a new router.

For the first year or two, you probably won't get to any sites outside
of your ISP until IIX is upgraded and the other ISPs upgrade their
networks and interconnections.

The main factor is money, most companies, especially in these times
won't spend money for new technology just because it is new
technology, and I doubt that any ISP can justify IPv6 unless they can
charge real costumers real money to do it.

How much would you be willing to pay extra for IPv6? 100 NIS a month?
500? 1000? How many people you know would be willing to pay anything
at all?

Geoff.
-- 
Geoffrey S. Mendelson N3OWJ/4X1GM
Jerusalem, Israel

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: ssh from 012 cable to server in US fail

[Imri Zvik]

On Tuesday 28 April 2009 13:57:36 Ira Abramov wrote:
> these all sound annoyingly like the "adventures" a friend of mine had
> when connecting to my server from china, including obvious
> man-in-the-middle attacks, such as each time hׁ” tried to connect, the
> "server" would display a different host key.
>
> If the state of Israel has started building a "great firewall" they are
> both doing it wrong, as well as against the current law. very sad


A bit paranoid, aren't we? :)

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: ssh from 012 cable to server in US fail

[Imri Zvik]

Hi,

We are not aware of such problem, and if such one exists, it is not 
intentional.

Please provide me with some more information off-list (IP addresses, capture 
files of connection attempts if possible etc.), and we will check into it.

--imriz

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Re: ipv6 q

[Imri Zvik]

On Tuesday 21 April 2009 14:40:32 Erez D wrote:
> hi
>
> i can ping www.yahoo.com,
> but when i ping6 www.yahoo.com - i get "unknow host"
>
> does ipv4 and ipv6 use different dns ?

There is no  record for www.yahoo.com, as far as I can see, so there is no 
IPV6 address to ping...



___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

RE: Israeli ISP blocking outgoing SMTP

[Imri Zvik]

-Original Message-
From: Imri Zvik 
Sent: Wednesday, April 08, 2009 11:46 AM
To: 'Aviram Jenik'
Cc: linux-il@cs.huji.ac.il
Subject: RE: Israeli ISP blocking outgoing SMTP



-Original Message-
From: Aviram Jenik [mailto:avi...@jenik.com] 
Sent: Tuesday, April 07, 2009 6:46 PM
To: Imri Zvik
Cc: linux-il@cs.huji.ac.il
Subject: Re: Israeli ISP blocking outgoing SMTP

Noam didn't say blocking port 25 for everyone is a good thing or that he
likes 
it - just that this is what ISPs in Europe and the US are doing that to
fight 
spam.

What Noam said is that ISPs have a responsibility to prevent spam being
sent 
from their hosts. He also said that blacklists may not be the smartest
thing 
in the world, but they are deployed and in use - once that's done it's
the 
ISPs responsibility for its users to not be listed. It is unfortunate
ISPs 
choose blocking port 25 as the easy way to do that, but like I said it's
the 
current common practice.


By the way - just to set the Linux-IL record straight - Imri has been 
extremely helpful to us in several "abuse" cases we contacted him with.
It 
wasn't necessary for him to do that (that's what the abuse desk is for)
but 
he did it anyway, and I applaud him for that.

But that doesn't mean we don't have our different PoVs...


Hag Sameach.

- Aviram



On Tuesday 07 April 2009 02:05:15 Imri Zvik wrote:
> It was advocated on this mailing list, not so long ago, by someone
from
> your management team :)
>
> I opposed this method then, and I still think it is a bad idea, even
> though it is very effective.
>
>
>
> -Original Message-
> From: linux-il-boun...@cs.huji.ac.il
> [mailto:linux-il-boun...@cs.huji.ac.il] On Behalf Of Aviram Jenik
> Sent: Monday, April 06, 2009 10:42 PM
> To: linux-il@cs.huji.ac.il; ro...@acm.org
> Subject: Re: Israeli ISP blocking outgoing SMTP
>
> On Monday 06 April 2009 10:55:40 ronys wrote:
> > Hi,
> >
> > For the last few days, an ISP who shall remain nameless (but who's
>
> name in
>
> > octal is equal to 11) has decided to block outgoing SMTP connections
>
> to
>
> > servers abroad. They've done this unilaterally, without notifying
> > customers, and, for the first couple of calls to support, without
>
> admitting
>
> > anything beyond "there's a problem, we're working on it".
>
> Blocking port 25 for broadband users is now considered common
practice,
> and is
> actually advocated by many spam fighting organizations. I personally
> think
> it's stupid and goes against everything the Internet is about, but
> strangely
> enough I wasn't consulted when that decision was made. These are also
> the
> guys that think blacklists are a good idea.
>
> But as far as it goes to making ISPs change their ways, it will most
> likely be
> the other way around - Israeli ISPs are just catching up to the
> unfortunate
> global standard.
>
> On the bright side, doing that may get them removed from several
> blacklists
> (did I mention how stupid I thought blacklists were?)
>
> > Rony
>
> - Aviram
>
> ___
> Linux-il mailing list
> Linux-il@cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il



___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

RE: Israeli ISP blocking outgoing SMTP

[Imri Zvik]

-Original Message-
From: Aviram Jenik [mailto:avi...@jenik.com] 
Sent: Tuesday, April 07, 2009 6:46 PM
To: Imri Zvik
Cc: linux-il@cs.huji.ac.il
Subject: Re: Israeli ISP blocking outgoing SMTP

Noam didn't say blocking port 25 for everyone is a good thing or that he
likes 
it - just that this is what ISPs in Europe and the US are doing that to
fight 
spam.

What Noam said is that ISPs have a responsibility to prevent spam being
sent 
from their hosts. He also said that blacklists may not be the smartest
thing 
in the world, but they are deployed and in use - once that's done it's
the 
ISPs responsibility for its users to not be listed. It is unfortunate
ISPs 
choose blocking port 25 as the easy way to do that, but like I said it's
the 
current common practice.


By the way - just to set the Linux-IL record straight - Imri has been 
extremely helpful to us in several "abuse" cases we contacted him with.
It 
wasn't necessary for him to do that (that's what the abuse desk is for)
but 
he did it anyway, and I applaud him for that.

But that doesn't mean we don't have our different PoVs...


Hag Sameach.

- Aviram



On Tuesday 07 April 2009 02:05:15 Imri Zvik wrote:
> It was advocated on this mailing list, not so long ago, by someone
from
> your management team :)
>
> I opposed this method then, and I still think it is a bad idea, even
> though it is very effective.
>
>
>
> -Original Message-
> From: linux-il-boun...@cs.huji.ac.il
> [mailto:linux-il-boun...@cs.huji.ac.il] On Behalf Of Aviram Jenik
> Sent: Monday, April 06, 2009 10:42 PM
> To: linux-il@cs.huji.ac.il; ro...@acm.org
> Subject: Re: Israeli ISP blocking outgoing SMTP
>
> On Monday 06 April 2009 10:55:40 ronys wrote:
> > Hi,
> >
> > For the last few days, an ISP who shall remain nameless (but who's
>
> name in
>
> > octal is equal to 11) has decided to block outgoing SMTP connections
>
> to
>
> > servers abroad. They've done this unilaterally, without notifying
> > customers, and, for the first couple of calls to support, without
>
> admitting
>
> > anything beyond "there's a problem, we're working on it".
>
> Blocking port 25 for broadband users is now considered common
practice,
> and is
> actually advocated by many spam fighting organizations. I personally
> think
> it's stupid and goes against everything the Internet is about, but
> strangely
> enough I wasn't consulted when that decision was made. These are also
> the
> guys that think blacklists are a good idea.
>
> But as far as it goes to making ISPs change their ways, it will most
> likely be
> the other way around - Israeli ISPs are just catching up to the
> unfortunate
> global standard.
>
> On the bright side, doing that may get them removed from several
> blacklists
> (did I mention how stupid I thought blacklists were?)
>
> > Rony
>
> - Aviram
>
> ___
> Linux-il mailing list
> Linux-il@cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il



___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

RE: Israeli ISP blocking outgoing SMTP

[Imri Zvik]

Blacklisting is very effective, but should be done carefully.
Senderbase-like solutions proved to be _very_ effective, without much of
false positives.
What I do object, is uceprotect-like blacklists who automatically block
huge ranges for a ridiculous amount of spam.

I do agree that blocking port 25, as tempting as it might sound for your
average abuse desk personnel, is a stupid idea.


-Original Message-
From: Oleg Goldshmidt [mailto:p...@goldshmidt.org] 
Sent: Tuesday, April 07, 2009 9:02 PM
To: Aviram Jenik
Cc: Imri Zvik; linux-il@cs.huji.ac.il
Subject: Re: Israeli ISP blocking outgoing SMTP

Aviram Jenik  writes:

> Noam didn't say blocking port 25 for everyone is a good thing or
> that he likes it - just that this is what ISPs in Europe and the US
> are doing that to fight spam.

Not in my experience. That is, unless I grossly misunderstand the
problem. In my mind, this means that the problem occurs when you
configure a foreign server as your SMART_HOST while connected to the
"octal 11" Israeli ISP.

If this is _not_ the problem, please accept my apologies and ignore
the rest.

I have just returned from a trip to Europe. I sent emails, using my
laptop, from two different Western European countries, from a hotel,
from coffee shops, from occasional unidentified public Wi-Fi spot,
etc. Presumably several different ISPs were involved, though I never
bothered to make a list.

Now, my laptop runs sendmail and has SMART_HOST configured to be my
Israeli ISP's mail server. Thus, when I send an email from abroad, I
am in a situation analogous to someone in Israel using a US server for
outgoing SMTP traffic. Not a single email during my week-long trip
(and I had to send quite a few) bounced or was lost. To me, this means
that Western European ISPs do *not* prevent SMTP traffic reaching
servers other than theirs.

Last time I was in the US was last August, I had no problem there,
either.

In general, this does not make much sense. Imagine a typical
Windows/Outlook user who has his "outgoing mail server" (SMART_HOST
equivalent) configured to something (by his company's IT people, he
himself does not know what an "outgoing mail server" is,
etc.). Imagine this person on a trip somewhere - he does not change
his configuration, but he doesn't normally have any problems sending
email.

If the "octal 11" Israeli ISP does it it is *not* following any common
practice. Oh, and I agree it is stupid, as is blacklisting.

-- 
Oleg Goldshmidt | p...@goldshmidt.org

___
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

Smile 012 DNS cache (aka resolvers) servers

[Imri Zvik]

Hi,

 

This email is for all the people who are customers of Smile 012
(including what  used to be Internet Gold).

If you are statically setting your DNS servers, and you are still using
the old caching servers (192.116.202.222 and 213.8.172.83), please
replace them with the following servers:

 

80.179.52.100 (primary)

80.179.55.100 (secondary)

 

 

The old IP addresses will still provide service, but the new ones are
much faster and will provide you with a better service.

 

 

 

RE: Spam handling (was: Re: Israeli ISP and Blacklisting)

[Imri Zvik]

While it is theoretically possible to setup a non-profit ISP, it is not 
practical.
It takes A LOT of money to run an ISP - just the submarine uplinks costs a 
couple of hundred K's of $ per month, and even if you manage to get a serious 
staff working for you for free, or almost free (which I doubt, as ISP job is 
24/7), you still need to buy expensive hardware, pay Bezeq for realms etc.
 
So, unless you find someone with deep pockets who will fund this operation, I 
don't see how it is possible.
 
 
But I do like the idea :)
 



From: [EMAIL PROTECTED] בשם Omer Zak
Date: Sat 26/07/2008 11:16
To: linux-il
Subject: Spam handling (was: Re: Israeli ISP and Blacklisting)



On Sat, 2008-07-26 at 00:05 +0300, Ariel Biener wrote:
> 1. SPAM is here to stay, mostly due to human nature. For people who want to
> sell something, this is an easy and cheap way to get more clients. This is
> from the human psychology/sociology point of view

Asking myself whether it would have been to snip spam at its bud, by
making domain registrars and ISPs more diligent about eliminating spam,
my answer is that in the long range it was good that they were not
strict.

The reason is that not having to deal with spam would have left the
networks and applications more vulnerable to a well-timed spam attach,
which is bound to occur.

> 2. SPAM is here to stay, from a technical point of view, due to the fact that
>SMTP (and the following RFCs that enhance it) were not designed to deal
>with sender authenticity. In fact, I believe that up to this day, an RFC
>compliant mail system is required to accept the following:
>MAIL FROM:<>

The following developments have the potential of changing the above
situation:
a. Massive switching of PC users from MS-Windows to a more secure OS,
removing them out of zombie networks.
b. New E-mail protocols, which are designed to prevent spam.  Those
protocols would supplant and eventually replace the existing ones.
c. Legal developments making domain registrars legally liable to the
actions of domains registered by them - with possibility of getting off
the hook by verifying the identity and addresses of the applicants.

> 7. I do believe that some people on this list, while they have a theoretical
> point of view on how things should operate, lack the understanding of
> how things really turn out to be in the real world of ISP operations.
> Forgetting that the ISPs first, and foremost interest is to make money
> and make their shareholders happy is a fatal error, on the part of
> theoreticians. That however doesn't mean that everything ISPs do is
> acceptable, and sometimes very far from it. A balanced view however,
> that understands both the theory, and the practice is needed to be able
> to solve problems in the real ISP world.

Is it possible to set up non-profit ISPs?
How about mesh networks, based say upon WiFi and packet forwarding (old
Usenet style)?


--
42 is the answer to everything.  Food is the answer to everything except
obesity.
My own blog is at http://www.zak.co.il/tddpirate/

My opinions, as expressed in this E-mail message, are mine alone.
They do not represent the official policy of any organization with which
I may be affiliated in any way.
WARNING TO SPAMMERS:  at http://www.zak.co.il/spamwarning.html


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Israeli ISP and Blacklisting

[Imri Zvik]

It's not a matter of being naive or not, but just the fact nobody hacked in yet 
(tfu tfu fu) :)
 
Of course there is ALWAYS the risk, and one should ALWAYS take that into 
account and prepare, but in the context of this discussion it's pretty much 
irrelevant as they (these spammers) don't need to "hack" into the mail systems 
in order to spam - the methods I described are much more cost-effective for 
them.
 
Regarding your last question - I have no idea.
 
 



From: sara fink [mailto:[EMAIL PROTECTED]
Date: Fri 25/07/2008 23:05
To: Imri Zvik
Cc: Arik Baratz; linux-il
Subject: Re: Israeli ISP and Blacklisting



On 7/25/08, Imri Zvik <[EMAIL PROTECTED]> wrote:
> Why do you think any system was hacked?
>
> It seems you do not understand how it works - they don't hack into any ISP
> managed system. They don't need to. They either:
>
> 1. phish the username and password.
> 2. get it from *your* computer using a trojan.
> 3. try and guess easy passwords/usernames.
> 4. actually *buy* an account, pretending to be your average Moshe from Hulon
> customer.

Stay naive. these are the easy cases.

BTW, which ISP hosted the Bank Israel web site?

>
> Spammers from abroad will mostly use methods 1 to 3.
>
>
>
> ____
>
> From: sara fink [mailto:[EMAIL PROTECTED]
> Date: Fri 25/07/2008 14:12
> To: Imri Zvik
> Cc: Arik Baratz; linux-il
> Subject: Re: Israeli ISP and Blacklisting
>
>
>
>
> On Fri, Jul 25, 2008 at 1:58 PM, Imri Zvik <[EMAIL PROTECTED]> wrote:
>
>
>   1. This is not a question, but a statement, and quite a stupid one if I
> may. Do you really expect a serious answer? How are those related?
>
>
> Indeed it's a statement. If you didn't understand the sarcasm, too bad.
>
>
>  
>  
>   2. Please clarify this question.
>
>
> The question refers to how spamming works.
>
> Hacking into the system-> privelege escalation-> spamming (and this is only
> one aspect after  the system was hacked).  DDos  is a much nicer effect from
> the hacker standpoint of view.
>
> How ISP deal with the fact that their systems were hacked?
>
>
>  
>  
>  
>  
>  
>   
>  
>   From: sara fink [mailto:[EMAIL PROTECTED]
>   Date:  Fri 25/07/2008 13:49
>   To: Imri Zvik
>   Cc: Arik Baratz; linux-il
>  
>
>   Subject: Re: Israeli ISP and Blacklisting
>  
>  
>   Why ISP will spend time to block spammers, when they spend their time to
> block/shape/inspect p2p, voip and other protocols. After all this saves much
> more money.
>  
>   I would like to ask a more general question. If spammers from abroad use
> Israeli  ISP, it means that their systems were already compromised. How ISP
> see such a thing?
>  
>  
>   On Fri, Jul 25, 2008 at 11:30 AM, Imri Zvik <[EMAIL PROTECTED]> wrote:
>  
>  
>  I cannot discuss this further when you refuse to give ANY factual
> data. You publicy trash people (the abuse@ and all the other people behind
> that ISP) with quite a harsh words, and refuse to back it up with facts.
>  You, yet again, dismiss my attempts to help you, saying it's 
> won't
> help (???). It seems you don't really want to be helped, but just taking
> advantage of the free and cheap shot.
>  
>  I will be glad if you can also forward these complaints you say 
> that
> have been ignored by the abuse@ - I'm also interested to know why they were
> ignored.
>  If you have sensetive information you don't want posted on this 
> list
> - you can always mail it to me off-list.
>  
>  I must emphasize this - almost 24 hours after the original 
> flametory
> post, I still didn't get ANYTHING to work with.
>  
>  
>  
>  
>  
>  
>  From: [EMAIL PROTECTED] בשם Arik Baratz
>  
>  
>  Date: ו 25/07/2008 05:21
>  To: linux-il
>  
>  
>  Subject: Re: Israeli ISP and Blacklisting
>  
>  
>  
>  
>  On Fri, Jul 25, 2008 at 8:40 AM, Imri Zvik <[EMAIL PROTECTED]>
> wrote:
>  
>  
> Let me get this straight - You claim you already know of a
> specific user that is abusing you over and over. You complain that this ISP
> is not willing to help. I'm offering to help you, and I'm in the position to
> do so.
> Yo

RE: Israeli ISP and Blacklisting

[Imri Zvik]

Why do you think any system was hacked?
 
It seems you do not understand how it works - they don't hack into any ISP 
managed system. They don't need to. They either:
 
1. phish the username and password.
2. get it from *your* computer using a trojan.
3. try and guess easy passwords/usernames.
4. actually *buy* an account, pretending to be your average Moshe from Hulon 
customer.
 
Spammers from abroad will mostly use methods 1 to 3.
 
 



From: sara fink [mailto:[EMAIL PROTECTED]
Date: Fri 25/07/2008 14:12
To: Imri Zvik
Cc: Arik Baratz; linux-il
Subject: Re: Israeli ISP and Blacklisting




On Fri, Jul 25, 2008 at 1:58 PM, Imri Zvik <[EMAIL PROTECTED]> wrote:


1. This is not a question, but a statement, and quite a stupid one if I 
may. Do you really expect a serious answer? How are those related?


Indeed it's a statement. If you didn't understand the sarcasm, too bad. 




2. Please clarify this question.


The question refers to how spamming works.

Hacking into the system-> privelege escalation-> spamming (and this is only one 
aspect after  the system was hacked).  DDos  is a much nicer effect from the 
hacker standpoint of view. 

How ISP deal with the fact that their systems were hacked?  









From: sara fink [mailto:[EMAIL PROTECTED]
Date:  Fri 25/07/2008 13:49
To: Imri Zvik
Cc: Arik Baratz; linux-il


Subject: Re: Israeli ISP and Blacklisting


Why ISP will spend time to block spammers, when they spend their time 
to block/shape/inspect p2p, voip and other protocols. After all this saves much 
more money.

I would like to ask a more general question. If spammers from abroad 
use Israeli  ISP, it means that their systems were already compromised. How ISP 
see such a thing?


On Fri, Jul 25, 2008 at 11:30 AM, Imri Zvik <[EMAIL PROTECTED]> wrote:


   I cannot discuss this further when you refuse to give ANY 
factual data. You publicy trash people (the abuse@ and all the other people 
behind that ISP) with quite a harsh words, and refuse to back it up with facts.
   You, yet again, dismiss my attempts to help you, saying it's 
won't help (???). It seems you don't really want to be helped, but just taking 
advantage of the free and cheap shot.

   I will be glad if you can also forward these complaints you say 
that have been ignored by the abuse@ - I'm also interested to know why they 
were ignored.
   If you have sensetive information you don't want posted on this 
list - you can always mail it to me off-list.

   I must emphasize this - almost 24 hours after the original 
flametory post, I still didn't get ANYTHING to work with.




   

   From: [EMAIL PROTECTED] בשם Arik Baratz


   Date: ו 25/07/2008 05:21
   To: linux-il


   Subject: Re: Israeli ISP and Blacklisting

    
    

   On Fri, Jul 25, 2008 at 8:40 AM, Imri Zvik <[EMAIL PROTECTED]> 
wrote:


  Let me get this straight - You claim you already know of 
a specific user that is abusing you over and over. You complain that this ISP 
is not willing to help. I'm offering to help you, and I'm in the position to do 
so.
  You refuse with the lame excuse I (or the company I work 
for) might sue you? COME ON. Sounds quite evasive to me. If you really care and 
want something to be done, you can use my help - If you want to continue with 
this trolling, please, stop wasting my time.




   This doesn't become you, Imri.

   I will send the LIST OF USERS that are spamming me to the abuse 
address. If hypothetically, you are the ISP discussed, you should be able to 
help me then.

   Just give me some time to write a python script to download my 
spam folders and sort through the headers to find them.

   Besides, what good does it do to me that you're going to close 
the users' account this one singular time? I'm talking about years of continued 
abuse by many of your users. It's not going to be a one-off, and if mail to 
abuse doesn't seem to help, this one-off isn't going to do much of a difference 
anyway.

   So if I automate my scripts to the level that I can trust them 
to run unattended, I might be able to make it run on a regular basis and send 
automated messages to abuse, complete with 

RE: Israeli ISP and Blacklisting

[Imri Zvik]

1. This is not a question, but a statement, and quite a stupid one if I may. Do 
you really expect a serious answer? How are those related?
 
2. Please clarify this question.
 
 
 



From: sara fink [mailto:[EMAIL PROTECTED]
Date:  Fri 25/07/2008 13:49
To: Imri Zvik
Cc: Arik Baratz; linux-il
Subject: Re: Israeli ISP and Blacklisting


Why ISP will spend time to block spammers, when they spend their time to 
block/shape/inspect p2p, voip and other protocols. After all this saves much 
more money. 

I would like to ask a more general question. If spammers from abroad use 
Israeli  ISP, it means that their systems were already compromised. How ISP see 
such a thing? 


On Fri, Jul 25, 2008 at 11:30 AM, Imri Zvik <[EMAIL PROTECTED]> wrote:


I cannot discuss this further when you refuse to give ANY factual data. 
You publicy trash people (the abuse@ and all the other people behind that ISP) 
with quite a harsh words, and refuse to back it up with facts.
You, yet again, dismiss my attempts to help you, saying it's won't help 
(???). It seems you don't really want to be helped, but just taking advantage 
of the free and cheap shot.

I will be glad if you can also forward these complaints you say that 
have been ignored by the abuse@ - I'm also interested to know why they were 
ignored.
If you have sensetive information you don't want posted on this list - 
you can always mail it to me off-list.

I must emphasize this - almost 24 hours after the original flametory 
post, I still didn't get ANYTHING to work with.






From: [EMAIL PROTECTED] בשם Arik Baratz


Date: ו 25/07/2008 05:21
To: linux-il


Subject: Re: Israeli ISP and Blacklisting




    On Fri, Jul 25, 2008 at 8:40 AM, Imri Zvik <[EMAIL PROTECTED]> wrote:


   Let me get this straight - You claim you already know of a 
specific user that is abusing you over and over. You complain that this ISP is 
not willing to help. I'm offering to help you, and I'm in the position to do so.
   You refuse with the lame excuse I (or the company I work for) 
might sue you? COME ON. Sounds quite evasive to me. If you really care and want 
something to be done, you can use my help - If you want to continue with this 
trolling, please, stop wasting my time.




This doesn't become you, Imri.

I will send the LIST OF USERS that are spamming me to the abuse 
address. If hypothetically, you are the ISP discussed, you should be able to 
help me then.

Just give me some time to write a python script to download my spam 
folders and sort through the headers to find them.

Besides, what good does it do to me that you're going to close the 
users' account this one singular time? I'm talking about years of continued 
abuse by many of your users. It's not going to be a one-off, and if mail to 
abuse doesn't seem to help, this one-off isn't going to do much of a difference 
anyway.

So if I automate my scripts to the level that I can trust them to run 
unattended, I might be able to make it run on a regular basis and send 
automated messages to abuse, complete with headers and PGP signed, and then 
create a graph showing exactly how effective the abuse complaints are (i.e. how 
many messages I got after the first complaint and for how long). It might be an 
interesting experiment. I have however just recently relocated and am still 
pretty busy in a new role, location, country and continent so it will take some 
time.

If it works out I might even do it for all Israeli ISPs and track it on 
a web page... Hmm...

-- Arik

RE: Israeli ISP and Blacklisting

[Imri Zvik]

I cannot discuss this further when you refuse to give ANY factual data. You 
publicy trash people (the abuse@ and all the other people behind that ISP) with 
quite a harsh words, and refuse to back it up with facts.
You, yet again, dismiss my attempts to help you, saying it's won't help (???). 
It seems you don't really want to be helped, but just taking advantage of the 
free and cheap shot.
 
I will be glad if you can also forward these complaints you say that have been 
ignored by the abuse@ - I'm also interested to know why they were ignored.
If you have sensetive information you don't want posted on this list - you can 
always mail it to me off-list.
 
I must emphasize this - almost 24 hours after the original flametory post, I 
still didn't get ANYTHING to work with.
 



From: [EMAIL PROTECTED] בשם Arik Baratz
Date: ו 25/07/2008 05:21
To: linux-il
Subject: Re: Israeli ISP and Blacklisting



On Fri, Jul 25, 2008 at 8:40 AM, Imri Zvik <[EMAIL PROTECTED]> wrote:


Let me get this straight - You claim you already know of a specific 
user that is abusing you over and over. You complain that this ISP is not 
willing to help. I'm offering to help you, and I'm in the position to do so.
You refuse with the lame excuse I (or the company I work for) might sue 
you? COME ON. Sounds quite evasive to me. If you really care and want something 
to be done, you can use my help - If you want to continue with this trolling, 
please, stop wasting my time.




This doesn't become you, Imri.

I will send the LIST OF USERS that are spamming me to the abuse address. If 
hypothetically, you are the ISP discussed, you should be able to help me then.

Just give me some time to write a python script to download my spam folders and 
sort through the headers to find them.

Besides, what good does it do to me that you're going to close the users' 
account this one singular time? I'm talking about years of continued abuse by 
many of your users. It's not going to be a one-off, and if mail to abuse 
doesn't seem to help, this one-off isn't going to do much of a difference 
anyway.

So if I automate my scripts to the level that I can trust them to run 
unattended, I might be able to make it run on a regular basis and send 
automated messages to abuse, complete with headers and PGP signed, and then 
create a graph showing exactly how effective the abuse complaints are (i.e. how 
many messages I got after the first complaint and for how long). It might be an 
interesting experiment. I have however just recently relocated and am still 
pretty busy in a new role, location, country and continent so it will take some 
time.

If it works out I might even do it for all Israeli ISPs and track it on a web 
page... Hmm...

-- Arik

RE: Israeli ISP and Blacklisting [summary and stop]

[Imri Zvik]

1. vauge and general, what can I do with with misconfigured systems around the 
globe? These system might not return a bounce for many other rejections/errors. 
How can you *ever* know?
 
2. So now *you* are deciding for other people (say, Oleg) what to do with their 
internet access? Who died and made you the queen? What if customer of ISP X 
still wants to use his email account at ISP Y? I can tell you for a fact there 
are more than one client who does that.
 
The fact *you* don't follow this use case doesn't mean other people aren't 
either.
uceprotect is an example for a *bad* way to fight spam. The way they want is 
just like taking the driving licences from everybody and make them ride the 
bus, just because some people are speeding.
 
It's not that other RBLs doesn't block - it's just that most of them are doing 
it in a much more sane and productive way.
 

 

 




From: Noam Rathaus [mailto:[EMAIL PROTECTED]
Date: ה 24/07/2008 18:21
To: Imri Zvik
Cc: linux-il
Subject: Re: Israeli ISP and Blacklisting [summary and stop]



Hi,

1) You are right, but not every plays by the rules, we recently had to prevent
ezmlm from sending bounces for unsubscribed people as it was being used for
spam, and getting us spam marked - so playing by the rules might be the right
thing, but it is not always the intelligent thing to do.

2) I heard you the 10th time, I told you don't block, I think in today's world
it is reasonable to block port 25, people either use:
a) web mail (Gmail, Yahoo, Walla, etc)
b) corporate mail via VPN
c) home mail (outlook express, etc) at home

None of this falls under the Internet cafe problem, and I know, as I drank
quite a few cafes in my life.

uceprotect is one example, if I had another one I would show it, sorry,
doesn't mean its not the right/wrong example.

On Thursday 24 July 2008 17:46:51 Imri Zvik wrote:
> 1. Usually it would block the sending system during the SMTP session - so
> if the mail system you are using is properly configured you should get ALL
> the bounces.
>
> 2. You ignored my repeated question - Do you think blocking port 25 all
> together (as they suggest) is a good idea? Keep in mind that if all ISPs
> where to implement that, and you are a Netvision customer, for example, and
> want to send email through 012 Smile mail system using your username and
> password at 012, It wouldn't be possible.
>
> If you are sitting at some coffee place that offers free wifi with ISP
> different than yours, and want to send an email using your ISP mail
> servers, you wouldn't be able to do that.
>
> If you have your own mail server and don't want to route your email through
> your ISP - you wouldn't be able to do that.
>
> This is the *only* way you can live up to uceprotect's expectations in the
> long run.
>
> I am *really* interested to know how many users in this list are pro this
> suggestion, and how many are against it.
>
>
>
>
> -Original Message-
> From: Noam Rathaus [mailto:[EMAIL PROTECTED]
> Sent: Thursday, July 24, 2008 5:13 PM
> To: Imri Zvik
> Cc: linux-il
> Subject: Re: Israeli ISP and Blacklisting [summary and stop]
>
> Hi,
>
> I am not completely blocked, but I don't want to be partially blocked
> either.
>
> At least two emails bounced (to two unique destinations) saying we were
> blacklisted, I cannot tell you how many were blocked and didn't bounce - it
> will take me days, if ever to know.
>
> I will solve your security problems, can't help you with your spam problems
> - not my expertise.
>
> Arik didn't disappear, maybe he has work to do beside answering emails here
> - I trust Arik to get back to you.
>
> On Thursday 24 July 2008 17:06:04 Imri Zvik wrote:
> > Again, you are putting it as if you are completely blocked and you cannot
> > send mails at all. Can you please tell me how many of your mails were
> > blocked due to this listing, and to how many unique destinations?
> >
> > Only one person (Arik) complained about actual problem, and when I asked
> > for information he disappeared.
> >
> > It seems you don't really want to solve anything, or suggest any feasible
> > solutions.
> >
> > I ask again - do you think blocking port 25 completely is a good idea?
> > Can you live with that? How many people in this list thinks it's a good
> > idea?
> >
> >
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus Sent:
> > Thursday, July 24, 2008 4:33 PM
> > To: linux-il
> > Subject: Re: Israeli ISP and Blacklisting [summary and stop]
> >
> > Hi,
> >
> > My last email 

RE: Israeli ISP and Blacklisting

[Imri Zvik]

Let me get this straight - You claim you already know of a specific user that 
is abusing you over and over. You complain that this ISP is not willing to 
help. I'm offering to help you, and I'm in the position to do so.
You refuse with the lame excuse I (or the company I work for) might sue you? 
COME ON. Sounds quite evasive to me. If you really care and want something to 
be done, you can use my help - If you want to continue with this trolling, 
please, stop wasting my time.
 
 
 



From: [EMAIL PROTECTED] בשם Arik Baratz
Date: ה 24/07/2008 18:09
To: Imri Zvik; linux-il
Subject: Re: Israeli ISP and Blacklisting




On Thu, Jul 24, 2008 at 11:22 PM, Imri Zvik <[EMAIL PROTECTED]> wrote:


I can only assume you are addressing me. 

Due to the latest trend of libel suits, I cannot confirm nor deny.
 

You are just flaming now. You have no idea what we are doing to stop or 
fight spam, and this public list is not the place to list those things.



For the particular ISP I was talking about, I know that the same authenticated 
user has sent me messages after several complaints, so I know for a fact that 
the same user keeps spamming. I'm only answering you here because I don't want 
to create the state of "שתיקה כהודאה" (silence as admittance, lit trans)
 


2.   If you have any repeating issues with spammers using our mail 
system, I would be GLAD to know about it. Please provide me with full headers.




I appreciate your suggestion. I will obviously not contact you because that 
would mean that you are the ISP I was talking about. I will however make an 
attempt to create a compendium of the headers from the last 30 days of spam 
that I have and send it to the abuse address of the offending ISP. It will take 
me some time as analyzing 1000s of spam messages means that I need to write 
code to do it, but I will get to it eventually.

-- Arik 

RE: Israeli ISP and Blacklisting

[Imri Zvik]

It means they have 208 IPs that sent at least *one* spam in the past 7 days 
from a range that includes 131070 hosts!
The way they are calculating it, it means it could be that they only got 208 
spam emails in the last 7 days, and that was enough to block the whole A class. 
I'm sorry, but this is not reasonable - It doesn't even leave room for the ISP 
to cooperate and deal with the spammer.

I need to understand - are you in favor of blocking port 25? How many people in 
this list thinks it's a good idea?


-Original Message-
From: Noam Rathaus [mailto:[EMAIL PROTECTED] 
Sent: Thursday, July 24, 2008 4:36 PM
To: Imri Zvik
Cc: shimi; linux-il
Subject: Re: Israeli ISP and Blacklisting

Just my two cents, I checked a few IP addresses that are listed under the AS 
of zahav.net.il, as well as the mail server of zahav.net.il

And it is very close to getting RBL blocked:

84.94.0.0/15 - ATTENTION Increased Listingrisk  - Level 1 listed spammers
within the last 7 days 208 -Escalation to Level 2
by Level 1 records 445

But ignore it, as this RBL (http://www.uceprotect.net/en/rblcheck.php) is 
nothing to worry about, as you mentioned - rarely used or trusted.

On Thursday 24 July 2008 16:30:50 Imri Zvik wrote:
> Shimi,
>
>
>
> I cannot speak on behalf of other ISPs, but if you have problems with the
> one I'm working at, please share the information with me, and I promise you
> I will get to the bottom of this.
>
>
>
> Bottom line, I can assure you that *WE* are doing *a lot* to deal with spam
> from our mail system/network. Again, as evidence we have good scores at big
> and widely used RBLs.
>
> I also know, from second hand, that the other ISPs are also putting a lot
> of efforts in order to deal with this issue.
>
> This all discussion started from *one* RBL which is notorious for its harsh
> treatment. No one provided any specific problem, and everybody jumped into
> the conclusion that if this RBL is blocking you, it means you are not doing
> anything to deal with spam. This conclusion is just wrong.
>
>
>
>
>
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of shimi
> Sent: Thursday, July 24, 2008 4:16 PM
> To: Imri Zvik
> Cc: Noam Rathaus; linux-il
> Subject: Re: Israeli ISP and Blacklisting
>
>
>
> Imri,
>
> On Thu, Jul 24, 2008 at 3:57 PM, Imri Zvik <[EMAIL PROTECTED]> wrote:
>
> How do you know abuse@ doesn't "really take care of users"? It seems like
> your whole response is generalizing and vague.
>
>
> I know because if after two weeks from their reply that they will "handle
> it" I see the same user doing the same thing again from the same ISP,
> then...
>
> What does an AUP worth if it is not enforced?
>
> The whole Israeli spam market is dominated by a VERY little amount of
> people, and there is a reason that they're still spamming. Given that there
> are like 3 ISPs in the country nowdays, they're not doing so because they
> jump from an ISP to ISP after each one is denying them service, rather then
> because they're paying customers, and denying them service means less
> income.
>
>
>
>   I don't see how the old QoS argument as anything to do with dealing with
> abuse. I must remind you that downloading copyrighted materiel is
> officially abuse too.
>
>
> It does for a very simple reason; ISPs care only about cashflow. Removing
> bad users from the possibility to get service leads for less profits.
> Paying more for bandwidth leads for less profits.
>
> Re. your comment about copyrighted material, I have three things to say:
>
> 1.I don't really understand how is that abuse; You're not attacking any
> system, and you're distrubing no-one (besides RIAA, BSA and others - but
> that's not abuse). 2. The ISPs want to play the police and court? Fine, I
> guess it's their right (and being a FOSS user, I couldn't care less...) -
> if the law permits them to observe traffic and sabotage it - I have no
> problem with that (what about BitTorrent to download the latest Linux
> release?) 3.  They DENY the fact that they're doing it! They claim that
> "there are no means to do that!". If you don't believe me, read official
> commentary from various spokesmen in Ynet articles regarding slow P2P in
> various ISPs.
>
> Finally, I was not even talking about P2P - that was YOUR assumption.
> They're [at least some of them] QoSing NON-HTTP traffic. Like CVS checkout
> from an Open Source project, or my connection to an IRC network (how else
> can you explain a 180ms ICMP but a 1 second IRC "ping" command roundtrip?).
> How is that an abuse or illegal?
>
> But that's really OT, so let's stop here. I was just giving another example
> for "we deserve this for not standing for our customer rights".
>
> -- Shimi


-- 
Noam Rathaus
CTO
[EMAIL PROTECTED]
http://www.beyondsecurity.com

"Know that you are safe."

Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007

RE: Israeli ISP and Blacklisting

[Imri Zvik]

You are again misreading what I wrote.
I never said we are not dealing with it, but that I don't think that
blocking people access all together is a good solution.
Again, you are clinging to *ONE* RBL, ignoring the *GOOD* scores at
other major RBLs.



Please don't distort my words.


-Original Message-
From: Noam Rathaus [mailto:[EMAIL PROTECTED] 
Sent: Thursday, July 24, 2008 4:43 PM
To: Imri Zvik
Cc: Omer Zak; linux-il
Subject: Re: Israeli ISP and Blacklisting

Imri,

Ok - don't block anything.

Continue as usual

I understand that this war was lost when I renewed my contract for
server 
hosting in Israel.

I should have seen this and moved them to somewhere better.

If that doesn't bring to light the issue - causes to to understand that
this 
needs to be resolved, I guess I didn't do my job correctly.

On Thursday 24 July 2008 16:37:50 Imri Zvik wrote:
> Noam,
>
> You do realize that what you mean is that the ISP will block port 25
all
> together - meaning, that all of you people running your own mail
server
> at home will be forced to use your ISP as a smarthost (either with
> manual configuration, or using traffic redirection at the ISP
routers).
>
> I'm sure you already forgot, but when the ISPs blocked the netbios
ports
> few years ago in order to stop worms outbreaks, a lot of people
> complained that the ISPs shouldn't block ports at all.
>
>
>
> -Original Message-
> From: Noam Rathaus [mailto:[EMAIL PROTECTED]
> Sent: Thursday, July 24, 2008 4:24 PM
> To: Imri Zvik
> Cc: Omer Zak; linux-il
> Subject: Re: Israeli ISP and Blacklisting
>
> Hi,
>
> This RBL, even if is a bit extremist, is something used by a few of
our
> customers's commercial spam filtering product.
>
> So this affects not just me, but others, but I am getting the feeling
> here
> that the messenger is getting shot, and we are giving a lean hand to
the
>
> ISPs, as it is too difficult to "protected themselves".
>
> But if you are happy with the level of service Israeli ISPs are
giving,
> enjoy,
> I think for one, customers should demand better.
>
> This debate brings me back to the day when Code Red was bringing down
> servers,
> and people complained that ISPs wouldn't block offending computers,
and
> the
> ISPs retaliated with freedom of speak and moving response - silly.
Same
> here,
> the ISP should prevent SPAM I don't care how, but they should, I am
> working
> with T-Mobile both in Europe and in United States, and you (as an end
> customer) send out mail directly unless it goes through their SMTP
> servers -
> if you have a VPN do whatever you want.
>
> BTW The company takes money in order to discourge people from nagging
> them to
> get removed.
>
> On Thursday 24 July 2008 15:45:03 Imri Zvik wrote:
> > Noam,
> > Again, and I will try to type it slowly so you can understand - You
>
> are
>
> > talking about *ONE* RBL, which is notorious for blocking whole AS,
and
> > refusing to work with it's abuse departments. You are clinging to
this
> > RBL listing as if being listed at this particular RBL means that we
>
> (as
>
> > in Israel or the ISP) are now completely cut-off from the world, or
>
> that
>
> > if you are listed in this RBL it means your ISP is doing nothing to
> > fight abuse.
> >
> > It's either you misunderstand how extreme this RBL is, and how fast
>
> and
>
> > for how little they block a whole AS, or you are just trying to
flame.
> >
> >
> >
> > -Original Message-
> > From: Noam Rathaus [mailto:[EMAIL PROTECTED]
> > Sent: Thursday, July 24, 2008 3:09 PM
> > To: Imri Zvik
> > Cc: Omer Zak; linux-il
> > Subject: Re: Israeli ISP and Blacklisting
> >
> > Hi,
> >
> > You are right, it is easy to get RBLed, and semi-easy to get out of
an
> > RBL,
> > but it doesn't help to email abuse@ or anything else, if your ISP is
> > marked
> > as bad.
> >
> > On Thursday 24 July 2008 14:31:48 Imri Zvik wrote:
> > > *Sigh* Don't you have anything better to do? I can report that
>
> Israeli
>
> > > ISPs get decent cooperation (well most of the times, and from most
> > > RBLs). No one is going to block Israel completely.
> > >
> > > If you have a specific email that was blocked, or a specific RBL
>
> (with
>
> > > reasonable demands) you want to be removed from, please email
abuse@
> > >
> > > -Original Message-
> > > From: [EMAIL PROTECTED]
> > > [mailto:[EMAIL PROTECTED] On Behalf Of Omer Zak
> > > Sent: Thursday, July 24, 2

RE: Israeli ISP and Blacklisting [summary and stop]

[Imri Zvik]

1. Usually it would block the sending system during the SMTP session - so if 
the mail system you are using is properly configured you should get ALL the 
bounces.

2. You ignored my repeated question - Do you think blocking port 25 all 
together (as they suggest) is a good idea? Keep in mind that if all ISPs where 
to implement that, and you are a Netvision customer, for example, and want to 
send email through 012 Smile mail system using your username and password at 
012, It wouldn't be possible.

If you are sitting at some coffee place that offers free wifi with ISP 
different than yours, and want to send an email using your ISP mail servers, 
you wouldn't be able to do that.

If you have your own mail server and don't want to route your email through 
your ISP - you wouldn't be able to do that.

This is the *only* way you can live up to uceprotect's expectations in the long 
run.

I am *really* interested to know how many users in this list are pro this 
suggestion, and how many are against it.

 


-Original Message-
From: Noam Rathaus [mailto:[EMAIL PROTECTED] 
Sent: Thursday, July 24, 2008 5:13 PM
To: Imri Zvik
Cc: linux-il
Subject: Re: Israeli ISP and Blacklisting [summary and stop]

Hi,

I am not completely blocked, but I don't want to be partially blocked either.

At least two emails bounced (to two unique destinations) saying we were 
blacklisted, I cannot tell you how many were blocked and didn't bounce - it 
will take me days, if ever to know.

I will solve your security problems, can't help you with your spam problems - 
not my expertise.

Arik didn't disappear, maybe he has work to do beside answering emails here - 
I trust Arik to get back to you.

On Thursday 24 July 2008 17:06:04 Imri Zvik wrote:
> Again, you are putting it as if you are completely blocked and you cannot
> send mails at all. Can you please tell me how many of your mails were
> blocked due to this listing, and to how many unique destinations?
>
> Only one person (Arik) complained about actual problem, and when I asked
> for information he disappeared.
>
> It seems you don't really want to solve anything, or suggest any feasible
> solutions.
>
> I ask again - do you think blocking port 25 completely is a good idea? Can
> you live with that? How many people in this list thinks it's a good idea?
>
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> On Behalf Of Noam Rathaus Sent: Thursday, July 24, 2008 4:33 PM
> To: linux-il
> Subject: Re: Israeli ISP and Blacklisting [summary and stop]
>
> Hi,
>
> My last email on the subject :)
>
> As it appears that some people are pro-ISP, some are con-ISP, and I don't
> care which is which
>
> All I wanted to see, whether this is a global issue, apparently it is, more
> than one is willing to talk about it, I believe others simply don't know
> they are blacklisted, others have yet to be affected by it, and others more
> don't know they are affected.
>
> And me as the person wanting to send emails in a non-spam and legal way is
> left with the only alternative to move out his servers from Israel -
> specifically the mail server - as Israeli ISPs are RBLed - YES YES just one
> RBL and he is a bad bad RBL - which asks too many things - but apparently
> some ISPs agree to doing it.
>
> On Thursday 24 July 2008 15:58:42 you wrote:
> > On Thu, Jul 24, 2008 at 10:11 PM, Noam Rathaus <[EMAIL PROTECTED]>
> > wrote:
> >
> > I am taking my "stuff" elsewhere, the ISP's responsibility is to provide
> >
> > > service, and it should be good service - meaning stopping others from
> > > abusing
> > > the network, which in turn is used against me - as I am blocked in an
> > > RBL.
> >
> > Let me suggest a radical idea.
> >
> > I think that it is a good thing that Israel will be blocked in as many
> > RBLs as possible.
> >
> > And here's why. For the people on this list, it's a big deal but not
> > critical. I put it to you that most companies will deal with it one way
> > or another, by tunneling their ways somehow. I can think of 10 ways right
> > now.
> >
> > The people who will suffer are the "regular users", those who use the ISP
> > mailbox (gaaa!) and have zero technical knowhow. There are a lot of them,
> > which means that they will make a lot of noise.
> >
> > The ISPs will then become a relatively unregulated industry that
> > apparently doesn't work properly without regulation. It also has a status
> > of a quasi-essential infrastructure. I sincerely hope that the regulator
> > will step up to the plate and regulate the ISPs and what they need to

RE: Israeli ISP and Blacklisting [summary and stop]

[Imri Zvik]

Again, you are putting it as if you are completely blocked and you cannot send 
mails at all. Can you please tell me how many of your mails were blocked due to 
this listing, and to how many unique destinations?

Only one person (Arik) complained about actual problem, and when I asked for 
information he disappeared.

It seems you don't really want to solve anything, or suggest any feasible 
solutions. 

I ask again - do you think blocking port 25 completely is a good idea? Can you 
live with that? How many people in this list thinks it's a good idea?


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus
Sent: Thursday, July 24, 2008 4:33 PM
To: linux-il
Subject: Re: Israeli ISP and Blacklisting [summary and stop]

Hi,

My last email on the subject :)

As it appears that some people are pro-ISP, some are con-ISP, and I don't care 
which is which

All I wanted to see, whether this is a global issue, apparently it is, more 
than one is willing to talk about it, I believe others simply don't know they 
are blacklisted, others have yet to be affected by it, and others more don't 
know they are affected.

And me as the person wanting to send emails in a non-spam and legal way is 
left with the only alternative to move out his servers from Israel - 
specifically the mail server - as Israeli ISPs are RBLed - YES YES just one 
RBL and he is a bad bad RBL - which asks too many things - but apparently 
some ISPs agree to doing it.


On Thursday 24 July 2008 15:58:42 you wrote:
> On Thu, Jul 24, 2008 at 10:11 PM, Noam Rathaus <[EMAIL PROTECTED]>
> wrote:
>
> I am taking my "stuff" elsewhere, the ISP's responsibility is to provide
>
> > service, and it should be good service - meaning stopping others from
> > abusing
> > the network, which in turn is used against me - as I am blocked in an
> > RBL.
>
> Let me suggest a radical idea.
>
> I think that it is a good thing that Israel will be blocked in as many RBLs
> as possible.
>
> And here's why. For the people on this list, it's a big deal but not
> critical. I put it to you that most companies will deal with it one way or
> another, by tunneling their ways somehow. I can think of 10 ways right now.
>
> The people who will suffer are the "regular users", those who use the ISP
> mailbox (gaaa!) and have zero technical knowhow. There are a lot of them,
> which means that they will make a lot of noise.
>
> The ISPs will then become a relatively unregulated industry that apparently
> doesn't work properly without regulation. It also has a status of a
> quasi-essential infrastructure. I sincerely hope that the regulator will
> step up to the plate and regulate the ISPs and what they need to do to
> spammers, in an effort to make the infrastructure usable again. Maybe our
> star will shine and we'll see some heavy-handed anti-spam law, especially
> if the ISPs respond to regulation by saying the burden is too high because
> spammers don't have an incentive to stop.
>
> So before you start flaming, consider this: Change only happen out of
> necessity. The stronger the necessity - the swifter the change. Lithium-ion
> batteries did not come to be before laptops and cellphones became a
> commodity. Hybrid cars didn't become a reality before gas prices went so
> high that people actually started buying them. And conversly, think of
> Israel's desalination plants - how they come to be whenever there's a year
> or two of draft, and then fall apart at the first sign of a rainy year.
>
> And since one of the participants in this discussion at least seems to work
> for an ISP, the same ISP from which I get most of my Hebrew spam, the same
> ISP from which spam contains the header of the ISP's own relay, and passes
> SPF checks, the same ISP which gets messages to the abuse alias from me
> every month and never responds (robots excluded) - I view your behaviour as
> aiding and abetting the spammers. I have proof that the addresses the
> spammers use could never have been gotten from me (heck my domain was
> dictionary-attacked by them), and I hope that you get blacklisted as much
> as possible. I also hope that your users leave you for this very reason and
> that you fail financially, so the spammers have to find a less hospitable
> environ. I wish this ruin on you because you are acting, in my personal
> opinion, in bad faith and in cohorts with the sort of people who I would
> like to see their activity as felonious. I hope that once the regulation
> comes you will continue with your bad behaviour as to become the first test
> case of disobeying the regulation and that you shall lose and become the
> precedent for any other such case. You know who you are.
>
> -- Arik


-- 
Noam Rathaus
CTO
[EMAIL PROTECTED]
http://www.beyondsecurity.com

"Know that you are safe."

Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007

=
To unsubscribe, send mail to [EM

RE: Israeli ISP and Blacklisting

[Imri Zvik]

Noam,

You do realize that what you mean is that the ISP will block port 25 all
together - meaning, that all of you people running your own mail server
at home will be forced to use your ISP as a smarthost (either with
manual configuration, or using traffic redirection at the ISP routers).

I'm sure you already forgot, but when the ISPs blocked the netbios ports
few years ago in order to stop worms outbreaks, a lot of people
complained that the ISPs shouldn't block ports at all.



-Original Message-
From: Noam Rathaus [mailto:[EMAIL PROTECTED] 
Sent: Thursday, July 24, 2008 4:24 PM
To: Imri Zvik
Cc: Omer Zak; linux-il
Subject: Re: Israeli ISP and Blacklisting

Hi,

This RBL, even if is a bit extremist, is something used by a few of our 
customers's commercial spam filtering product.

So this affects not just me, but others, but I am getting the feeling
here 
that the messenger is getting shot, and we are giving a lean hand to the

ISPs, as it is too difficult to "protected themselves".

But if you are happy with the level of service Israeli ISPs are giving,
enjoy, 
I think for one, customers should demand better.

This debate brings me back to the day when Code Red was bringing down
servers, 
and people complained that ISPs wouldn't block offending computers, and
the 
ISPs retaliated with freedom of speak and moving response - silly. Same
here, 
the ISP should prevent SPAM I don't care how, but they should, I am
working 
with T-Mobile both in Europe and in United States, and you (as an end 
customer) send out mail directly unless it goes through their SMTP
servers - 
if you have a VPN do whatever you want.

BTW The company takes money in order to discourge people from nagging
them to 
get removed.

On Thursday 24 July 2008 15:45:03 Imri Zvik wrote:
> Noam,
> Again, and I will try to type it slowly so you can understand - You
are
> talking about *ONE* RBL, which is notorious for blocking whole AS, and
> refusing to work with it's abuse departments. You are clinging to this
> RBL listing as if being listed at this particular RBL means that we
(as
> in Israel or the ISP) are now completely cut-off from the world, or
that
> if you are listed in this RBL it means your ISP is doing nothing to
> fight abuse.
>
> It's either you misunderstand how extreme this RBL is, and how fast
and
> for how little they block a whole AS, or you are just trying to flame.
>
>
>
> -Original Message-
> From: Noam Rathaus [mailto:[EMAIL PROTECTED]
> Sent: Thursday, July 24, 2008 3:09 PM
> To: Imri Zvik
> Cc: Omer Zak; linux-il
> Subject: Re: Israeli ISP and Blacklisting
>
> Hi,
>
> You are right, it is easy to get RBLed, and semi-easy to get out of an
> RBL,
> but it doesn't help to email abuse@ or anything else, if your ISP is
> marked
> as bad.
>
> On Thursday 24 July 2008 14:31:48 Imri Zvik wrote:
> > *Sigh* Don't you have anything better to do? I can report that
Israeli
> > ISPs get decent cooperation (well most of the times, and from most
> > RBLs). No one is going to block Israel completely.
> >
> > If you have a specific email that was blocked, or a specific RBL
(with
> > reasonable demands) you want to be removed from, please email abuse@
> >
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] On Behalf Of Omer Zak
> > Sent: Thursday, July 24, 2008 1:38 PM
> > To: linux-il
> > Subject: Re: Israeli ISP and Blacklisting
> >
> > I have E-mailed my ISP about this.
> >
> > You may want to add to your E-mail to your ISP also your concerns
that
> > since ALL Israeli ISPs are blacklisted, the entire country is in
>
> danger
>
> > of being backlisted as a country.
> >
> > While the real reason for such an action would be political, the
spam
> > handling situation is too convenient excuse to pass up.
> >
> > On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote:
> > > Hi,
> > >
> > > Has anyone here tried to get the Bezeq Internation, Barak or
>
> Netvision
>
> > to get
> >
> > > them off the blacklisting found here:
> > > http://www.uceprotect.net/en/rblcheck.php
> > >
> > > Apparently all the Israeli ISP are blacklisted here (any host you
>
> put
>
> > there in
> >
> > > their hosting range) - and all because they don't have a policy of
> >
> > cleaning
> >
> > > up their network from spammers.
> > >
> > > This means we are all losing emails we send because our ISPs are
>
> doing
>
> > a bad
> >
> > > job.


-- 
Noam Rathaus
CTO
[EMAIL PROTECTED]
http://www.beyondsecurity.com

"Know that you are safe."

Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Israeli ISP and Blacklisting

[Imri Zvik]

Noam,
Again, and I will try to type it slowly so you can understand - You are
talking about *ONE* RBL, which is notorious for blocking whole AS, and
refusing to work with it's abuse departments. You are clinging to this
RBL listing as if being listed at this particular RBL means that we (as
in Israel or the ISP) are now completely cut-off from the world, or that
if you are listed in this RBL it means your ISP is doing nothing to
fight abuse.

It's either you misunderstand how extreme this RBL is, and how fast and
for how little they block a whole AS, or you are just trying to flame.

 

-Original Message-
From: Noam Rathaus [mailto:[EMAIL PROTECTED] 
Sent: Thursday, July 24, 2008 3:09 PM
To: Imri Zvik
Cc: Omer Zak; linux-il
Subject: Re: Israeli ISP and Blacklisting

Hi,

You are right, it is easy to get RBLed, and semi-easy to get out of an
RBL, 
but it doesn't help to email abuse@ or anything else, if your ISP is
marked 
as bad.

On Thursday 24 July 2008 14:31:48 Imri Zvik wrote:
> *Sigh* Don't you have anything better to do? I can report that Israeli
> ISPs get decent cooperation (well most of the times, and from most
> RBLs). No one is going to block Israel completely.
>
> If you have a specific email that was blocked, or a specific RBL (with
> reasonable demands) you want to be removed from, please email abuse@
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Omer Zak
> Sent: Thursday, July 24, 2008 1:38 PM
> To: linux-il
> Subject: Re: Israeli ISP and Blacklisting
>
> I have E-mailed my ISP about this.
>
> You may want to add to your E-mail to your ISP also your concerns that
> since ALL Israeli ISPs are blacklisted, the entire country is in
danger
> of being backlisted as a country.
>
> While the real reason for such an action would be political, the spam
> handling situation is too convenient excuse to pass up.
>
> On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote:
> > Hi,
> >
> > Has anyone here tried to get the Bezeq Internation, Barak or
Netvision
>
> to get
>
> > them off the blacklisting found here:
> > http://www.uceprotect.net/en/rblcheck.php
> >
> > Apparently all the Israeli ISP are blacklisted here (any host you
put
>
> there in
>
> > their hosting range) - and all because they don't have a policy of
>
> cleaning
>
> > up their network from spammers.
> >
> > This means we are all losing emails we send because our ISPs are
doing
>
> a bad
>
> > job.


-- 
Noam Rathaus
CTO
[EMAIL PROTECTED]
http://www.beyondsecurity.com

"Know that you are safe."

Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Israeli ISP and Blacklisting

[Imri Zvik]

You misread it. If a dynamic and non-dynamic IP sits under the same AS number, 
they will both get blacklisted, no matter if the dynamic IP was "clearly 
marked" as dynamic and the static "clearly marked" as one.

They want the ISP to block port 25 all together from "dynamic IPs".


-Original Message-
From: Noam Rathaus [mailto:[EMAIL PROTECTED] 
Sent: Thursday, July 24, 2008 3:09 PM
To: Imri Zvik
Cc: shimi; linux-il
Subject: Re: Israeli ISP and Blacklisting

Hi,

Exactly you prove my point, you proved that none of the Israeli ISPs are doing 
anything to:
1) Clearly mark what is an DSL, modem, etc connection so they will all be 
listed as spammer by default
2) Clearly mark what are 'static'/'hosted' IP address so they will not fall 
under category 1
3) Clearly do a good job of reverse-PTR records - I had to fight with barak to 
get it for our server - they claimed it costs money to do, I said this is 
minimal service - in the end they gave it to me for free - wow
4) ISP should do the minimal effort of not allowing, proxy, open relay, 
vulnerable servers, infected computers from being in their HOSTED farm, not 
talking about dialup or DSL, or any other small business/home users.

On Thursday 24 July 2008 14:52:39 Imri Zvik wrote:
> You are *SO* wrong.
>
> It takes the following to get your whole AS blocked:
>
> "UCEPROTECT-Level 3 lists all IP's within an ASN if more than 100 IP's, but
> also a minimum of 0.2% of all IP's allocated to this ASN got Level 1 listed
> within the last 7 days."
>
> Now, to get listed in their Level 1 DB you need the following:
>
> " Level 1 exclusively lists IP addresses with either wrong or missing or
> generic reverse DNS (PTR record), or “dialup” connections [typically
> suggesting a home/other user with a dynamic connection], or computers with
> exploited / exploitable security holes (e.g. open proxies, open relays,
> vulnerable webservers, virus infected etc) or which are assigned to
> well-known spammers.
>
> When one of these conditions / criteria is met, and it only takes one
> spamtrap to be hit from such a system, the IP address will be automatically
> listed at UCEPROTECT BLacklist Level 1. "
>
> Please notice the last sentence.
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> On Behalf Of Noam Rathaus Sent: Thursday, July 24, 2008 2:32 PM
> To: shimi
> Cc: linux-il
> Subject: Re: Israeli ISP and Blacklisting
>
> Hi,
>
> I haven't dropped water into a boiling pan for nothing if you go here:
> http://www.uceprotect.net/en/rblcheck.php
>
> You will see that the IP (a hosted server):
> 192.117.232.213
>
> Is all ok, beside the last one, which is due to the fact that Bezeq Int is
> blacklisted, at first I thought it was just them, but I checked three other
> IP addresses we have, and the other ISPs are blacklisted as well
>
> As:
> 3845 of 1107456 (0.347 %) addresses they have are marked as spammers - not
> spam senders, but routinely sending spam, and ISP not blocking them after
> an abuse email is issued.
>
> On Thursday 24 July 2008 14:09:42 shimi wrote:
> > On Thu, Jul 24, 2008 at 12:57 PM, Noam Rathaus <[EMAIL PROTECTED]>
> >
> > wrote:
> > > Hi,
> > >
> > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision
> > > to get
> > > them off the blacklisting found here:
> > > http://www.uceprotect.net/en/rblcheck.php
> > >
> > > Apparently all the Israeli ISP are blacklisted here (any host you put
> > > there in
> > > their hosting range) - and all because they don't have a policy of
> > > cleaning up their network from spammers.
> > >
> > > This means we are all losing emails we send because our ISPs are doing
> > > a bad
> > > job.
> >
> > Hi Noam,
> >
> > Did you check the Israeli ISPs outgoing SMTP servers addresses and saw
> > that they're blacklisted?
> >
> > Or did you just use users dial-up/DSL/cable IP ranges in your test, which
> > SHOULD be blacklisted (why would a home user need to emit SMTP traffic on
> > his own instead of his ISP SMTP servers, where proper authentication and
> > thus logging and auditing can be taken care of?
> >
> > Most RBLs will list all non-ISP-managed block ranges for the above
> > reasons, regardless of their location on the globe...
> >
> > -- Shimi


-- 
Noam Rathaus
CTO
[EMAIL PROTECTED]
http://www.beyondsecurity.com

"Know that you are safe."

Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007

RE: Israeli ISP and Blacklisting

[Imri Zvik]

You are *SO* wrong.

It takes the following to get your whole AS blocked:

"UCEPROTECT-Level 3 lists all IP's within an ASN if more than 100 IP's, but 
also a minimum of 0.2% of all IP's allocated to this ASN got Level 1 listed 
within the last 7 days."

Now, to get listed in their Level 1 DB you need the following:

" Level 1 exclusively lists IP addresses with either wrong or missing or 
generic reverse DNS (PTR record), or “dialup” connections [typically suggesting 
a home/other user with a dynamic connection], or computers with exploited / 
exploitable security holes (e.g. open proxies, open relays, vulnerable 
webservers, virus infected etc) or which are assigned to well-known spammers. 

When one of these conditions / criteria is met, and it only takes one spamtrap 
to be hit from such a system, the IP address will be automatically listed at 
UCEPROTECT BLacklist Level 1. 
"

Please notice the last sentence.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus
Sent: Thursday, July 24, 2008 2:32 PM
To: shimi
Cc: linux-il
Subject: Re: Israeli ISP and Blacklisting

Hi,

I haven't dropped water into a boiling pan for nothing if you go here:
http://www.uceprotect.net/en/rblcheck.php

You will see that the IP (a hosted server):
192.117.232.213

Is all ok, beside the last one, which is due to the fact that Bezeq Int is 
blacklisted, at first I thought it was just them, but I checked three other 
IP addresses we have, and the other ISPs are blacklisted as well

As:
3845 of 1107456 (0.347 %) addresses they have are marked as spammers - not 
spam senders, but routinely sending spam, and ISP not blocking them after an 
abuse email is issued.

On Thursday 24 July 2008 14:09:42 shimi wrote:
> On Thu, Jul 24, 2008 at 12:57 PM, Noam Rathaus <[EMAIL PROTECTED]>
>
> wrote:
> > Hi,
> >
> > Has anyone here tried to get the Bezeq Internation, Barak or Netvision to
> > get
> > them off the blacklisting found here:
> > http://www.uceprotect.net/en/rblcheck.php
> >
> > Apparently all the Israeli ISP are blacklisted here (any host you put
> > there in
> > their hosting range) - and all because they don't have a policy of
> > cleaning up their network from spammers.
> >
> > This means we are all losing emails we send because our ISPs are doing a
> > bad
> > job.
>
> Hi Noam,
>
> Did you check the Israeli ISPs outgoing SMTP servers addresses and saw that
> they're blacklisted?
>
> Or did you just use users dial-up/DSL/cable IP ranges in your test, which
> SHOULD be blacklisted (why would a home user need to emit SMTP traffic on
> his own instead of his ISP SMTP servers, where proper authentication and
> thus logging and auditing can be taken care of?
>
> Most RBLs will list all non-ISP-managed block ranges for the above reasons,
> regardless of their location on the globe...
>
> -- Shimi


-- 
Noam Rathaus
CTO
[EMAIL PROTECTED]
http://www.beyondsecurity.com

"Know that you are safe."

Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Israeli ISP and Blacklisting

[Imri Zvik]

Noam,
They are blocking the *WHOLE* AS, not IP ranges. They blocked the whole
AS number I'm using because 0.596 % of the ips in that AS sent "spam".
Do you think that is that reasonable.
I've just googled for that RBL, and found out a lot of ranting
(including a recent thread in NANOG). Apparently, they are demanding
money if you want your AS to be removed...

Anyway, one RBL doesn't equal to "The whole country is blocked!". If you
have any specific problem, why don't you try your [EMAIL PROTECTED]



-Original Message-
From: Noam Rathaus [mailto:[EMAIL PROTECTED] 
Sent: Thursday, July 24, 2008 2:35 PM
To: Imri Zvik
Cc: linux-il
Subject: Re: Israeli ISP and Blacklisting

Sorry but I don't understand why you guys think I checked dynamic
ranges?

I checked hosting ranges, and these SHOULD BE CLEAN, no one in the
hosting 
farm should be sending out SPAM, it is against the policy of the hosting

company, it is clearly written in the agreement you sign when you come
in 
into their farm.

Same thing for illegal content, piracy, etc.

On Thursday 24 July 2008 14:24:02 Imri Zvik wrote:
> I'm sorry, but checking hosting/dynamic ranges is just misleading. It
is
> impossible to clean these ranges, and even though the ISPs try.
>
> I don't know this specific RBL, but I don't think it's a widely used
one
> - Anyway, they "punish" whole AS numbers which seems quite harsh.
> If you would _actually_ read what they are suggesting, you would have
> seen that it is impossible to implement in Israel (Can you imagine
what
> will happen if the ISP's will just block port 25 and *force* you to
use
> their own mail servers? I can just see the angry postbacks in ynet..).
>
> What you should be checking is the ranges that the ISP mail system
uses;
> If you will take Smile 012 for example, and check it's reputation in
> senderbase.org, you will see that most of the servers are listed as
> "GOOD", and some as "Neutral":
>
http://www.senderbase.org/senderbase_queries/detailip?search_string=84.9
> 5.2.0%2F24
>
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus
> Sent: Thursday, July 24, 2008 12:58 PM
> To: linux-il
> Subject: Israeli ISP and Blacklisting
>
> Hi,
>
> Has anyone here tried to get the Bezeq Internation, Barak or Netvision
> to get
> them off the blacklisting found here:
> http://www.uceprotect.net/en/rblcheck.php
>
> Apparently all the Israeli ISP are blacklisted here (any host you put
> there in
> their hosting range) - and all because they don't have a policy of
> cleaning
> up their network from spammers.
>
> This means we are all losing emails we send because our ISPs are doing
a
> bad
> job.


-- 
Noam Rathaus
CTO
[EMAIL PROTECTED]
http://www.beyondsecurity.com

"Know that you are safe."

Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Israeli ISP and Blacklisting

[Imri Zvik]

*Sigh* Don't you have anything better to do? I can report that Israeli
ISPs get decent cooperation (well most of the times, and from most
RBLs). No one is going to block Israel completely.

If you have a specific email that was blocked, or a specific RBL (with
reasonable demands) you want to be removed from, please email abuse@

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Omer Zak
Sent: Thursday, July 24, 2008 1:38 PM
To: linux-il
Subject: Re: Israeli ISP and Blacklisting

I have E-mailed my ISP about this.

You may want to add to your E-mail to your ISP also your concerns that
since ALL Israeli ISPs are blacklisted, the entire country is in danger
of being backlisted as a country.

While the real reason for such an action would be political, the spam
handling situation is too convenient excuse to pass up.


On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote:
> Hi,
> 
> Has anyone here tried to get the Bezeq Internation, Barak or Netvision
to get 
> them off the blacklisting found here:
> http://www.uceprotect.net/en/rblcheck.php
> 
> Apparently all the Israeli ISP are blacklisted here (any host you put
there in 
> their hosting range) - and all because they don't have a policy of
cleaning 
> up their network from spammers.
> 
> This means we are all losing emails we send because our ISPs are doing
a bad 
> job.

-- 
"Kosher" Cellphones (cellphones with blocked SMS, video and Internet)
are menace to the deaf.  They must be outlawed!
(See also:
http://www.zak.co.il/tddpirate/2006/04/21/the-grave-danger-to-the-deaf-f
rom-kosher-cellphones/)
My own blog is at http://www.zak.co.il/tddpirate/

My opinions, as expressed in this E-mail message, are mine alone.
They do not represent the official policy of any organization with which
I may be affiliated in any way.
WARNING TO SPAMMERS:  at http://www.zak.co.il/spamwarning.html


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Israeli ISP and Blacklisting

[Imri Zvik]

I'm sorry, but checking hosting/dynamic ranges is just misleading. It is
impossible to clean these ranges, and even though the ISPs try.

I don't know this specific RBL, but I don't think it's a widely used one
- Anyway, they "punish" whole AS numbers which seems quite harsh.
If you would _actually_ read what they are suggesting, you would have
seen that it is impossible to implement in Israel (Can you imagine what
will happen if the ISP's will just block port 25 and *force* you to use
their own mail servers? I can just see the angry postbacks in ynet..).

What you should be checking is the ranges that the ISP mail system uses;
If you will take Smile 012 for example, and check it's reputation in
senderbase.org, you will see that most of the servers are listed as
"GOOD", and some as "Neutral":
http://www.senderbase.org/senderbase_queries/detailip?search_string=84.9
5.2.0%2F24


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus
Sent: Thursday, July 24, 2008 12:58 PM
To: linux-il
Subject: Israeli ISP and Blacklisting

Hi,

Has anyone here tried to get the Bezeq Internation, Barak or Netvision
to get 
them off the blacklisting found here:
http://www.uceprotect.net/en/rblcheck.php

Apparently all the Israeli ISP are blacklisted here (any host you put
there in 
their hosting range) - and all because they don't have a policy of
cleaning 
up their network from spammers.

This means we are all losing emails we send because our ISPs are doing a
bad 
job.

-- 
Noam Rathaus
CTO
[EMAIL PROTECTED]
http://www.beyondsecurity.com

"Know that you are safe."

Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: installing CentOS/RHEL without CD using PXE?

[Imri Zvik]

We kickstart RHEL and CentOS servers using PXE all the time. 
Anything specific you want to know about the process (We pretty much do
what Oren described)?


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Oren Held
Sent: Friday, March 28, 2008 6:14 PM
To: Hetz Ben Hamo
Cc: ILUG
Subject: Re: installing CentOS/RHEL without CD using PXE?

CentOS/RHEL has the 'kickstart' over network mechanism for about a
decade :)

This is a big question, so in general:
1. The DVD contents should be available for reading on an NFS share.
2. TFTP server should supply PXE (see pxelinux), which would lead to the

correct kernel + initrd (also on the tftp), with kernel parameters "ks"
to 
point on your "ks.cfg".
3. DHCP would give the server its IP and the path to the TFTP PXE boot. 
("next-server" dhcp parameter).

I'm sure there's plenty of docs out there about ks..

On Friday, 28 March 2008 17:41:50 Hetz Ben Hamo wrote:
> Hi,
>
> I just got an thinkpad X31 without the ultrabase, which means - no
> CDROM/DVD. I don't have an external CDROM/DVD (I have 6 internal DVD
> drives on my other machines already).
>
> So I was wondering if someone knows a way to install CentOS/RHEL (or
> any other Linux distribution) without using any external DVD/CD drive,
> without disk-on-key (the ISO image itself is about 3.6 GB). Any ideas?
> anyone tried to install a distribution using the PXE boot?
>
> Also, does anyone knows any Linux program which can simulate a
> CDROM/DVD drive with a PXE?
>
> Thanks,
> Hetz



=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: [YBA] NIS vs LDAP

[Imri Zvik]

Extend your AD schema with SFU 
(http://www.microsoft.com/downloads/details.aspx?familyid=896C9688-601B-44F1-81A4-02878FF11778&displaylang=en).
Use kerborse for authentication and nss_ldap for user information.


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:linux-il-
> [EMAIL PROTECTED] On Behalf Of Ohad Levy
> Sent: Wednesday, December 26, 2007 3:22 AM
> To: ILUG
> Subject: Re: [YBA] NIS vs LDAP
> 
> Hi,
> 
> just my couple of cents:
> 
> AD and Linux authentication works quite well, that means for
> authentication only, you can use kerborse  to authenitcate users that
> you have on your AD.
> 
> however, its quite important to know, that user id mapping will be done
> via winbind (or maybe a mapping file), and as discussed, file
> permissions in unix like fs are defined by the user and group id.
> 
> so that could result in different machine having a different user ID
> for the same user (very bad).
> 
> you would still need to find a way to handle your autofs and other maps
> which do not exist on ad (as far as I'm aware).
> there is however a UNIX services for AD (which is somehow a NIS
> implementation) but I'm not really sure if its active and or working.
> 
> an alternative is to use openldap and AD (if ms environment is really
> important for you) and than to create the same user names in both
> environment, and sync the passwords (I'm not sure whats the tool name,
> but one exists - just google for it).
> of course this could be extended to delete the accounts when you remove
> them from ad etc (using scripts).
> 
> the last option - which is the best in my eyes for a small environment,
> would be to use openldap (with replica) and on top using samba for the
> windows users and native ldap for the rest.
> 
> if your environment is bigger, consider using the fedora/redhat
> directory server or sunone.
> 
> Ohad
> 
> 
> 
> On Dec 26, 2007 4:02 AM, Ariel Biener < [EMAIL PROTECTED]
>  > wrote:
> 
> 
>   On Tuesday, 25 בDecember 2007 21:54, Shachar Shemesh wrote:
>   > There is one thing that everyone in this discussion seem to
> have missed
>   > so far, and that is that AD *is* LDAP.
>   >
>   > Ariel Biener wrote:
>   > > Well, I wouldn't chose any of the above in the way it is
> described. I
>   > > believe that MS AD is the best tool to use for Windows
> environment, LDAP
>   > > is the best tool for a Linux environment
>   >
>   > Assuming that is the case (open to discussions), then open an
> AD server
>   > and use it as an LDAP server for the non-Windows machines.
> 
> 
>   Sorry, despite MSs claim that their directory server is an
> implementation of
>   LDAPv3, I find it often missing, non-standard and minimalist for
> such
>   a claim. Given the choice (and I was actually given this choice
> when I had
>   to chose which directory server to go for @TAU),  I left AD to do
> what it
>   is good at, that is, management and authentication in a windows
>   based environment, and I used a directory that is the most
> proven, oldest,
>   and most extensible in the industry. It's called eDirectory.
> Sun's directory
>   server is also an option. That are also others, which are not
> bad. MS is
>   definetly not there, they came in late and have quite some
> catching up
>   to do.
> 
> 
>   --Ariel
>--
>Ariel Biener
>e-mail: [EMAIL PROTECTED]
>PGP: http://www.tau.ac.il/~ariel/pgp.html
> 
> 
> 
>   To unsubscribe, send mail to [EMAIL PROTECTED]
>   with
>   the word "unsubscribe" in the message body, e.g., run the command
>   echo unsubscribe | mail [EMAIL PROTECTED]
> 
> 
> 

RE: Interrups statistic - "sar" vs. "mstat"

[Imri Zvik]

I'm guessing that without an interval (or if with interval - the first
output), it is an average since boot.


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Vitaly
> Sent: Wednesday, December 26, 2007 11:29 AM
> To: linux-il@cs.huji.ac.il
> Subject: Re: Interrups statistic - "sar" vs. "mstat"
> 
>  On Dec 26, 2007 10:04 AM, Vitaly Karasik <[EMAIL PROTECTED]> wrote:
> > Probaly it is trivial, but I don't understand why I see different
> statistics regarding interrups into "mstat" and "sar" output. There is
> 15997 against 92 !!!
> > Can someone explain it?
> >
> > [root]# sar -I SUM |head
> > Linux 2.4.21-47.ELsmp 12/25/2007
> >
> > 12:00:01 AM INTR intr/s
> > 12:10:01 AM sum 15997.32
> >
> > [ root]# mpstat
> > Linux 2.4.21-47.ELsmp 12/25/2007
> >
> > 11:14:07 AM CPU %user %nice %system %iowait %irq %soft %idle intr/s
> > 11:14:07 AM all 2.40 0.00 7.41 0.05 1.97 10.78 77.39 92.36
> >
> 
> The answer was simple - "mpstat" provides wrong interup statistics
> when called without "interval" parameter. I mean, "mpstat 1" is OK,
> but "mpstat" will tell you wrong numbers. I don't understand yet, if
> this a feature or a bug.
> 
> =
> To unsubscribe, send mail to [EMAIL PROTECTED] with
> the word "unsubscribe" in the message body, e.g., run the command
> echo unsubscribe | mail [EMAIL PROTECTED]

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: dns of 012

[Imri Zvik]

Hi,

For those of you who are customers of 012, and insist on setting their
DNS servers manually (which you shouldn't do), please update your
resolve.conf to include ns-pt-vip.012.net.il (80.179.52.100) as your
primary nameserver.



> -Original Message-
> From: sara fink [mailto:[EMAIL PROTECTED]
> Sent: Monday, December 03, 2007 9:41 AM
> To: Imri Zvik
> Cc: Ariel Biener; Leonid Podolny; linux-il List
> Subject: Re: dns of 012
> 
> I get other Ips from the router. With these ips I have lots of
> problems. That's why I tried to change the ips and see if there is an
> improvement.
> 
> These are the ips i get from the router
> nameserver 212.116.161.38
> nameserver 84.95.14.250
> 
> 
> I will try today to see if the router is faulty.
> 
> On Dec 3, 2007 8:37 AM, Imri Zvik <[EMAIL PROTECTED]> wrote:
> > You should use whatever NS that is given to you from the router
> you're
> > connecting to.
> >
> >
> >
> > > -Original Message-
> > > From: [EMAIL PROTECTED] [mailto:linux-il-
> > > [EMAIL PROTECTED] On Behalf Of sara fink
> > > Sent: Sunday, December 02, 2007 11:37 PM
> > > To: Ariel Biener
> > > Cc: Leonid Podolny; linux-il List
> > > Subject: Re: dns of 012
> > >
> > > I don't know. I try to check what is wrong. When I changed the ip
> it
> > > partially solved one problem, but the rsync still doesn't work.
> > >
> > >
> > >
> > > On Dec 2, 2007 5:50 PM, Ariel Biener <[EMAIL PROTECTED]> wrote:
> > > > On Sunday 02 December 2007 14:33, Leonid Podolny wrote:
> > > > > Name:   pdns.012.net.il
> > > > > Address: 212.117.129.3
> > > > >
> > > > > Name:   sdns.012.net.il
> > > > > Address: 212.117.128.6
> > > >
> > > > I think they have internal caching only servers for customers,
> > > > rather than having customers use the authoritative only NSs
> > > > for their domain. Are you sure that this is the sanctioned
config
> > > > from 012 ?
> > > >
> > > > --Ariel
> > > >
> > > > --
> > > >  --
> > > >  Ariel Biener
> > > >  e-mail: [EMAIL PROTECTED]
> > > >  PGP: http://www.tau.ac.il/~ariel/pgp.html
> > > >
> > >
> >
> > > =
> > > To unsubscribe, send mail to [EMAIL PROTECTED] with
> > > the word "unsubscribe" in the message body, e.g., run the command
> > > echo unsubscribe | mail [EMAIL PROTECTED]
> >

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: dns of 012

[Imri Zvik]

You should use whatever NS that is given to you from the router you're
connecting to.


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:linux-il-
> [EMAIL PROTECTED] On Behalf Of sara fink
> Sent: Sunday, December 02, 2007 11:37 PM
> To: Ariel Biener
> Cc: Leonid Podolny; linux-il List
> Subject: Re: dns of 012
> 
> I don't know. I try to check what is wrong. When I changed the ip it
> partially solved one problem, but the rsync still doesn't work.
> 
> 
> 
> On Dec 2, 2007 5:50 PM, Ariel Biener <[EMAIL PROTECTED]> wrote:
> > On Sunday 02 December 2007 14:33, Leonid Podolny wrote:
> > > Name:   pdns.012.net.il
> > > Address: 212.117.129.3
> > >
> > > Name:   sdns.012.net.il
> > > Address: 212.117.128.6
> >
> > I think they have internal caching only servers for customers,
> > rather than having customers use the authoritative only NSs
> > for their domain. Are you sure that this is the sanctioned config
> > from 012 ?
> >
> > --Ariel
> >
> > --
> >  --
> >  Ariel Biener
> >  e-mail: [EMAIL PROTECTED]
> >  PGP: http://www.tau.ac.il/~ariel/pgp.html
> >
> 
> =
> To unsubscribe, send mail to [EMAIL PROTECTED] with
> the word "unsubscribe" in the message body, e.g., run the command
> echo unsubscribe | mail [EMAIL PROTECTED]

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: MySQL Cluster for HA? What about PostgresQL PGCluster?

[Imri Zvik]

You get redundancy even with two nodes, BUT - You're missing the
point...

Re-read your original email, notice the line saying "a NDB cluster needs
at least three nodes.". Well, it doesn't *NEED* at least 3 nodes to
function - the *technical* minimum is 1 physical node. The *practical*
minimum is obviously 2.

 

 

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Yonah Russ
Sent: Tuesday, November 20, 2007 7:26 PM
To: Imri Zvik
Cc: linux-il@cs.huji.ac.il
Subject: Re: MySQL Cluster for HA? What about PostgresQL PGCluster?

 

I believe the original inquiry was regarding HA - Less than three nodes
does not have any HA benefits AFAIK.
yonah

On Nov 20, 2007 10:36 AM, Imri Zvik < [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]> > wrote:

Hi,

The MySQL cluster can run perfectly on one physical node. 

The 3 nodes you're referring to are at least 1 management node, and at
least 1 API ("mysqld") node, and at least 1 data/storage ("ndbd") node.
They can all reside on the same physical node. 

The main issue with NDB version 5.0 (from my point of view) is that it
must load all data into memory at runtime, so if your database is larger
than your amount of RAM, you better find some other solution, or split 
it to enough replicas (data nodes) so that each chunk would fit.
This problem is going to be solved with 5.1, but it is not even near
being production-ready (at least last time I've checked).



> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of 
> Yonah Russ
> Sent: Tuesday, November 20, 2007 6:53 AM
> To: Amos Shapira
> Cc: linux-il@cs.huji.ac.il
> Subject: Re: MySQL Cluster for HA? What about PostgresQL PGCluster? 
>
> Hi,
>
> AFAIK MySQL cluster requires using the NDB engine which is not 100%
> compatible with MYISAM, etc. The more recent a version you have the
> better off you will be but there was one point where autoincrement 
> wasn't even supported. Also from what I know, a NDB cluster needs at
> least three nodes.
>
> That doesn't mean you can't have an active-active database. If you
> application is ready for it, you can set up MySQL in a Master Master 
> configuration (aka multimaster). For your application to be compatible
> you basically need to use only autoincrement primary keys for all your
> tables but you should read the whole Megilah - here is a good article:

> http://www.onlamp.com/pub/a/onlamp/2006/04/20/advanced-mysql-
> replication.html
>
> Google has also released some code for multimaster configurations and 
> they have some docs also:
> http://code.google.com/p/mysql-master-master/
>
> Regarding Postgres- I can't recommend anything specific but I am 
> looking into pgpool and pgpool II for a new project.
>
> Hope that helps,
> Yonah
>
>
> On Nov 20, 2007 2:51 AM, Amos Shapira <[EMAIL PROTECTED] > wrote:
>
>
>   Hello,
>
>   We are looking at enhancing one of our servers, which runs
CentOS
> 5 on
>   amd64, for HA using Linux Virtual Servers (LVS). The server runs

> a web
>   site using MySQL 5.0.22 and of course we'll need to replicate
> that on
>   the second server as well.
>
>   Is MySQL Cluster the right solution for us?
>
>   At least for now, we think we can do with a master-slave
solution
>   (i.e. only one server serving while the other is in "hot
> standby"),
>   but if it's possible to take advantage of both servers at the 
> same
>   time and double our capacity then it would be very useful too.
>
>   I also have a small web service using PostgresQL (8.1.9, from
> CentOS
>   packages) on the same server which will also have to be 
> replicated.
>   What do people usually use to do this? Is PGCluster a practical
>   option?
>
>   Thanks,
>
>   --Amos
>
>
= 
>   To unsubscribe, send mail to [EMAIL PROTECTED]

> <mailto:[EMAIL PROTECTED] >  with

>   the word "unsubscribe" in the message body, e.g., run the
command
>   echo unsubscribe | mail [EMAIL PROTECTED]
>
>
>

 

RE: MySQL Cluster for HA? What about PostgresQL PGCluster?

[Imri Zvik]

Hi, 

You're very much correct about the nodes & HA - but that wasn't the
question - The question was if 3 nodes are a must - and the answer is no
- you can technically use 1 physical node. The fact it doesn't provide
any redundancy is not MySQL specific, but true to any cluster of any
kind :)

You are also correct about the indexes. As far as I can remember there
is a script that analyzes existing databases and reports the amount of
RAM needed to run MySQL cluster (it actually outputs the configuration
directives needed, but you can easily calculate the amounts from them).

Bottom line, the MySQL cluster COULD be sufficient for Amos's needs, but
further data must be gathered before a decision could be made.




> -Original Message-
> From: Cyril SCETBON [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, November 20, 2007 12:13 PM
> To: Imri Zvik
> Cc: Yonah Russ; linux-il@cs.huji.ac.il
> Subject: Re: MySQL Cluster for HA? What about PostgresQL PGCluster?
> 
> 
> 
> Imri Zvik wrote:
> > Hi,
> >
> > The MySQL cluster can run perfectly on one physical node.
> >
> > The 3 nodes you're referring to are at least 1 management node, and
> at
> > least 1 API ("mysqld") node, and at least 1 data/storage ("ndbd")
> node.
> > They can all reside on the same physical node.
> yeah, but you lose the high availability if the host crashes.
> >
> > The main issue with NDB version 5.0 (from my point of view) is that
> it
> > must load all data into memory at runtime, so if your database is
> larger
> > than your amount of RAM, you better find some other solution, or
> split
> > it to enough replicas (data nodes) so that each chunk would fit.
> > This problem is going to be solved with 5.1,
> just for the data blocks cause indexes are still in memory.
> but it is not even near
> > being production-ready (at least last time I've checked).
> yes, but the current version is an RC (release candidate) which
> announces a release in the next 2 months.
> >
> >
> >> -Original Message-
> >> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
> Of
> >> Yonah Russ
> >> Sent: Tuesday, November 20, 2007 6:53 AM
> >> To: Amos Shapira
> >> Cc: linux-il@cs.huji.ac.il
> >> Subject: Re: MySQL Cluster for HA? What about PostgresQL PGCluster?
> >>
> >> Hi,
> >>
> >> AFAIK MySQL cluster requires using the NDB engine which is not 100%
> >> compatible with MYISAM, etc. The more recent a version you have the
> >> better off you will be but there was one point where autoincrement
> >> wasn't even supported. Also from what I know, a NDB cluster needs
at
> >> least three nodes.
> >>
> >> That doesn't mean you can't have an active-active database. If you
> >> application is ready for it, you can set up MySQL in a Master
Master
> >> configuration (aka multimaster). For your application to be
> compatible
> >> you basically need to use only autoincrement primary keys for all
> your
> >> tables but you should read the whole Megilah - here is a good
> article:
> >> http://www.onlamp.com/pub/a/onlamp/2006/04/20/advanced-mysql-
> >> replication.html
> >>
> >> Google has also released some code for multimaster configurations
> and
> >> they have some docs also:
> >> http://code.google.com/p/mysql-master-master/
> >>
> >> Regarding Postgres- I can't recommend anything specific but I am
> >> looking into pgpool and pgpool II for a new project.
> >>
> >> Hope that helps,
> >> Yonah
> >>
> >>
> >> On Nov 20, 2007 2:51 AM, Amos Shapira <[EMAIL PROTECTED]>
> wrote:
> >>
> >>
> >>Hello,
> >>
> >>We are looking at enhancing one of our servers, which runs
> > CentOS
> >> 5 on
> >>amd64, for HA using Linux Virtual Servers (LVS). The server runs
> >> a web
> >>site using MySQL 5.0.22 and of course we'll need to replicate
> >> that on
> >>the second server as well.
> >>
> >>Is MySQL Cluster the right solution for us?
> >>
> >>At least for now, we think we can do with a master-slave
> > solution
> >>(i.e. only one server serving while the other is in "hot
> >> standby"),
> >>but if it's possible to take advantage of both servers at the
> >> same
> >>time and double our capacity then it would be very useful too.
> >>
> >>  

RE: MySQL Cluster for HA? What about PostgresQL PGCluster?

[Imri Zvik]

Hi,

The MySQL cluster can run perfectly on one physical node.

The 3 nodes you're referring to are at least 1 management node, and at
least 1 API ("mysqld") node, and at least 1 data/storage ("ndbd") node.
They can all reside on the same physical node.

The main issue with NDB version 5.0 (from my point of view) is that it
must load all data into memory at runtime, so if your database is larger
than your amount of RAM, you better find some other solution, or split
it to enough replicas (data nodes) so that each chunk would fit.
This problem is going to be solved with 5.1, but it is not even near
being production-ready (at least last time I've checked).


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Yonah Russ
> Sent: Tuesday, November 20, 2007 6:53 AM
> To: Amos Shapira
> Cc: linux-il@cs.huji.ac.il
> Subject: Re: MySQL Cluster for HA? What about PostgresQL PGCluster?
> 
> Hi,
> 
> AFAIK MySQL cluster requires using the NDB engine which is not 100%
> compatible with MYISAM, etc. The more recent a version you have the
> better off you will be but there was one point where autoincrement
> wasn't even supported. Also from what I know, a NDB cluster needs at
> least three nodes.
> 
> That doesn't mean you can't have an active-active database. If you
> application is ready for it, you can set up MySQL in a Master Master
> configuration (aka multimaster). For your application to be compatible
> you basically need to use only autoincrement primary keys for all your
> tables but you should read the whole Megilah - here is a good article:
> http://www.onlamp.com/pub/a/onlamp/2006/04/20/advanced-mysql-
> replication.html
> 
> Google has also released some code for multimaster configurations and
> they have some docs also:
> http://code.google.com/p/mysql-master-master/
> 
> Regarding Postgres- I can't recommend anything specific but I am
> looking into pgpool and pgpool II for a new project.
> 
> Hope that helps,
> Yonah
> 
> 
> On Nov 20, 2007 2:51 AM, Amos Shapira <[EMAIL PROTECTED]> wrote:
> 
> 
>   Hello,
> 
>   We are looking at enhancing one of our servers, which runs
CentOS
> 5 on
>   amd64, for HA using Linux Virtual Servers (LVS). The server runs
> a web
>   site using MySQL 5.0.22 and of course we'll need to replicate
> that on
>   the second server as well.
> 
>   Is MySQL Cluster the right solution for us?
> 
>   At least for now, we think we can do with a master-slave
solution
>   (i.e. only one server serving while the other is in "hot
> standby"),
>   but if it's possible to take advantage of both servers at the
> same
>   time and double our capacity then it would be very useful too.
> 
>   I also have a small web service using PostgresQL (8.1.9, from
> CentOS
>   packages) on the same server which will also have to be
> replicated.
>   What do people usually use to do this? Is PGCluster a practical
>   option?
> 
>   Thanks,
> 
>   --Amos
> 
>
=
>   To unsubscribe, send mail to [EMAIL PROTECTED]
>   with
>   the word "unsubscribe" in the message body, e.g., run the
command
>   echo unsubscribe | mail [EMAIL PROTECTED]
> 
> 
> 

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Linux firewall failover

[Imri Zvik \( Smile \)]

If you do not limit yourself to Linux, you can easily use PF
(pf+pfsync+CARP) to do the job.
http://www.openbsd.org/faq/pf/carp.html

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:linux-il-
> [EMAIL PROTECTED] On Behalf Of Amos Shapira
> Sent: Tuesday, May 01, 2007 5:39 AM
> To: Linux-IL
> Subject: Linux firewall failover
> 
> Hello,
> 
> I'm looking at an option to deploy a couple of Linux boxes as our main
> router for HA (after the power supply of our SonicWall fried itself on
> the night of a non-working day). This morning I though it would be
neat
> if the standby firewall node could replicate the connection tracking
> info from the primary node and a quick search shows that a couple of
> people have already beaten me to it - enter contrackd (
> http://people.netfilter.org/pablo/conntrackd/, announcement in
> http://lists.netfilter.org/pipermail/netfilter-devel/2006-
> May/024548.html ) and ctsyncd (blog in
> http://gnumonks.org/~laforge/weblog/linux/netfilter/ct_sync/, SVN in
> https://svn.netfilter.org/netfilter/trunk/netfilter-ha/ct_sync/
>  )
> 
> conntrackd came later but seems to be more active and feature complete
> than ctsyncd (e.g. using both firewall nodes at once to double the
> bandwidth), it's not packaged for Debian yet (it's in some ITP list
and
> debian already has "conntrack") and appears to be still in
experimental
> state.
> 
> Does anyone here have experience with anything like this?
> 
> Cheers,
> 
> --Amos
> 


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Configuring BIND - DNS server

[Imri Zvik \( Smile \)]

You can enjoy the benefits of Ariel's configuration tips, without running two 
instances of Bind.
Read on Bind's "views" feature (http://www.zytrax.com/books/dns/ch7/view.html).


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
> Uri Even-Chen
> Sent: Monday, March 12, 2007 7:37 PM
> To: Ariel Biener
> Cc: linux-il
> Subject: Re: Configuring BIND - DNS server
> 
> OK, I understand.  Thanks.  I'm not going to change the current
> configuration right away, but I took this issue into account.
> Currently it's technically too complicated and time consuming to run 2
> separate BIND servers on the same machine, and I only have one IP
> address.  But if there will be an issue of abuse or performance, I
> will consider changing the current configuration.
> 
> Uri.
> 
> On 3/11/07, Ariel Biener <[EMAIL PROTECTED]> wrote:
> > On Sunday 11 March 2007 12:13, Uri Even-Chen wrote:
> >
> > > Of course I want to learn, but I don't understand what's wrong with
> > > the current configuration.  And also, many technical people forget
> > > that hardware costs money.  2 servers would cost me double; 3
> servers
> > > would cost me 3 times etc.  I'm not Google, I don't have millions
> of
> > > servers.  If I can save money by putting everything on one single
> > > server, and if it works - then what's wrong with it?  I don't see
> any
> > > problem with solving domain names recursively while being open to
> > > queries from the entire world.
> >
> > And of course no one said that you need to buy more hardware, just
> > run two BIND servers on the same machine, each bound to its own
> > IP address...
> >
> > > Of course, if my service was abused and things were not working,
> > > that's a different issue.  But since it works, I don't see any
> reason
> > > to change the current configuration.  I don't agree with your
> opinion
> > > that my current configuration is wrong.
> >
> > How would you even know if your service is abused ?  Are you waiting
> > for it to be abused ?  What kind of technical (or management)
> decision
> > is this ?
> >
> > But since you think it's my opinion, let me quote a few other
> opinions:
> >
> >
> > http://www.zytrax.com/books/dns/ch4/
> > 
> > Note: Running any DNS server that does not require to support
> recursive
> > queries for external users (an Open DNS) is a bad idea. While it may
> look
> > like a friendly and neighbourly thing to do it carries with it a
> possible threat
> > from DoS attacks and an increased risk of cache poisoning. The
> various
> > configurations have been modified to reflect this.
> > 
> >
> > http://articles.techrepublic.com.com/5100-1035_11-5860968.html
> > http://www.sprintlink.net/faq/dns.html
> >
> > http://net.berkeley.edu/DNS/recursion-detail.shtml
> > 
> > It is possible to have both authoritative and caching functions
> running
> > on the same DNS server, and this was typical in the early days of the
> > DNS.  More recently it has become a best practice to separate these
> > functions, and IST did this a few years ago.  More information on our
> > DNS servers can be found here
> (http://net.berkeley.edu/DNS/campus.shtml)
> > 
> >
> > http://cr.yp.to/djbdns/separation.html
> > 
> > The importance of separating DNS caches from DNS servers
> >
> > DNS caches should always have separate IP addresses from DNS servers.
> > In other words, the IP addresses listed in /etc/resolv.conf should
> never match
> > any IP addresses listed in NS records.
> > This separation is widely recognized as the right way to run DNS. As
> stated in
> > the ``DNS and BIND'' book, third edition, ``Securing Your Name
> Server,'' page 255:
> >
> > Some of your name servers answer nonrecursive queries from other name
> servers
> > on the Internet, because your name servers appear in NS records
> delegating your
> > zones to them. ... You should make sure that these servers don't
> receive any
> > recursive queries (that is, you don't have any resolvers configured
> to use these
> > servers, and no name servers use them as forwarders).
> > 
> >
> > Now, I can go on and quote tens of other resources on proper DNS
> configuration,
> > however, I hope you get the picture.
> >
> > > If I wanted I could change the current configuration and use
> > > Netvision's name servers to resolve domain names, and my own name
> > > server only as an authoritative name server.  It wouldn't cost me
> more
> > > money.  But would my server perform better?  I'm not sure.  Doron
> > > Shikmoni told me not to use Netvision's servers, and I guess he is
> > > right.
> >
> > Doron is right, and you should not point your nameservers to use the
> NV
> > NSs, basically since every query will go over your link to them,
> which I
> > assume is not LAN.
> >
> > --Ariel
> >  --
> >  Ariel Biener
> >  e-mail: [EMAIL PROTECTED]
> >  PGP: http://www.tau.ac.il/~ariel/pgp.html
> >
> 
> =
> To unsub

RE: Freedom of speech online

[Imri Zvik]

I think we heard enough. As many people already mentioned before, this
is a technical list, rather than a political one. If someone was tapping
your emails, I'm sure you already managed to bore them off.

Can someone please forward this thread to the MOH?




-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Uri Even-Chen
Sent: Monday, September 11, 2006 2:02 PM
To: Nadav Har'El
Cc: linux-il
Subject: Re: Freedom of speech online

On 9/11/06, Nadav Har'El <[EMAIL PROTECTED]> wrote:
> Uri, the situation you're describing is possible technically, but
highly
> unlikely.

You think it's unlikely, because you don't expect secret agents to
read and/or block E-mail messages of ordinary people like me?  What
if, for example, there was someone (let's call him Osama) who is a
very dangerous terrorist.  Don't you think they will do it to him?
Read his E-mail, and maybe even censor it?  I think you should at
least consider the possibility that they can and will do it.  So the
question is not if they are capable of doing it (I think they are),
but if they are capable of doing it to me (as in Uri).

I think they are.  I think they also sent agents to speak to me, spy
on me and pretend they are ordinary people.  I think they listened to
my phone calls, and even disconnected some of my phone calls.  It's
difficult to prove, their agents never identify as such and they never
leave any concrete evidence.  I can't prove what I suspect, I just
think it looks very suspisious.

By the way, have you heard that the Bush administration is charging
people invovled in animal rights as terrorists?  For example, read
about SHAC activists
[http://www.pressaction.com/news/weblog/full_article/jones06152004/].
So maybe, after all, I am legally a terrorist?  And if so, it that
surprising that someone is reading my E-mail?

> What about a webmail like Gmail? I don't see how break into that,
seeing
> that login is done with SSL and that the servers lie in another
country
> and Google probably won't cooperate with the Israeli government.

Think again.  They cooperate with the Chinese government, and the
United States government is known as a pro-Israeli government.

[I'm writing you this message using Gmail].

> > If you think I deserve it, think again.  Today it's me, tomorrow it
> > can be you too!
>
> About that, see the famous poem in
>http://en.wikipedia.org/wiki/First_they_came...

Yes, I know.  I read it before.

Uri.

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Freedom of speech online

[Imri Zvik]

People do understand, and yet decide to block them. I believe the term
is "collateral damage" :)


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Geoffrey S.
Mendelson
Sent: Monday, September 11, 2006 1:35 PM
To: Shachar Shemesh
Cc: Nadav Har'El; linux-il
Subject: Re: Freedom of speech online

On Mon, Sep 11, 2006 at 01:12:53PM +0300, Shachar Shemesh wrote:
> About two years ago I failed to subscribe to unicode mailing lists on
> unicode.org, because their sysadmin decided that all emails from
> shemesh.biz should be blocked (yes, spammers did use this domains some
> year and a half prior to that).

Yesterday I tried to post an anonymous comment on a blog. The blog
rejected
it because my IP address was used for an open relay. The problem is
that I have a regular cable modem connection to Netvision. 

Yesterday's open relay, is today's web browser. Some people just don't
understand dynamic IP addresses.

Geoff. 


-- 
Geoffrey S. Mendelson, Jerusalem, Israel [EMAIL PROTECTED]  N3OWJ/4X1GM
IL Voice: (07)-7424-1667  Fax ONLY: 972-2-648-1443 U.S. Voice:
1-215-821-1838 
Visit my 'blog at http://geoffstechno.livejournal.com/

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

[Job Offer] Short-term outsourcing Job

[Imri Zvik]

Hi!

 

A
small company, based in Hertzelia, is looking for someone with deep acquaintance
with Sun's JES, for a short term (a week ~) outsourcing job.

 

Please
contact me off-list if you are interested.

 

 

Thanks!

RE: Judging job candidates by their MUAs (Was: [YBA] Job Opening)

[Imri Zvik]

I would be greatly relieved if we had peace with all of our enemies, and
if we would have found a good alternative to fossils fuel, but I guess
that is just me.

As I already told someone off-list - this discussion was not about which
mail client is better, nor about word processors. It was about the
attitude. Please re-read Ariel's email.


-Original Message-
From: Imri Zvik 
Sent: Thursday, May 18, 2006 10:54 AM
To: 'Shachar Shemesh'
Cc: Gil Freund; Ilya Konstantinov; linux-il@linux.org.il
Subject: RE: Judging job candidates by their MUAs (Was: [YBA] Job
Opening)

I know.


-Original Message-
From: Shachar Shemesh [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 18, 2006 10:19 AM
To: Imri Zvik
Cc: Gil Freund; Ilya Konstantinov; linux-il@linux.org.il
Subject: Re: Judging job candidates by their MUAs (Was: [YBA] Job
Opening)

Imri Zvik wrote:

>What open source solution do you suggest?
>
I don't know about open or not, but if you switch to a MUA that properly
supports threading, I would be greatly relieved. Your current MUA marks
your message as a reply to the root message that started the thread,
rather than the message you answer.

   Shachar

-- 
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Judging job candidates by their MUAs (Was: [YBA] Job Opening)

[Imri Zvik]

I know.


-Original Message-
From: Shachar Shemesh [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 18, 2006 10:19 AM
To: Imri Zvik
Cc: Gil Freund; Ilya Konstantinov; linux-il@linux.org.il
Subject: Re: Judging job candidates by their MUAs (Was: [YBA] Job
Opening)

Imri Zvik wrote:

>What open source solution do you suggest?
>
I don't know about open or not, but if you switch to a MUA that properly
supports threading, I would be greatly relieved. Your current MUA marks
your message as a reply to the root message that started the thread,
rather than the message you answer.

   Shachar

-- 
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: [YBA] Job Opening

[Imri Zvik]

Thank you, Ariel. I could not explain my point better.


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ariel Biener
Sent: Wednesday, May 17, 2006 6:19 PM
To: Ori Idan
Cc: Imri Zvik; linux-il@linux.org.il
Subject: Re: [YBA] Job Opening

On Wednesday 17 May 2006 16:13, Ori Idan wrote:
> Free word viewer? yes, free as in free beer.
> YBA is talking about free software in the sense of free speach.
> He wants a person to understand the meaning of free software and
sending
> in a free format is one way of showing it.

It is a very narrow minded view to try to guess at one's character,
interests
and tendencies by judging the headers of the mail he sent, or the format
of the document he used. There could be a plethora of reasons why the
person used this or that mail client, OS or format (for example, being
abroad,
or at an Internet Cafe or at his parents house), which has nothing to do
with
his abilities, interests and orientation. It is not in the job
description to control
the location of where the mail is being sent from (and it is absurd).

In short, YBA would rather dimiss a person based on a bad premise, than
being
open minded and judge the person by knowledge, abilities and resume.
That
is his privilege of course, but, you already understand what I think of
it.

Pluralism is a good thing, it widens horizons and by opening up to
people you
gain more than you lose. But then again, you can decide to require of
them
to be of your "religion", so even if they are FOSS developers for years,
or have
contributed alot to FOSS, but like to use hotmail, or god forbid, had to
use
Outlook Express for some reason, they're out.

> As for Microsoft or Bill gates, we all understand that they are not
the
> root of all evil.
> We are not against Microsoft, we are against the idea that someone
will
> have control over the software we use or over the format we use to
> distribute our documents.

Thank you, you just proved Imri's point.

> No one here is beconnimg religous.
> Protecting my own (and others) freedom is not a religous war.

Of course it is, when you force others to use or not use something. You
then
become as bad as the ones you try to escape from. If you want to fight
that
war (not that it needs fighting), be plural and tolerant, which is
exactly what FOSS
is about.


--Ariel 
 --
 Ariel Biener
 e-mail: [EMAIL PROTECTED]
 PGP: http://www.tau.ac.il/~ariel/pgp.html

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Judging job candidates by their MUAs (Was: [YBA] Job Opening)

[Imri Zvik]

What open source solution do you suggest? One that supplies both a
client and a server (and no, web based solution will not do.), with good
integration between them, full hebrew support, and easy enough to be
operated by any non-technical representative/clerk?

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gil Freund
Sent: Wednesday, May 17, 2006 4:29 PM
To: Imri Zvik
Cc: Ilya Konstantinov; linux-il@linux.org.il
Subject: Re: Judging job candidates by their MUAs (Was: [YBA] Job
Opening)

On 5/17/06, Imri Zvik <[EMAIL PROTECTED]> wrote:
> And you can tell that from looking at the free email service I use? or
> from the mail client I use? This email is written with Outlook because
> the company I work for use Exchange as the internal mail server (let
us
> be honest, no open source groupware solutions out there are mature
> enough.) - does that alone make me less knowledgeable or "involved"?

The last statement will not be helpful for your future job hunting not
because it goes against the common view but rather because it is
factually wrong.

The correct statement is "no open source groupware solutions out there
are compatible enough for MS-Outlook in a Windows only environment"

>
> COME ON.
>
>
>
>
> -Original Message-
> From: Ilya Konstantinov [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, May 17, 2006 3:56 PM
> To: Imri Zvik
> Cc: linux-il@linux.org.il
> Subject: Re: Judging job candidates by their MUAs (Was: [YBA] Job
> Opening)
>
> Imri, I disagree. Though you can still think of Jonathan's "filter" as
a
>
> personal bias, it's a very useful stat nonetheless, if your company is
> looking for a few exceptional people who a) *get* free software (use
> free software not only as a job obligation, and get updated about
what's
>
> going in that world outside their work hours), and b) will like
working
> in your environment.
>
> There are other parameters for a candidate, such as problem-solving
> skills, and perhaps jobs where most problem-solving is done from
scratch
>
> rather than using knowledge-base heads will be better off ignoring the
> candidates' extracurricular activities and instead testing them for
> problem-solving during the interview.
>
> Things you can deduce through those outside clues are often things you
> won't ask during an interview, and yet they help you form a better
image
>
> of the candidate. (On the other hand, Joel Spolsky's Guerrilla Guide
to
> Interviewing[1] recommends the opposite: Don't get any detail about a
> candidate that might bias your first impression.)
>
> [1] http://www.joelonsoftware.com/articles/fog73.html
>
>
> Imri Zvik wrote:
>
> > HEH, you are going over the _headers_ and judge people
qualifications
> by
> > the free email service they used, or the mail client they used, and
> you
> > claim that is *NOT* militarism/fanaticism??
> >
> > Again, it's your company, and your call, but it is fanaticism.
> >
> >
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] On Behalf Of Jonathan Ben
> Avraham
> > Sent: Wednesday, May 17, 2006 2:26 PM
> > To: ILUG
> > Subject: Re: [YBA] Job Opening
> >
> > Hi Friends,
> > Indeed, besides being more convenient for me personally, the non-MS
> > format
> > resume is the first indication of the personal FOSS orientation that
> we
> > are looking for. BTW, I also look at the headers of the emails that
> > candidates send to see what mailers they are using. Anyone sending
> from
> > mutt or pine or even thunderbird passes. There are other class
markers
> > as
> > well, such as PGP, GPGP or S/MIME fingerprints, and sending domain.
> > Anyone
> > sending us a resume in .doc from hotmail.com is unlikely to get an
> > interview. It's not militarism, it's our market.
> >
> >   - yba
> >
> >
> > On Wed, 17 May 2006, Oleg Goldshmidt wrote:
> >
> >
> >> Date: Wed, 17 May 2006 14:03:25 +0300
> >> From: Oleg Goldshmidt <[EMAIL PROTECTED]>
> >> Reply-To: linux-il@linux.org.il
> >> To: marc <[EMAIL PROTECTED]>
> >> Cc: Imri Zvik <[EMAIL PROTECTED]>, Oron Peled
> <[EMAIL PROTECTED]>,
> >> Jonathan Ben Avraham <[EMAIL PROTECTED]>, ILUG
> >>
> > 
> >
> >> Subject: Re: [YBA] Job Opening
> >>
> >> marc <[EMAIL PROTECTED]> writes:
> >>
> >>
> >>> I say, Imri - you off the hip is as militaristic as his preference
> >>> to a given set of formats. A

RE: Judging job candidates by their MUAs (Was: [YBA] Job Opening)

[Imri Zvik]

How? Because I do not assume every open-source solution is automatically
superior to its propriety alternative? Or maybe because I think the FOSS
is behind Microsoft when it comes to groupware?


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Aviram Jenik
Sent: Wednesday, May 17, 2006 4:40 PM
To: linux-il@linux.org.il
Subject: Re: Judging job candidates by their MUAs (Was: [YBA] Job
Opening)

On Wednesday 17 May 2006 16:17, Imri Zvik wrote:
> And you can tell that from [...] the mail client I use? 
> [...]
> (let us 
> be honest, no open source groupware solutions out there are mature
> enough.) 

I think you've just proved YBA's point.

- Aviram

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: [YBA] Job Opening

[Imri Zvik]

Ori,
Let us not open a discussion about GPL and if it is free or not.
And I disagree, it doesn't have anything to do with "understanding" free
software.
It is just a freaking document, and being a zealot does not help your
cause, only alienate people from it. Such attitude is dealing with the
unimportant, and nothing else. And like I have already mentioned before,
I was generally referring to the common attitude in the "FOSS" world,
and not only to that specific request. I like people who can think
outside the box, and match the right application to the need (the
opposite being a zealot).

I regret opening this thread, as this is useless.


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ori Idan
Sent: Wednesday, May 17, 2006 4:13 PM
To: Imri Zvik
Cc: linux-il@linux.org.il
Subject: Re: [YBA] Job Opening

Free word viewer? yes, free as in free beer.
YBA is talking about free software in the sense of free speach.
He wants a person to understand the meaning of free software and sending
in a free format is one way of showing it.

As for Microsoft or Bill gates, we all understand that they are not the
root of all evil.
We are not against Microsoft, we are against the idea that someone will
have control over the software we use or over the format we use to
distribute our documents.
If it was another company it would be the same.

No one here is beconnimg religous.
Protecting my own (and others) freedom is not a religous war.

-- 
Ori Idan

Imri Zvik wrote:
> Just to clarify - I was referring to Oron's comment more than anything
> else, and it's the attitude that annoys me, not the request it self. I
> see that a lot with Free Software supporters - it becomes a
'religious'
> thing, i.e. they act like zealots.
> Microsoft is not the root of all that is evil, Bill Gates is not
Satan,
> and you can download a free Word viewer from their site.
>
> Get things into proportion.
>
> (But, I agree that in the bottom line, anyone who offers a job can ask
> candidates to send CV's in any format he wishes)
>
>
> Have a great day!
>
>
> -Original Message-
> From: Oleg Goldshmidt [mailto:[EMAIL PROTECTED] 
> Sent: Wednesday, May 17, 2006 2:03 PM
> To: marc
> Cc: Imri Zvik; Oron Peled; Jonathan Ben Avraham; ILUG
> Subject: Re: [YBA] Job Opening
>
> marc <[EMAIL PROTECTED]> writes:
>
>   
>> I say, Imri - you off the hip is as militaristic as his preference
>> to a given set of formats. And you know - since he is the one
>> offering a job (unlike yourself, who is only kibitzing) - he can be
>> the one calling the shots on formats.
>> 
>
> Let alone the possible consideration that testing the ability of a
> candidate to convert one's CV to PDF (or another portable format), or,
> indeed, *write* one's CV in a way that produces a portable result may
> be a useful first-line filtering technique.
>
>   



=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Judging job candidates by their MUAs (Was: [YBA] Job Opening)

[Imri Zvik]

And you can tell that from looking at the free email service I use? or
from the mail client I use? This email is written with Outlook because
the company I work for use Exchange as the internal mail server (let us
be honest, no open source groupware solutions out there are mature
enough.) - does that alone make me less knowledgeable or "involved"?

COME ON.




-Original Message-
From: Ilya Konstantinov [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 17, 2006 3:56 PM
To: Imri Zvik
Cc: linux-il@linux.org.il
Subject: Re: Judging job candidates by their MUAs (Was: [YBA] Job
Opening)

Imri, I disagree. Though you can still think of Jonathan's "filter" as a

personal bias, it's a very useful stat nonetheless, if your company is 
looking for a few exceptional people who a) *get* free software (use 
free software not only as a job obligation, and get updated about what's

going in that world outside their work hours), and b) will like working 
in your environment.

There are other parameters for a candidate, such as problem-solving 
skills, and perhaps jobs where most problem-solving is done from scratch

rather than using knowledge-base heads will be better off ignoring the 
candidates' extracurricular activities and instead testing them for 
problem-solving during the interview.

Things you can deduce through those outside clues are often things you 
won't ask during an interview, and yet they help you form a better image

of the candidate. (On the other hand, Joel Spolsky's Guerrilla Guide to 
Interviewing[1] recommends the opposite: Don't get any detail about a 
candidate that might bias your first impression.)

[1] http://www.joelonsoftware.com/articles/fog73.html


Imri Zvik wrote:

> HEH, you are going over the _headers_ and judge people qualifications
by
> the free email service they used, or the mail client they used, and
you
> claim that is *NOT* militarism/fanaticism??
>
> Again, it's your company, and your call, but it is fanaticism.
>
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Jonathan Ben
Avraham
> Sent: Wednesday, May 17, 2006 2:26 PM
> To: ILUG
> Subject: Re: [YBA] Job Opening
>
> Hi Friends,
> Indeed, besides being more convenient for me personally, the non-MS
> format 
> resume is the first indication of the personal FOSS orientation that
we 
> are looking for. BTW, I also look at the headers of the emails that 
> candidates send to see what mailers they are using. Anyone sending
from 
> mutt or pine or even thunderbird passes. There are other class markers
> as 
> well, such as PGP, GPGP or S/MIME fingerprints, and sending domain.
> Anyone 
> sending us a resume in .doc from hotmail.com is unlikely to get an 
> interview. It's not militarism, it's our market.
>
>   - yba
>
>
> On Wed, 17 May 2006, Oleg Goldshmidt wrote:
>
>   
>> Date: Wed, 17 May 2006 14:03:25 +0300
>> From: Oleg Goldshmidt <[EMAIL PROTECTED]>
>> Reply-To: linux-il@linux.org.il
>> To: marc <[EMAIL PROTECTED]>
>> Cc: Imri Zvik <[EMAIL PROTECTED]>, Oron Peled
<[EMAIL PROTECTED]>,
>> Jonathan Ben Avraham <[EMAIL PROTECTED]>, ILUG
>> 
> 
>   
>> Subject: Re: [YBA] Job Opening
>>
>> marc <[EMAIL PROTECTED]> writes:
>>
>> 
>>> I say, Imri - you off the hip is as militaristic as his preference
>>> to a given set of formats. And you know - since he is the one
>>> offering a job (unlike yourself, who is only kibitzing) - he can be
>>> the one calling the shots on formats.
>>>   
>> Let alone the possible consideration that testing the ability of a
>> candidate to convert one's CV to PDF (or another portable format),
or,
>> indeed, *write* one's CV in a way that produces a portable result may
>> be a useful first-line filtering technique.
>>
>>
>> 
>
>   


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: [YBA] Job Opening

[Imri Zvik]

HEH, you are going over the _headers_ and judge people qualifications by
the free email service they used, or the mail client they used, and you
claim that is *NOT* militarism/fanaticism??

Again, it's your company, and your call, but it is fanaticism.


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jonathan Ben Avraham
Sent: Wednesday, May 17, 2006 2:26 PM
To: ILUG
Subject: Re: [YBA] Job Opening

Hi Friends,
Indeed, besides being more convenient for me personally, the non-MS
format 
resume is the first indication of the personal FOSS orientation that we 
are looking for. BTW, I also look at the headers of the emails that 
candidates send to see what mailers they are using. Anyone sending from 
mutt or pine or even thunderbird passes. There are other class markers
as 
well, such as PGP, GPGP or S/MIME fingerprints, and sending domain.
Anyone 
sending us a resume in .doc from hotmail.com is unlikely to get an 
interview. It's not militarism, it's our market.

  - yba


On Wed, 17 May 2006, Oleg Goldshmidt wrote:

> Date: Wed, 17 May 2006 14:03:25 +0300
> From: Oleg Goldshmidt <[EMAIL PROTECTED]>
> Reply-To: linux-il@linux.org.il
> To: marc <[EMAIL PROTECTED]>
> Cc: Imri Zvik <[EMAIL PROTECTED]>, Oron Peled <[EMAIL PROTECTED]>,
> Jonathan Ben Avraham <[EMAIL PROTECTED]>, ILUG

> Subject: Re: [YBA] Job Opening
> 
> marc <[EMAIL PROTECTED]> writes:
>
>> I say, Imri - you off the hip is as militaristic as his preference
>> to a given set of formats. And you know - since he is the one
>> offering a job (unlike yourself, who is only kibitzing) - he can be
>> the one calling the shots on formats.
>
> Let alone the possible consideration that testing the ability of a
> candidate to convert one's CV to PDF (or another portable format), or,
> indeed, *write* one's CV in a way that produces a portable result may
> be a useful first-line filtering technique.
>
>

-- 
  EE 77 7F 30 4A 64 2E C5  83 5F E7 49 A6 82 29 BA~. .~   Tk Open
Systems
=}ooO--U--Ooo---
-{=
  - [EMAIL PROTECTED] - tel: +972.2.679.5364, http://www.tkos.co.il -

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: [YBA] Job Opening

[Imri Zvik]

Just to clarify - I was referring to Oron's comment more than anything
else, and it's the attitude that annoys me, not the request it self. I
see that a lot with Free Software supporters - it becomes a 'religious'
thing, i.e. they act like zealots.
Microsoft is not the root of all that is evil, Bill Gates is not Satan,
and you can download a free Word viewer from their site.

Get things into proportion.

(But, I agree that in the bottom line, anyone who offers a job can ask
candidates to send CV's in any format he wishes)


Have a great day!


-Original Message-
From: Oleg Goldshmidt [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 17, 2006 2:03 PM
To: marc
Cc: Imri Zvik; Oron Peled; Jonathan Ben Avraham; ILUG
Subject: Re: [YBA] Job Opening

marc <[EMAIL PROTECTED]> writes:

> I say, Imri - you off the hip is as militaristic as his preference
> to a given set of formats. And you know - since he is the one
> offering a job (unlike yourself, who is only kibitzing) - he can be
> the one calling the shots on formats.

Let alone the possible consideration that testing the ability of a
candidate to convert one's CV to PDF (or another portable format), or,
indeed, *write* one's CV in a way that produces a portable result may
be a useful first-line filtering technique.

-- 
Oleg Goldshmidt | [EMAIL PROTECTED] | http://www.goldshmidt.org

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: [YBA] Job Opening

[Imri Zvik]

This "militarism" is not even amusing anymore.
As far as I know, OpenOffice can read .doc.
Grow up.


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Oron Peled
Sent: Monday, May 15, 2006 11:58 PM
To: Jonathan Ben Avraham
Cc: ILUG
Subject: Re: [YBA] Job Opening

On Monday, 15 בMay 2006 13:33, Jonathan Ben Avraham wrote:
> Please do not send resumes in proprietary file formats.

Also: Resumes in MS-Word format would be automatically forwarded
  to MS HR department ;-)

Way to go YBA -- A good example for future employee seekers.

-- 
Oron Peled Voice/Fax: +972-4-8228492
[EMAIL PROTECTED]  http://www.actcom.co.il/~oron
ICQ UIN: 16527398

Mary had a little lambda,
Its syntax white as snow,
And every program Mary wrote,
She wrote in Lisp, you know.
  -- Karl Pflästerer

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Domestic VoIP service of BezeqInt

[Imri Zvik]

Bezeqint is just reselling deltathree service. 
They use sip for communication and any free sip client will suffice.
However, Don't expect them to support you if you don't use their client.


--
Imri Zvik
PGP (2.6.3ia) Public Key: http://mariska.inter.net.il/~imriz/imriz.pgp
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ilya Konstantinov
Sent: Wednesday, April 05, 2006 3:19 PM
To: linux-il
Subject: Domestic VoIP service of BezeqInt

Hi,


I've just noticed BezeqInt seems to have officially launched their 
domestic VoIP service:

http://www.voip.co.il/

(Yeah, it seems to compete with their parent company's business, but I'm

sure it makes some financial sense...)


In their requirements for PC-to-Phone VoIP (yes, they officially offer a

PC-based setup in addition to regular phones being connected through a 
"converter" device), they mention Windows as a requirement -- not 
surprising. They explicitly note Macintosh is not yet supported. No word

on Linux:

http://www.voip.co.il/VOiP/flash/templete/faq.asp?catID=141#faq462


So, anyone has any info whether their protocol is standard and what free

clients can be used with it?



=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

[Job Offer] UNIX System Administrator

[Imri Zvik]

Internet Zahav is currently looking for an experienced UNIX system 
administrator.

1. Experience with various unices is a must (preferably with BSD/Linux/Solaris).
2. Knowledge in the various services an ISP offers (SMTP, DNS, Radius and such).
3. Good skills in shell scripting and Perl (perl is a big advantage).
4. TCP/IP is a must (…)
5. Must be a quick learner.

The job location is at Sgula, Petach Tiqwa.

Resumes/additional questions should be emailed to me,

Thanks,

--
Imri Zvik
PGP (2.6.3ia) Public Key: http://mariska.inter.net.il/~imriz/imriz.pgp
 


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: a server for fun and profit

[Imri Zvik]

And I don't understand your urge to comment on everything.

If you are not interested just delete the email, and carry on.

Some people on this list seem to have too much free time.

Have a great day,


--
Imri Zvik
PGP (2.6.3ia) Public Key: http://mariska.inter.net.il/~imriz/imriz.pgp
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of El-al, Netta
Sent: Thursday, July 07, 2005 12:02 PM
To: Gadi Evron
Cc: linux-il@linux.org.il
Subject: RE: a server for fun and profit

and i'm wondering why u even posted something to the list if u then
refuse to answer relevant questions...

> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Gadi Evron
> Sent: Wed, July 06, 2005 6:08 PM
> To: Nadav Har'El
> Cc: linux-il@linux.org.il
> Subject: Re: a server for fun and profit
> 
> 
> Nadav Har'El wrote:
> > On Wed, Jul 06, 2005, Gadi Evron wrote about "Re: a server 
> for fun and profit":
> > 
> >>..
> >>
> >>>* Why FreeBSD? Which version of FreeBSD?
> >>
> >>..
> >>
> >>>By publishing this info, you'll cut yourself many of those 
> emails who
> >>>will ask you the same questions over and over again..
> >>
> >>I'll take my chances, thanks though.
> > 
> > 
> > Perhaps you didn't notice, but this is a *Linux* mailing 
> list, so don't
> > be surprise if people wonder why you chose FreeBSD... :-)
> 
> No, but I am starting to wonder why you keep insisting on answering 
> everything, and always on-list.
> 
>   Gadi.
> 
> =
> To unsubscribe, send mail to [EMAIL PROTECTED] with
> the word "unsubscribe" in the message body, e.g., run the command
> echo unsubscribe | mail [EMAIL PROTECTED]
> 
> 

***
Information contained in this email message is intended only for use of
the individual or entity named above. If the reader of this message is
not the intended recipient, or the employee or agent responsible to
deliver it to the intended recipient, you are hereby notified that any
dissemination, distribution or copying of this communication is strictly
prohibited. If you have received this communication in error, please
immediately notify the [EMAIL PROTECTED] and destroy the original
message.

***

==
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Acting against anti-file-swapping Lawsuits in Israel

[Imri Zvik]

At least know your idols.
And I quote "Open source is a development methodology; free software is a 
social movement."
The FSF is specifically asking people not to mix both terms on their website.

I am overwhelmed with your contributes to the public. Your freecell solver is a 
state-of-the-art, bleeding edge software, and I'm sure you gave up on a lot of 
money when you made it public domain.

Now seriously, you keep missing the point here (not to mention your idiotic, 
childish examples):
1. the fact you were able to decide your program will be public 
domain/GPL/whatever is all thanks to the copyrights laws, who let the 
owner/creator/author decide what to do with his creation (within the other 
limits of law, which disapproves human sacrifice (do you have any other idiotic 
example?)).

2. You are not breaking the law "innocently" nor "guiltlessly", as you are 
fully aware that what you're doing is ILLEGAL (not to mention that even if you 
weren't aware, not knowing the law, doesn't make you not guilty).


Also, the definition of "crime" is:

crime
   n 1: (criminal law) an act punishable by law; usually considered
an evil act; "a long record of crimes" [syn: law-breaking]

Therefore, you *ARE* a criminal, by definition.

To endanger democracy you don't have to use force, threats or fraud. The 
biggest danger to democracy is when people decide to take the law into their 
own hands. I thought they teach you that in high school.

In the bottom line, Shlomi, as a couple of people already mentioned here, you 
are talking about things way over your head here, trolling, and misreading 
texts (not to mention that you are encouraging people to break the law, 
misleading them into thinking that what they are doing is OK, and not illegal, 
which is very wrong too).
You should not abuse stages given to you to encourage people to break the law.

(I wonder if anyone from the Israeli Records Association is reading this 
thread...)


--
Imri Zvik
PGP (2.6.3ia) Public Key: http://mariska.inter.net.il/~imriz/imriz.pgp
 

-Original Message-
From: Shlomi Fish [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 26, 2005 12:17 PM
To: Imri Zvik
Cc: [EMAIL PROTECTED]
Subject: Re: Acting against anti-file-swapping Lawsuits in Israel

On Wednesday 25 May 2005 19:11, you wrote:
> You cannot say that free-software is bad because "people
> download software and use it free-of-charge, instead of paying for more
> costy proprietary alternatives." As they are doing so with permission of
> the copyrights holder, and that is 100% legal. 

That was not my point. My point was that by depriving the proprietary software 
vendors of living, we essentially eliminate a large part of the software 
industry, and then evoke the domino effect starting from it. So, according to 
your logic free software is also bad.

My point was that by making the consumers more prosperous we will help the 
economy better than preserving the status quo where the music industry 
receives a lot of money from many individuals. That said, I don't think 
people will ever completely stop buying music.

> As someone already 
> mentioned, you are avoiding the REAL problems with the copyrights law, such
> as "eternal rights" etc. while the basic idea of copyrights *IS* ok. 

I am not. I oppose perpetual copyright as much as the next guy. But the rights 
of the people to share files is also important.

> You 
> created something, *YOU* can decide what to do with it, when and how. 

Can I decide that by using this thing, you will sacrifice your first born sun 
to Ra, the Egyptian Sun God? Some things are unethical, and limiting 
non-commercial copying is one of them.

> You 
> can decide to license it with GPL, or you could decide not to. It is up to
> you, it is yours, at least for a defined period of time.

Right.

>
> Also, the "law of the land" is not the "law of god", but there are ways to
> protest against it, else than breaking it. As long as this is the law, you
> should follow it. 

I realize that I'd rather follow the law than break it. However, if enough 
people break the law and do it innocently, guiltlessly, etc. maybe the law is 
wrong. I haven't done anything wrong by downloading files from the Internet. 
Neither did my family or any of the people I know who have.

If the Israeli Records Association wishes to start a witch-hunt against the 
file sharers, then I will stand to protect them, because it is not a freeking 
crime. 

> Following your line of thinking, I could and should do 
> whatever I want with GPL'ed programs, including changing them and
> redistributing them without the source, as it's not in the author's rights
> to tell me what to do with it.

Actually, this is within the author's rights.

>
> Also, I do not t

RE: Acting against anti-file-swapping Lawsuits in Israel

[Imri Zvik]

When people start choosing what laws to obey and what not, it is the
fastest way to chaos. The fact is that you still break the laws of the
sovereign, democratic entity you're part of, and that would make you an
outlaw, a criminal. 
And about the economic system - didn't you ever hear about the term "The
Domino Effect"? Music for example pays salaries of numerous of people,
allowing them to be able to buy other products and services, and by that
help other people receive a paycheck. Producing and trading copyrighted
materiel is still producing and trading, which is, as you stated, are
the foundation stones of our economic system. Saying that the fact you
can't smell/touch it makes it ok, is so... uhmm, idiotic? As far as I
know, you're not an ostrich, so don't burry your head in the sand.

--
Imri Zvik
PGP (2.6.3ia) Public Key: http://mariska.inter.net.il/~imriz/imriz.pgp
 

-Original Message-
From: Shlomi Fish [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 25, 2005 1:58 PM
To: Imri Zvik
Subject: Re: Acting against anti-file-swapping Lawsuits in Israel

On Wednesday 25 May 2005 13:11, you wrote:
> Shlomi,
>
> It's not a matter of if in your ideal imaginary world such thing
should
> be legal, and one person who bought a copy of a
> book/cd/dvd/software/whatever could redistribute it (with, or without
> payment) to the whole wide world.

Hmmm...

> In the real world, redistributing copyrighted materiel without
approval
> is ILLEGAL, it doesn't matter if the term for it is "stealing" or
> anything else - it would still make you a CRIMINAL. 

Please don't call me a criminal. Especially if I only violated an
unethical 
law. I also don't call drug users/traders/etc. criminals, because the
drug 
prohibition laws are unethical.

> if you do that, why 
> would anyone pay for it? The whole economic system would collapse, and
> millions will lose their jobs, and the ability to buy food.

The economic system will not collapse, because people still don't
_steal_ (not 
copy, mind you) food, or tools, or machines, or other things which
cannot be 
represented as bit-buckets. Most of the economic system is about
producing, 
trading, and using such physical entities, without which we as human
beings 
cannot live at all or live at comfort.

So don't BS me.

> In the bottom line, Shlomi, you are trying to find excuses for being a
> cheap-ass, who is trying to avoid paying for your pleasures. 

When I go to the cinema or to a concert or to Disney World or to a
vacation, 
etc. I pay because they provide me with a greater experience than I can 
provide myself at my own home. And it involves a physical experience
too, 
greater than just sitting on my computer or at home listening to a song
or 
watching a movie or whatever.

OTOH, why should I necessary pay for a bit bucket, which costs close to
zero 
to reproduce. FYI, an entity that makes money out of selling a product
whose 
development cost may be very large, but the cost of producing a single
unit 
is zero, is simply called a "parasite" in economics. If it costs zero to

mass-produce and re-distribute, one should not complain if people copy
or 
re-distribute it on their own. There's nothing wrong with that.

> This is the 
> law, and this is our economic system, deal with it.

It may be the law, but it's an unethical law. And the economic system
will not 
fall if people completely stopped paying for bit buckets. (not to
mention, 
that I don't think it will happen).

>
> This thread is the most idiotic thread ever seen on this list - don't
> you people have better topics to discuss?

I've seen more idiotic threads.

Regards,

Shlomi Fish

-
Shlomi Fish  [EMAIL PROTECTED]
Homepage:http://www.shlomifish.org/

Tcl is LISP on drugs. Using strings instead of S-expressions for
closures
is Evil with one of those gigantic E's you can find at the beginning of 
paragraphs.

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Acting against anti-file-swapping Lawsuits in Israel

[Imri Zvik]

Shlomi,

It's not a matter of if in your ideal imaginary world such thing should
be legal, and one person who bought a copy of a
book/cd/dvd/software/whatever could redistribute it (with, or without
payment) to the whole wide world.
In the real world, redistributing copyrighted materiel without approval
is ILLEGAL, it doesn't matter if the term for it is "stealing" or
anything else - it would still make you a CRIMINAL. if you do that, why
would anyone pay for it? The whole economic system would collapse, and
millions will lose their jobs, and the ability to buy food.
In the bottom line, Shlomi, you are trying to find excuses for being a
cheap-ass, who is trying to avoid paying for your pleasures. This is the
law, and this is our economic system, deal with it.

This thread is the most idiotic thread ever seen on this list - don't
you people have better topics to discuss?

--
Imri Zvik
PGP (2.6.3ia) Public Key: http://mariska.inter.net.il/~imriz/imriz.pgp
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Shlomi Fish
Sent: Wednesday, May 25, 2005 12:05 PM
To: Uri Bruck
Cc: linux-il@linux.org.il
Subject: Re: Acting against anti-file-swapping Lawsuits in Israel

On Tuesday 24 May 2005 23:54, Uri Bruck wrote:
> Shlomi Fish wrote:
> > do you think it is desirable to enforce a law that prevents people
from
> > ripping a CD/eBook/DVD/whatever and sharing it online? Do you think
it
> > would be practical? Do you think that it is a crime to do that?
> >
> > Technology advances, and law and philosophy must advance with it.
> >
> > Just for the record, I'll re-iterate a story that RMS likes to tell.
He
> > said that when he was in elementary school his teacher encouraged
the
> > class to share their candies with their friends. And today, it is
the
> > opposite: "No Tommy, don't share your software/music/video/whatever.
It's
> > illegal."
>
> You're missing a big point here Shlomi. You can share your
> software/music/video/whatever, but what I create isn't yours, it's
mine,
> and it's up to me how it should be distributed and shared.

The copyrights to the work you create are yours. The copy of the work is
mine. 
When children (or teenagers, or adults) make copies of
CDs/DVDs/mp3s/etc. 
they do it so they can share these copies along with their friends. They

don't see nothing wrong with it. Don't you think it may be an indication
that 
there _isn't_ something wrong with it.

Are you approving of teachers telling the school children to "Do not
share 
your music with the other children. Copying copyrighted work is wrong!"?

According to RMS, the belief that sharing anything is wrong causes great

damages to society because it makes people more reluctant to sharing.

When copyright law was formulated there were no means to easily, quickly
and 
efficiently copy content. But even when some of them were introduced
(Xerox 
machines, Betamax/VHS tapes, Audio Cassettes, etc.) the general belief
was 
that it is OK to make copies of your artwork to your friends. (at least
at 
little or no cost).

Regards,

Shlomi Fish

-
Shlomi Fish  [EMAIL PROTECTED]
Homepage:http://www.shlomifish.org/

Tcl is LISP on drugs. Using strings instead of S-expressions for
closures
is Evil with one of those gigantic E's you can find at the beginning of 
paragraphs.

=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Acting against anti-file-swapping Lawsuits in Israel

[Imri Zvik]

Comparing attempts to prevent a genocide with breaking the copyrights
law is an insult to whomever been in the holocaust. You cannot dismiss
any laws you do not agree with, it just doesn't work this way - YOU
should get a reality check (and a shrink or a probation officer, ASAP.).
It's not that disobeying this specific law will cause chaos, but the
idea that an individual is obeying only the laws he agrees with will.

The music industry supplies work to the software engineering industry,
hardware, catering, electricity, real estate, and many, many, MANY more,
not to mention that a couple of other large industries, else than the
music industry, rely on the copyrights laws.

You are trying to justify your criminal actions with ethics, which is
just wrong.

But go ahead, share music and other copyrighted material if you want...
I won't be sorry if and when they will rip you off everything you own in
court.

--
Imri Zvik
PGP (2.6.3ia) Public Key: http://mariska.inter.net.il/~imriz/imriz.pgp
 

-Original Message-
From: Shlomi Fish [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 25, 2005 3:22 PM
To: Imri Zvik
Cc: linux-il@linux.org.il
Subject: Re: Acting against anti-file-swapping Lawsuits in Israel

On Wednesday 25 May 2005 14:45, Imri Zvik wrote:
> When people start choosing what laws to obey and what not, it is the
> fastest way to chaos. 

The only valid laws are the prevention of initiatory force, threat of
force, 
or fraud against one's self or property (not the so-called "intellectual

property"). All other laws: against drug abuse, against prostitution,
against 
gambling, against insider's information, against monopolies etc. etc.
are 
irrelevant and unethical. 

Violating a law that says that one should not share his music over the 
Internet, will not cause any chaos. People do it all the time, and still
food 
is in supply, stores are open, water is flowing in the pipes, there's
supply 
of electricity, and the Internet is available for commerce and
recreation.

You should get a reality check. 

> The fact is that you still break the laws of the 
> sovereign, democratic entity you're part of, and that would make you
an
> outlaw, a criminal.

If I lived in Nazi Germany and hidden a Jew in my house, (which was
against 
the law) would that make me a criminal? (please don't invoke Godwin's
law 
here)

Laws that are unethical, need not be followed.

> And about the economic system - didn't you ever hear about the term
"The
> Domino Effect"? Music for example pays salaries of numerous of people,
> allowing them to be able to buy other products and services, and by
that
> help other people receive a paycheck. Producing and trading
copyrighted
> materiel is still producing and trading, which is, as you stated, are
> the foundation stones of our economic system. Saying that the fact you
> can't smell/touch it makes it ok, is so... uhmm, idiotic? As far as I
> know, you're not an ostrich, so don't burry your head in the sand.
>

Domino effect.. hmmm... according to this logic, if we lower the income
tax, 
then firing a great deal of government bureaucrats will also cause the 
economy to collapse. ;-)

If people download music instead of buying it, then the public as a
whole will 
be more prosperous, and will spend this money or invest on better
things. 
While we may kill the music industry (highly unlikely, but still) the
other 
industries will be much better off. During the course of human history
entire 
industries were superceded by other ones, and yet we still live to tell
the 
tale, and we are better and more prosperous and more advanced than ever.

Again, you're misapplying concepts.

Regards,

Shlomi Fish

-
Shlomi Fish  [EMAIL PROTECTED]
Homepage:http://www.shlomifish.org/

Tcl is LISP on drugs. Using strings instead of S-expressions for
closures
is Evil with one of those gigantic E's you can find at the beginning of 
paragraphs.

To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]

RE: Acting against anti-file-swapping Lawsuits in Israel

[Imri Zvik]

You cannot say that free-software is bad because "people 
download software and use it free-of-charge, instead of paying for more costy 
proprietary alternatives." As they are doing so with permission of the 
copyrights holder, and that is 100% legal. As someone already mentioned, you 
are avoiding the REAL problems with the copyrights law, such as "eternal 
rights" etc. while the basic idea of copyrights *IS* ok. You created something, 
*YOU* can decide what to do with it, when and how. You can decide to license it 
with GPL, or you could decide not to. It is up to you, it is yours, at least 
for a defined period of time.

Also, the "law of the land" is not the "law of god", but there are ways to 
protest against it, else than breaking it. As long as this is the law, you 
should follow it. Following your line of thinking, I could and should do 
whatever I want with GPL'ed programs, including changing them and 
redistributing them without the source, as it's not in the author's rights to 
tell me what to do with it. 

Also, I do not think that "open source" is the same as "free software", please, 
do not mix them. The fact a program is an open-source program does not mean it 
is a "free software" in the way FSF sees it.

While you keep bringing up the government bureaucrats, you forget that you have 
no option but pay taxes - it is not the same here. Music for example is a 
luxury - you cannot afford it? Too bad - but getting it illegally is neither 
the solution nor the right way to protest against it, morally and ethically. 
Again, you *ARE* breaking the law, you are *NOT* using the tools given to you 
by the law to protest, you are taking the law into your own hands, and *THAT* 
is the biggest problem here.

You *ARE* a criminal, and I would suggest you will go and lookup the definition 
of the word in the dictionary.

I cannot emphasize more how wrong you are, and how bad it is to take the law 
into your own hands (and no, it is not a question of life and death, so it's 
not like the examples you keep bringing), and how dangerous your ideas are for 
democracy.

This is the last mail I intend to post, as you are obviously a FSF, linux-hype 
infected, overexcited troll, with a double moral. (how can you expect people to 
follow one license while you dismiss your (the author's/creator) right to 
decide with what license something will be distributed with?) and nothing I 
will say will disinfect you. All I can say is that I wish people like you would 
be the first to be stripped out of everything they own in court for breaking 
copyrights laws.


Have a great day,

 
--
Imri Zvik
PGP (2.6.3ia) Public Key: http://mariska.inter.net.il/~imriz/imriz.pgp
 

-Original Message-----
From: Shlomi Fish [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, May 25, 2005 6:06 PM
To: Imri Zvik
Cc: [EMAIL PROTECTED]
Subject: Re: Acting against anti-file-swapping Lawsuits in Israel

I'm CCing to the list so they'll be more interested.

On Wednesday 25 May 2005 16:00, you wrote:
> Comparing attempts to prevent a genocide with breaking the copyrights
> law is an insult to whomever been in the holocaust. 

No it's not. I wasn't comparing anything. I was just mentioning the fact that 
if laws are unethical and irrational, a person cannot be held liable for 
breaking them, if he does. 

> You cannot dismiss 
> any laws you do not agree with, it just doesn't work this way 

I can dismiss them if I can show how irrational and harmful they are. I'm not 
saying I will break them at that point. I'm not using or selling drugs, for 
example, because although ethical these are immoral activities.

> - YOU 
> should get a reality check (and a shrink or a probation officer, ASAP.).

No, you should. You seem like a goody-two-shoes who think the Law of the Land 
is the Law of God, and don't question it or criticize it. Here's a newsflash 
for you: often the Law of the Land deviates a great deal from anything we can 
call ethical. (see Nazi Germany, Communist Russia, Communist China, etc. 
etc.). In this case, people should voice their opinion against it and work to 
remove it.

The bylaws of Israel are pretty good, but not perfect. Not only do I think 
they are bad in some respects, but I voice my opinion about it. If I violate 
any laws, it's because these laws are not immoral.

> It's not that disobeying this specific law will cause chaos, but the
> idea that an individual is obeying only the laws he agrees with will.

I am not a relativist, and I don't think people should initiate force, 
coercion or fraud. But most laws in Israel and most other Liberal countries, 
are harmful, and thus are constantly violated, and rightfully so. I say that 
we should change the bylaws instead of trying to enforce anyone not to 
violate any law, however irrational it is. 

>

RE: Job offer

[Imri Zvik]

Hi,

Shachar, Oz did not ask you or anybody else on this list to evaluate the
company or it's chances to succeed.
Oz offered a job, and I can assure you it's a good job. Either apply or
ignore that mail.

There is no need to be obnoxious to people who offers a job (remember
the TAU job offered here a couple of months ago?).



--

Imri Zvik

PGP (2.6.3ia) Public Key: http://mariska.inter.net.il/~imriz/imriz.pgp

 


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Shachar Shemesh
Sent: Thursday, May 05, 2005 2:13 PM
To: [EMAIL PROTECTED]
Cc: IL List
Subject: Re: Job offer

Gilboa Davara wrote:

> Mr. Startup,
>
> Writing something about  your company (beyond - we have money) and 
> about the positions you want to fill might be helpful...
>
> Gilboa

It seems that five years are enough for people to forget.

The bubble is back.

Let's analyze this one, for example:
- They have money. In fact, that's the most important aspect of their 
job offer.
- "push technology"? Didn't that go out of style, like, eight years ago?
- "We have a growing community of users who view, rank and comment on 
the content." - i.e. - we are going to make money by having a lot of 
people use our product for free. Rather, we are going to make money by 
convincing VC's to invest in us, because we have lots of users who will 
pay us nothing.

Let's think back what the bubble was, after all. It was called "The new 
economy", and it meant "make money by being bought out". This will be 
profitable to the investors, because they too, in turn, will sell to 
someone else.

It's called a "pyramid scam", and when done with email it's illegal. No 
one made it illegal with companies, though.

Take this email, for example. Did anyone understand what the program 
does? Oz said it was "push technology", but the EULA talks about "don't 
use this to distribute illegal material", so this seems like a P2P. Then

again, the web site talks about "Seeing thousands of the best videos, 
images and sound on the internet". So is this a recreational thing? If 
so, where is the push? Go figure.

AND they managed to get money. The optimistic among you are welcome to 
come to the conclusion that the investors got a better picture of how 
the company is supposed to make money in the end. I have my doubts. I 
know a little about VCs.

  Shachar

-- 
Shachar Shemesh
Lingnu Open Source Consulting ltd.
Have you backed up today's work? http://www.lingnu.com/backup.html


=
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]


To unsubscribe, 
send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]