Re: Very large JoeJob in progress against Spamcop (fwd)

2002-09-07 Thread william 


Yes, we got bunch of these as well (at least 10), just two came in today.
I know for sure its not actual spamcop since they send copy of email in 
question. Plus email was sent to all email addresses of particular 
dedicated hosting website, but the website is used for advertising and 
customers would not be showing as being from that ISP. I assumed somebody 
is trying to have us ignore future spamcop emails and put it in the 
blacklist. The ip addresses it coma from are 64.70.191.50 (valueweb), 
65.67.149.57 (swbell dsl). If anybody else gets similar reports, I suggest
you all ignore it or better store all them in separate folder and then 
sent to spamcop in case they decide to press charges for forgery (this 
should be criminal case I think).

On Sat, 7 Sep 2002, J.A. Terranson wrote:

> 
> 
> 
> -- Forwarded message --
> Date: Sat, 7 Sep 2002 10:41:54 -0400
> From: Ellen <[EMAIL PROTECTED]>
> To: J.A. Terranson <[EMAIL PROTECTED]>
> Subject: Re: Very large JoeJob in progress against Spamcop (fwd)
> 
> Thanks for the CC of your email to valueweb!
> 
> Ellen
> 
> 
> - Original Message -
> From: "J.A. Terranson" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Saturday, September 07, 2002 9:53 AM
> Subject: Very large JoeJob in progress against Spamcop (fwd)
> 
> 
> >
> >
> > -- Forwarded message --
> > Date: Sat, 7 Sep 2002 08:51:00 -0500 (CDT)
> > From: J.A. Terranson <[EMAIL PROTECTED]>
> > To: [EMAIL PROTECTED]
> > Cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
> > Subject: Very large JoeJob in progress against Spamcop
> >
> >
> > I have received a boatload of these, from a Valueweb customer
> > impersonating Julian Haight/SpamCop.  The subject lines vary among a
> > fixed list, including the below "Spam from your network", "Spamcop is
> > watching you", "Spamcop will shut down your website", etc.
> >
> > Valueweb is a home-user DSL provider, and the origin IP of these is
> > clearly not SpamCop.
> >
> > Yours,
> >
> > J.A. Terranson
> > [EMAIL PROTECTED]
> >
> > -- Forwarded message --
> > Return-Path: <[EMAIL PROTECTED]>
> > Received: from spamcop.net ([64.70.191.50])
> > by cliff.mfn.org (8.11.1/8.9.3) with SMTP id g87AKkc12347
> > for <[EMAIL PROTECTED]>; Sat, 7 Sep 2002 05:20:47 -0500
> (CDT)
> > (envelope-from [EMAIL PROTECTED])
> > Message-Id: <[EMAIL PROTECTED]>
> > Reply-To: [EMAIL PROTECTED]
> > To: [EMAIL PROTECTED]
> > X-Mailer: X-Mailer: Web Based Pronto
> > From: [EMAIL PROTECTED]
> > MIME-Version: 1.0
> > X-Encoding: MIME
> > Content-Type: multipart/alternative;
> > boundary="=_NextPart_38663300828774"
> > Date: Sat, 07 Sep 2002 06:25:28 -0500
> > Subject: Spam from your network
> >
> > SpamCop.net - protecting the internet through technology
> >
> >
> > Why Am I Getting This Email?
> >
> > You have recieved this email because spamcop.net has had recent complaints
> related to your network (convictedchildmolesters.org).
> >
> >
> > What Types of complaints?
> >
> > Open mail ports, violations of our acceptable use polices, and other
> various complaints. EMail us for specifics...
> >
> >
> > What do I need to do?
> >
> > Close any open relays on your network, enforce a anti spam A.U.P.
> (Acceptable USse Policy), and shut down abusive users.
> >
> > SpamCop's original spam reporting service will help you report spam
> quickly and accurately. Or choose from a variety of filtering options
> ranging from the easiest web-mail account to advanced network-wide spam
> blocking.
> >
> > Accused of spamming?
> >
> > Answers to most common questions. Like: My email was blocked! SpamCop got
> it wrong! How can I fix it? Falsely accused? What is spam? Find help here
> for internet and hosting providers, small and large-scale bulk mailers and
> advertisers.
> >
> >
> > Other Questions or Comments?
> >
> > SpamCop has several dedicated (and spam-free) news groups where you can
> get help, suggest new features or report bugs. Or you can search the  entire
> site, FAQ and all support-forum content in one place.
> >
> >
> > Reporting and Filtering Options..
> >
> > VISIT http://spamcop.net
> >
> >
> >
> > Copyright (c) 1998-2002 Julian Haight, All rights reserved.
> [EMAIL PROTECTED]
> >
> >
> >
> >
> 
>

Baltimore train tunnels (was Re: Vulnerbilities of Interconnection)

2002-09-07 Thread Sean Donelan 


On Fri, 6 Sep 2002 [EMAIL PROTECTED] wrote:
> You also have the problem of cascading failures.  Just because there
> are redundant paths and alternate peering locations does not mean
> those facilites have the bandwidth to handle all the redirected
> traffic.  If A gets swamped you go to B if the redrected traffic is to
> much for B then you go to C and so on - each time the amount of
> traffic increases and the avialble bandwidth decreases.  According to
> the analysis I've seen and run on the the Baltimore incident this is
> the jest of how a few cut lines rippled across the Internet.  I would
> think Alex's scenario would have a bigger impact than that incident.

For some reason, I guess since Baltimore is near Washington DC, this
incident seems to have captured the imagination of folks in Washington DC.
Although some brand-name providers were impacted by this incident, it had
minimal impact on other providers. Essentially every major Internet
exchange point has failed at one time or another. In the past, there has
been simultaneous failures in at least three different locations.

The problem with your analysis is that's not what happens on the Internet.

One of the current issues of Internet traffic engineering is traffic
doesn't roll over to alternate paths B or C when the primary path A
is congested.  This is a traditional design in the switched telephone
network, but not common in the Internet.  Internet traffic tends to
follow the "best" available route.

Unlike phone calls, TCP traffic doesn't occur in fixed bandwidth
increments. TCP traffic, 90% of Internet traffic, is elastic. By design,
TCP adjusts the traffic rate to keep the bottleneck congested.  As the
bottleneck moves, traffic reacts by increasing or decreasing the rate to
match the available capacity.  This feedback occurs independently of what
is happening on nearby traffic paths.  Even if there is available
capacity on elsewhere, the current Internet design is not very good at
using it.  Some people view this as an inefficient use of available
capacity, other people view it as a self-protective mechanism.

In today's Internet, the type of cascading failure you postulated probably
won't happen.  The design goal of the Internet is not to keep every part
of the network operating under every condition, but failures in part of
the network should not disrupt other parts of the network.

That's why during the Baltimore train tunnel you saw some providers with
severe problems in parts of their network, but other providers didn't
experience any slowdowns in their networks.  I wouldn't be surprised if
a few people even experienced an improvement in their traffic that day.

There are vendors trying to sell systems which will "steer" traffic
through alternate paths seeking to avoid congestion.  In addition there
are things like IEPREP which are seeking to bypass the congestion feedback
controls for selected traffic.  It is unclear to me what impact these
will have on Internet traffic during a crisis.  It is possible these
improvements will in fact make the Internet more brittle.

SpamCop Forgeries

2002-09-07 Thread Marius Strom 


FYI, for those of you who get worried when you see mail from spamcop
hitting your postmaster addresses:

http://www.julianhaight.com/forgery.shtml

It may be forged.

-- 
   /->
Marius Strom   | Always carry a short length of fibre-optic cable.
Professional Geek  | If you get lost, then you can drop it on the
System/Network Admin   | ground, wait 10 minutes, and ask the backhoe
http://www.marius.org/ | operator how to get back to civilization.
   \-| Alan Frame |-->