Re: Problems sending mail to yahoo?
Massive quoting gets old fast so I'll try to summarize and if I misrepresent your POV in any way my profuse apologies in advance. First and foremost let me say that if we had a vote here tomorrow on the spam problem I suspect you'd win but that's because most people, even (especially) people who believe themselves to be technically knowledgeable, hold a lot of misconceptions about spam. So much for democracy. I say the core problem in spam are the botnets capable of delivering on the order of 100 billion msgs/day. You say there are other kinds of spammers. I'll agree but if we got rid of or incapacitated the massive botnets that would be a trickle, manageable, and hardly be worth fussing about, particularly on an operational list. The reason is that without the botnets the spammers don't have address mobility. You could just block their servers. But if we don't agree on those points then we're talking past each other. I assert that the problem are the massive O(100B) botnet spammers and they simply don't have the resources or interest really (because they don't have the resources or business model) to do things like analyze return codes etc as you describe. So it's doubtful to me that returning more meaningful return codes in SMTP rejections would be of much use to them. It's also not of much use to them, as I previously described, even if they tried. They could deduce about the same information for about the same "price" without the return codes. But any such return codes should be voluntary, particularly the details, and a receiving MTA should be free to respond with as much or as little information as they are comfortable with right down to the big red button, "421 it just ain't happenin' bub!" But it was just an example of how perhaps some standards, particularly regarding mail rejection, might help operationally. I'm not pushing the particular example I gave of extending status codes. Also, again I can't claim to know what you're working on, but there are quite a few "disposable" address systems in production which use various variations such as one per sender, one per message, change it only when you want to, etc. But maybe you have something better, I encourage you to pursue your vision. And, finally, one quote: >I didn't say I had a design. Certainly there are solutions to the >problem, but any solution I'm aware of involves paradigm changes of >some sort, changes that apparently few are willing to make. Gosh if you know of any FUSSP* whose only problem is that it requires everyone on the internet to abandon SMTP entirely or similar by all means share it. Unfortunately this is a common hand-wave, "oh we could get rid of spam overnight but it would require changes to (SMTP, usually) which would take a decade or more to implement, if at all!" Well, since it's already BEEN a decade or more that we've all been fussing about spam in a big way maybe we should have listened to people with a secret plan to end the war back in 1998. So I'm here to tell ya I'll listen to it now and I suspect so will a lot of others. * FUSSP - Final and Ultimate Solution to the Spam Problem. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Fwd: Problems sending mail from .mumble
I was asked to forward this to the list by Eric: > Date: Sun, 13 Apr 2008 10:27:40 -0700 > From: Eric Brunner-Williams <[EMAIL PROTECTED]> > User-Agent: Thunderbird 2.0.0.12 (Macintosh/20080213) > MIME-Version: 1.0 > To: nanog@merit.edu > Subject: Problems sending mail from .mumble > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > Content-Transfer-Encoding: 7bit > > Howdy folks, > > This isn't as much fun as tracking ships, but at Friday's meeting of > ICANN's GNSO Council (think "Hairspray") and ICANN staff on the process > for new gTLDs, the issue of file suffixes as proposed strings came up. > > Obviously the people who thought of wildcards (Sitefinder) didn't think > through the full joy of the consequences. > > So this is (yet another) fishing expidition -- as MIME types are a handy > list, if any of those strings were present in a header, as in > [EMAIL PROTECTED], would any well-known thingee choke? > > Clues on a clue-by-four. > > I'll summarize replies off-list (unless requested otherwise) and Thanks > in Advance, > Eric > -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Problems sending mail to yahoo?
) is your oyster. > Addressing "standards" of the sort you suggest is relatively meaningless > in the bigger picture, I think. Nice, but not that important. Well, first you'd have to indicate that you actually have a view of the problem which supports such a judgment. At any rate you're quibbling the example as I forewarned. But standardizing receiving MTA fail codes is, I suspect, more useful than you give them credit. It would be some progress at little to no cost in the large. It deals less with spam filtering and more with effective MTA to MTA operation. At least it's sticking to the realm of improving standards in a way that can be accomplished. I don't see how I could have given a better example without a lot of hand-waving and vagaries. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Problems sending mail to yahoo?
On April 13, 2008 at 15:17 [EMAIL PROTECTED] (Rob Szarka) wrote: > > At 02:18 PM 4/13/2008, Barry Shein wrote: > >Is it [EMAIL PROTECTED] or [EMAIL PROTECTED] or [EMAIL PROTECTED] or > >[EMAIL PROTECTED] (very commonly used) or [EMAIL PROTECTED] Who cares? But > >let's pick ONE, stuff it in an RFC or BCP and try to get each other to > >conform to it. > > [EMAIL PROTECTED] is *already* specified (in RFC 2142). Thank you. Perhaps that's why I prefaced that paragraph with: Oh yeah here's another (ok maybe somewhere this is written down), how ^^^ about agreeing on contact mailboxes like we did with [EMAIL PROTECTED] but you for some reason elided it. Well, difficult to resist quibbling an example I suppose. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Problems sending mail to yahoo?
I realize it's natural and predictable, when spam is mentioned, to repeat the folklore...then the robots came and we were all driven underground to survive... However my point was something more in the realm of standards and operations and what we can do rather than going back over what we can't seem to do. For example, and it's only an example don't quibble the example, defining a list of return SMTP codes which are actually specific and meaningful like (let's assume they should be 5xx, maybe 7xx would be a better start? Policy failure codes) 540 Sending site in internal blacklist contact: URL or MAILBOX 541 Sending site is in external blacklist: URL 542 FROM address blocked: MAILBOX 543 RCPT address blocked: MAILBOX 544 BODY contained blacklisted URL or MAILBOX: URL or MAILBOX 545 BODY contained blacklisted string not a URL or MAILBOX 546 SUBJECT contained blacklisted URL or MAILBOX: URL or MAILBOX 547 SUBJECT contained blacklisted string not a URL or MAILBOX 548 SPF Failure (note: could be subsetted further or detail code added) 549 DKIM Failure (note: could be subsetted further or detail code added) and so on, a taxonomy which could then at least be dealt with intelligently by sending MTAs and supporting software rather than each side cooking up their own stuff. That's the first problem with this yahoo flap, right? You have to go to the backed up mail queues and stare at them and try to pattern match that a lot of these are from yahoo, and oh look they're deferred?, wait, inside the queue files you can find this "421 Deferred due to user complaints see URL" which then leads you to a form to fill out and you're still not sure what exactly you're pursuing other than hoping you can make it go away either by your action or theirs. Gak, there isn't even a standard code which means MAILBOX FULL or ACCOUNT NOT RECEIVING MAIL other than MAILBOX FULL, maybe by choice, maybe non-payment, as specific as a site is comfortable with. That's what I mean by standards and at least trying to focus on what can be done rather than the endless retelling of what can't be done. More specific and standardized SMTP failure codes are just one example but I think they illustrate the point I'm trying to make. Oh yeah here's another (ok maybe somewhere this is written down), how about agreeing on contact mailboxes like we did with [EMAIL PROTECTED] Is it [EMAIL PROTECTED] or [EMAIL PROTECTED] or [EMAIL PROTECTED] or [EMAIL PROTECTED] (very commonly used) or [EMAIL PROTECTED] Who cares? But let's pick ONE, stuff it in an RFC or BCP and try to get each other to conform to it. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Problems sending mail to yahoo?
The lesson one should get from all this is that the ultimate harm of spammers et al is that they are succeeding in corrupting the idea of a standards-based internet. Sites invent policies to try to survive in a deluge of spam and implement those policies in software. Usually they're loathe to even speak about how any of it works either for fear that disclosure will help spammers get around the software or fear that someone, maybe a customer maybe a litigious marketeer who feels unfairly excluded, will hold their feet to the fire. So it's a vast sea of security by obscurity and standards be damned. It's a real and serious failure of the IETF et al. P.S. Anyone else getting hit by sales calls for DDoS appliances and other salespeople as a result of this thread? This fishing in NANOG waters by salespeople is irritating and a good reason not to do business with these companies. I don't take my time to post on NANOG to invite a deluge of sales calls. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Problems sending mail to yahoo?
Is it just us or are there general problems with sending email to yahoo in the past few weeks? Our queues to them are backed up though they drain slowly. They frequently return: 421 4.7.0 [TS01] Messages from MAILSERVERIP temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html (where MAILSERVERIP is one of our mail server ip addresses) Yes I followed the link and filled out the form but after several days no response or change. Despite the wording of their message we're not aware of any cause for "user complaints". For example if there were a spam leak you'd expect to see complaints in general to postmaster, abuse, etc. None we're aware of. We host quite a few mailing lists and it seems like whatever they're using is being touched off by the volume of (legitimate) mailing list traffic. I'm automatically moving all their email to a slower delivery queue to see if that helps. Just wondering if this was a widespread problem or are we just so blessed, and any insights into what's going on over there. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Looking for Clue at Earthlink
On March 24, 2008 at 11:19 [EMAIL PROTECTED] (Rob Szarka) wrote: > > > If someone here is from Earthlink, or knows someone who is, please > get in touch with me off-list. I have a mail-related issue to > resolve. (Sadly the ARIN-listed contact is not valid and mail to > postmaster seems to go into the same black hole as mail to abuse.) > > Specifically, the issue relates to the servers in 209.86.89.0/24, in > case anyone here is already aware of an issue with the servers in > this block and can help. Do you mean how they're pwned and just spew dictionary attacks? It comes and goes tho mostly comes. Mar 24 17:09:37 pcls5 sendmail[23040]: NOUSER: kprice5 relay=elasmtp-junco.atl.sa.earthlink.net [209.86.89.63] Mar 24 17:18:19 pcls5 sendmail[4351]: accept: 25 elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:18:30 pcls5 sendmail[4351]: NOUSER: kpm relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:18:33 pcls5 sendmail[4351]: NOUSER: kpm1 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:18:36 pcls5 sendmail[4351]: NOUSER: kpm10 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:18:39 pcls5 sendmail[4351]: NOUSER: kpm2 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:18:42 pcls5 sendmail[4351]: NOUSER: kpm3 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Mar 24 17:24:41 pcls5 sendmail[13117]: accept: 25 elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] Mar 24 17:24:51 pcls5 sendmail[13117]: NOUSER: kpr relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] Mar 24 17:24:54 pcls5 sendmail[13117]: NOUSER: kpr1 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] Mar 24 17:24:57 pcls5 sendmail[13117]: NOUSER: kpr10 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] Mar 24 17:25:00 pcls5 sendmail[13117]: NOUSER: kpr2 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] Mar 24 17:25:03 pcls5 sendmail[13117]: NOUSER: kpr3 relay=elasmtp-scoter.atl.sa.earthlink.net [209.86.89.67] -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: rack power question
Here's another project which has dubbed themselves "teraflops from milliwatts" which I believe is shipping iron. I have no first-hand experience with their products: http://www.sicortex.com/ -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: default routes question or any way to do the rebundant
Is this for real? Someone asks a harmless question about setting up multiple default routes, not about Barack Obama or whether the moon is made of green cheese, but about default routes. Then 10 people decide to respond that this isn't appropriate for nanog. Then 25 people decide to dispute that. Then 50 people are arguing (ok maybe I exaggerate but just a little) about it. So the person who asked the original question feels bad and apologizes. And 5 people decide to tell her there's nothing to apologize for. And 10 people dispute that...and...what next? Oh, right, and next I feel an urge to write this idiotic meta-meta-meta-note. I think psychologists have a term for this, "chaotic instability disorder" or something like that. Maybe what we need are NANOG GREETERS! Hello, welcome to Nanog, can we help you find something? Hello, welcome to Nanog, can we help you find something?... -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Kenyan Route Hijack
On March 16, 2008 at 06:25 [EMAIL PROTECTED] (Paul Ferguson) wrote: > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > - -- "Glen Kent" <[EMAIL PROTECTED]> wrote: > > >If its done intentionally then it would only make sense if theres a > >DOS attack coming from that address block, or if theres something > >"blasphemous" put up there. If none of these, then why locally > >blackhole traffic? > > > > Usually unintentional. See Pakistan Telecom for recent example. Pakistan's blackhole was semi-unintentional, kind of like you tried to shoot your spouse but the bullet went through the wall and "unintentionally" hit a neighbor. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: [admin] Re: Fourth cable damaged in Middle Eest (Qatar to UAE)
Hey, me next! Or it could be a US (or other) attempt to disrupt some terrorist operation in progress which was designed to be coordinated over the internet. I think all this speculation, at best, just reveals the limitations of peoples' imaginations. Is there any "triangulation" of disruption for the cable cuts? Just curious, but that's a bit more operational in nature. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Dictionary attacks prompted by NANOG postings?
Once again shortly after posting a message to NANOG a fairly significant dictionary attack using Earthlink's mail servers fired up. The same thing happened around Nov 30th (I posted about it here.) Does this happen to anyone else posting here? It's pretty clearly a lame attempt to intimidate by some loser. Jan 17 01:29:16 pcls5 sendmail[6757]: NOUSER: ani5 relay=elasmtp-kukur.atl.sa.earthlink.net [209.86.89.65] Jan 17 01:29:19 pcls5 sendmail[7761]: NOUSER: anita2 relay=elasmtp-curtail.atl.sa.earthlink.net [209.86.89.64] Jan 17 01:29:19 pcls5 sendmail[8036]: NOUSER: ando relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Jan 17 01:29:22 pcls5 sendmail[8036]: NOUSER: ando1 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Jan 17 01:29:25 pcls5 sendmail[8036]: NOUSER: ando2 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Jan 17 01:29:28 pcls5 sendmail[8036]: NOUSER: ando3 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] Jan 17 01:29:31 pcls5 sendmail[8036]: NOUSER: ando4 relay=elasmtp-masked.atl.sa.earthlink.net [209.86.89.68] ...etc etc -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: FW: ISPs slowing P2P traffic...
This is amazing. People are discovering oversubscription. When we put the very first six 2400bps modems for the public on the internet in 1989 and someone shortly thereafter got a busy signal and called support the issue was oversubscription. What? You mean you don't have one modem and phone line for each customer??? Shortly thereafter the fuss was dial-up ISPs selling "unlimited" dial-up accounts for $20/mo and then knocking people off if they were idle to accomodate oversubscription. But as busy signals mounted it wasn't just idle, it was "on too long" or "unlimited means 200 hours per month" until attornies-general began weighing in. And here it is over 18 years later and people are still debating oversubscription. Not what to do about it, that's fine, but seem to be discovering oversubscription de novo. Wow. It reminds me of back when I taught college and I'd start my first Sept lecture with a puzzled look at the audience and "didn't I explain all this *last* year?" But at least they'd laugh. Hint: You're not getting a dedicated megabit between chicago and johannesburg for $20/month. Get over it. HOWEVER, debating how to deal with the policies to accomodate oversubscription is reasonable (tho perhaps not on this list) because that's a moving target. But here we are a week later on this thread (not to mention nearly 20 years) and people are still explaining oversubscription to each other? Did I accidentally stumble into Special Nanog? -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: DreamHost Contact?
On December 31, 2007 at 15:18 [EMAIL PROTECTED] (Leigh Porter) wrote: > > Isn't this what you folks call "freedom of speech" ? Freedom of speech is the rule only when they're fairly cerain it's either harmless or no one is listening to you.
Any earthlink mail admins?
I can't get thru via their abuse. Your email servers have been pounding us (theworld.com / std.com) with a non-stop dictionary attack for about a week. Logs available upon request. Nov 28 13:37:46 pcls5 sendmail[26487]: NOUSER: jbart1 relay=elasmtp-galgo.atl.sa.earthlink.net [209.86.89.61] Nov 28 13:37:49 pcls5 sendmail[26487]: NOUSER: jbart10 relay=elasmtp-galgo.atl.sa.earthlink.net [209.86.89.61] Nov 28 13:37:53 pcls5 sendmail[26487]: NOUSER: jbart2 relay=elasmtp-galgo.atl.sa.earthlink.net [209.86.89.61] Nov 28 13:37:56 pcls5 sendmail[26487]: NOUSER: jbart3 relay=elasmtp-galgo.atl.sa.earthlink.net [209.86.89.61] Nov 28 13:37:59 pcls5 sendmail[26487]: NOUSER: jbart4 relay=elasmtp-galgo.atl.sa.earthlink.net [209.86.89.61] ...etc etc etc... -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Creating a crystal clear and pure Internet
On November 27, 2007 at 09:38 [EMAIL PROTECTED] (Sean Donelan) wrote: > > > Some people have compared unwanted Internet traffic to water pollution, > and proposed that ISPs should be required to be like water utilities and > be responsible for keeping the Internet water crystal clear and pure. > > Several new projects have started around the world to achieve those goals. > On a related note: FCC Could Extend Reach To Cable TV Vote Scheduled for Today May Open Door to Regulation http://www.washingtonpost.com/wp-dyn/content/story/2007/11/26/ST2007112602204.html Basically the FCC is being broken out of their cage of "broadcast spectrum and telephone monopolies only" and being given the power to regulate cable TV content. No doubt internet content can't be far behind, the boundaries have just disappeared and all that's left is "whatever seems to us to be in the interest of the public". The FCC is being turned into The Ministry of Censorship before your eyes. The pretext is consumer pricing (unbundling etc) but go look at sites like http://www.parentstv.org ("Parents Televsion Council"), they're already gunning for the FCC's new power over cable content to install their own agenda. If anyone doesn't think this is operational they're missing the point. Making the net as "clean and wholesome" as prime time TV is going to fall in the laps of operations. And that's where this is going, fast. > ITU anti-botnet initiative > > http://www.itu.int/ITU-D/cyb/cybersecurity/projects/botnet.html > > France anti-piracy initiative > > http://www.culture.gouv.fr/culture/actualites/index-olivennes231107.htm -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: unwise filtering policy from cox.net
You're missing the point. [EMAIL PROTECTED] is going to go to whatever MX example.com returns. Sean's point was that you can't cause, e.g., [EMAIL PROTECTED] alone to go to a server other than the same set of servers listed for [EMAIL PROTECTED] If that ([EMAIL PROTECTED]) overloads those servers, even if they're valiantly trying to pass the connection off to another machine, then you have to use some other method like [EMAIL PROTECTED] or [EMAIL PROTECTED] and hope the clients will somehow use that tho for BIGCOMPANY there's a tendency to just bang in [EMAIL PROTECTED] It can be a problem in joe jobs, as one e.g. If you think I'm wrong (or Sean's wrong) even for a milisecond then trust me, this is going right over your head. Think again or email me privately and I'll try to be more clear. P.S. It's an interesting thought. The only approach to a solution I could imagine is that the whole address would have to be passed in the MX query. On November 21, 2007 at 21:06 [EMAIL PROTECTED] (Paul Jakma) wrote: > > > > An unfortunate limitation of the SMTP protocol is it initially only > > looks at the right-hand side of an address when connecting to a > > server to send e-mail, and not the left-hand side. > > > full) or the normal server administrators may make changes which > > affects all addresses passing through that server (i.e. block by IP > > address). > > I guess you're saying there's something architectural in email that > makes it impossible/difficult (limitation) to apply different policy > to the LHS. > > That's not correct though. The receiving MTA is quite free to apply > differing policies to different LHSes. And at least one MTA allows > you special-case measures applied to tables of addresses, such as > whether DNSbl lookups should be applied. > > SMTP is distributed, so you do of course have to take care to keep > distributed policy consistent. But, again, that has nowt to do with > LHS/RHS of email addresses. > > regards, > -- > Paul Jakma [EMAIL PROTECTED] [EMAIL PROTECTED] Key ID: 64A2FF6A > Fortune: > A plumber is needed, the network drain is clogged -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Hey, SiteFinder is back, again...
Since this is verizon, one wonders why this has never been tried on wrong, non-working phone numbers? Visit your local chevy dealer, no interest for 12 months! We're sorry, the number you have reached is it illegal? How long before they'll just make you sit thru a few seconds of pitch before connecting any call? Or any website? How hard is it to stick up a quick bit of flash (e.g.) and then fade to the page you requested? I don't think this is quite slippery-slopism. If you've been in this business 20+ years, a long time, you remember having computers you owned and weren't designed to efficiently flash ads at you, no "Free Trial of" this and "would you like to upgrade now?" that, etc. It's as if there's a magical constant at work in personal computing: The number of minutes per hour of productive work is constant, despite technological improvements. For many years it was limited by the number of reboots, now as systems have become more reliable it's become limited by the number of ads and similar distractions you have to wade through to get anything done. It really all comes down to the same problem, a flat-rate pricing model, and marketeers realizing they can exploit this mercilessly at no incremental cost (spam, "site finder", whatever.) Without any pricing feedback in the loop all you can really do is try to implement more and and more somewhat arbitrary rules (and ways of enforcing them) to try to control behavior, and by whose say-so? One is basically forced into a role analogous to the neighborhood association or zoning board perhaps telling people what they can and cannot do with their property (granted the latter seems to work in a similarly charged environment.) This message brought to you by... -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: BitTorrent swarms have a deadly bite on broadband nets
Back in the dawn of the public internet this same sort of thing was argued fiercely on lists like com-priv (commercialization and privatization of the internet.) It was usually around flat rate vs bandwidth charging. My take was that bandwidth pricing lets you buy as much pipe as you might ever need, like 100mb/s or more SOHO, but only pay for what you use, which seemed rational if the technology supported that. Flat-rate pricing encourages you to guess the most bandwidth you'll ever need in advance and only pay for that. In theory hybrid models could exist (variable, on-demand bandwidth shaping and all that, it's pretty easy in the p-p wireless world.) What's happened is the worst of both worlds where vendors are selling end-users flat-rate pipes (think, for example, 20mb/s FTTH for under $100/mo) but wishing customers would use it as if it were priced per bit. This is a business model dislocation. It reminds me of the time, back in my heartier young man days, when I'd frequent an all you could eat buffet nearby and finally the owner tossed me out after I overstayed my welcome one day, I'd sit there doing school work and make trips to the buffet every so often, saying "yes, that's ALL you can eat, now get OUTTA here!!!" -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: [policy] When Tech Meets Policy...
On August 15, 2007 at 14:38 [EMAIL PROTECTED] (Al Iverson) wrote: > > On 8/15/07, Barry Shein <[EMAIL PROTECTED]> wrote: > > > I am not sure tasting is criminal or fraud. > > > > Neither am I, we agree. I meant if there's subsequent criminality or > > fraud that should be dealt with separately. > > Dumb question, not necessarily looking to call you or anyone out, but > I'm curious: What valid, legitimate, or likely to be used non-criminal > reasons are there for domain tasting? Well, not all of us agree that these ad-only pages are particularly a problem. They're certainly not necessarily criminal or fraudulent except by some stretch. It seems to me that this should be an issue between the domain registrars and their customers, but maybe some over-arching policy is making it difficult to do the right thing? Charging a "re-stocking fee" sounded perfectly reasonable. I don't think anyone has any *right* to "domain tasting", that is, to any particular pricing structure. But I don't see why it requires anything beyond some pricing solution as suggested. > Then my next question is, what reasons are there where it'd be > wise/useful/non-criminal to do it on a large scale? It's a relatively passive activity when used for ad pages, no one forces anyone to look at them. I'm not sure what the problem is with that except it seems to offend some people's sensibilities. If the behavior is used to hide illegal activity such as spamming (e.g., botnet use) then that should be more of a reputation issue. The example which came to mind was ordering a couple of hundred phone lines. In the early days of the internet people like myself did that for modem banks (there was a time it was a lot cheaper to punch up 256 1MBs than to try to demux T1s or T3s or PRIs, I think I still have 66-block punch tool scars in my palm.) A friend who ran an ISP did that and the police showed up thinking he might be setting up a boiler room (telephone stock scam.) He was amused. They weren't sure what he was doing (internet? modems? WTF?) but decided it wasn't a boiler room so left. But that's what a lot of this reminds me of, except of course that ordering hundreds of phone lines required some sort of credit relationship with your local telco which seems to be what's lacking here. But obviously boiler room ops got away with it, that's why they were a problem. I assume the telcos got better at screening such criminals, they probably never paid their phone bills anyhow. But the concept of ordering hundreds of phone lines wasn't at issue, just some borderline criminal behavior and how to suppress it. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: [policy] When Tech Meets Policy...
On August 13, 2007 at 16:01 [EMAIL PROTECTED] (Carl Karsten) wrote: > > Barry Shein wrote: > > > > That is, if you extend domains on credit w/o any useful accountability > > of the buyer and this results in a pattern of criminality then the > > liability for that fraud should be shared by the seller. > > I am not sure tasting is criminal or fraud. Neither am I, we agree. I meant if there's subsequent criminality or fraud that should be dealt with separately. For example if someone were registering thousands of domains to use in a spam throwaway scheme and the spamming behavior is criminal and/or fraudulent, e.g., use of zombie botnets, then I'd hope there were some way to encourage registrars to stop extending that spammer throwaway domains, as one measure. I don't know if it's still true but as of a couple of years ago the average useful lifetime of a spammer's throwaway domain was about two hours. Set it up, send out 100M spams, take the hits, abandon it. Lather, rinse, repeat. It's not the act, per se, it's the resultant criminality which should disqualify the individual or company. Much like abusing credit in the finance world. Effective enforcement of that platitude is, of course, yet another kettle of fish. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Routing public traffic across county boundaries in Europe
On July 27, 2007 at 06:14 [EMAIL PROTECTED] (Lionel Elie Mamane) wrote: > > Also, I've heard that Canada had (maybe still has) this legislation > forbidding you to route intra-Canadian *telephone* traffic through > another country. Something about else nobody would build a > intercontinental coast-to-coast Canadian network, would just send > long-distance traffic to the USA, go to other coast and send it back > to Canada and being this dependent on a foreign country, that's bad. OTOH, the spirit of the Bretton Woods conferences at the end of WWII on preventing a repeat was that such critical industrial interdependencies were fundamental to dissuading nations from going to war on one another. So far the idea has worked pretty well, exceptions excepted. Obviously YMMV. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: Why do we use facilities with EPO's?
On July 26, 2007 at 18:59 [EMAIL PROTECTED] (Randy Epstein) wrote: > > I guess my point was that it's safer to power off a UPS system as best you > can before you shoot water at it. :) Most likely you are doing this at > somewhat close proximity, with step-down transformers nearby, etc. If you can stroll into the room and look around etc., sure, why not. I said that in the previous msg. We agree. The note I was responding to asserted that it was necessary to hit an EPO before (direct) firefighting could commence, I wasn't saying it wouldn't be handy in some circumstances, just "not entirely necessary" (for firefighting.) But getting to an EPO could be difficult if the room is closed and it's looking like it might be somewhere in excess of 450F inside in which case the usual approach is to smash/open a window or door while the others stand ready with a fully charged hose. Which is why they'll usually shut down power from outside the building if needed. By definition a room on fire is a room out of control*. An important component of firefighting is working fast as fires don't usually get better by themselves. Well, actually they almost all do get better eventually on their own, when there's nothing left to burn, but that's not often an attractive option since the available fuel could be what you call your neighborhood. Also, NOT TO BE TOO LITERAL MINDED, but isn't the point of a UPS that it has a lot of power even when it's not getting any externally? Doesn't hitting an EPO on a UPS at best only reduce the electrical hazard of hitting it with water a little bit? * Interesting aside: In many venues, I know this is true in Boston, when a fire official declares a building on fire legal title to that building is automatically transferred to the fire dept until firefighting operations are declared ended. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: Where did freeipdb IP utility site go?
> > > Are there any "good" tools for IPv6 address management? > Is there a "BCP" (convention, whatever) for storing IPv6 addresses into SQL databases? Particularly where you need to mix them with IPv4 addresses. I know postgresql has an ipv6 type but I was hoping for something more portable. The best I could come up with was packed decimal(39) and assume that if more than 32 bits are set it's IPv6 (ignoring the special case of all zeros etc.) The other would be to just use 4 unsigned long ints similarly but it makes comparison and other ops clunky. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: Why do we use facilities with EPO's?
On July 26, 2007 at 16:25 [EMAIL PROTECTED] (Randy Epstein) wrote: > (snip) > > > Put another way: Between a 120KVA UPS and a gang of experienced > > firefighters with charged hoses I'd put my money on the firefighters > > every time. > > > > -- > > -Barry Shein > > You realize the UPS systems we're speaking of are much larger? Usually 480 > volt, many kVA. FWIW, do you imagine that's terribly large for urban firefighters in the big scheme of things, not just computer rooms? My memory could be wrong but I remember the John Hancock building, 60 stories, pulls about 1.5MW...I remember Boston Edison mentioning this in discussing a design I was working on of a supercomputer facility, that we were asking for more power than the hancock building which was ok but it presented..."challenges". Factories can pull a lot of power also (that room was never built.) Anyhow, once you're beyond a pea-shooter I don't think procedures for firefighting vary a whole lot, other than some outliers. -b
Re: Why do we use facilities with EPO's?
On July 25, 2007 at 14:49 [EMAIL PROTECTED] (George William Herbert) wrote: > > > >Seems like the EPO should be a logical AND with the fire alarm system - > >it only works AFTER you have an existing fire alarm in the building. > > > No, no. If the fire alarm system fails, the fire responders need > to be able to hit the EPO and be sure that it works anyways. > It has to be an absolute - firefighters have to know that the > thing they hit was the only, and right, thing, and that they > aren't going to die because they sprayed water on an energized > but on fire electrical system backed by a 120 KVA UPS or some > such. I worked three years with the boston fire dept, albeit quite a few years ago, and rode into many fires and don't generally remember them being much concerned about hitting *anything* with a high-pressure stream of water if it's on fire. Remember all those rules you know about not using water on electrical or chemical fires? Doesn't really count if you have charged fire hoses and know what you're doing except in some special circumstances (they did foam things occasionally, very occasionally, foam costs money!) If they needed the power out, perhaps due to a gas hazard, they generally go for the power out in the street, calling in the power co if there's time or, well, one of the firefighters usually knows how to cut a building's power, between them they usually know just about everything they need to know about stuff like that. I have no doubt if they saw an EPO and the room on fire they'd hit it immediately, why not, as you say it can only make things safer (plus or minus emergency lighting working but they should have their own.) But unless there was an explosion hazard I don't remember there being much concern. Water pressure and getting the equipment positioned and working was a concern (after life and limb of course.) Put another way: Between a 120KVA UPS and a gang of experienced firefighters with charged hoses I'd put my money on the firefighters every time. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: History of the EPO (Emergency Power Off)
When I was designing a sizeable machine room at BU I remember getting into a bit of a debate with someone from buildings because they wanted (I think the numbers are right) 140F sprinklers and I wanted 175F sprinklers, images of an accidental sprinkler discharge dancing in my head (we had halon and all that, but 140F at the ceiling didn't seem all that high w/ all those big racks.) Me: *I've* got over $2M in computers in that room! Him: *I've* got over $20M building around that room! Me: You win! -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: An Internet IPv6 Transition Plan
You posit that running out of bread (ipv4 address space) encourages people to bake more bread. Unfortunately it often makes them scream for bread lines (rationing, central control, privilege.) It'd be nice if there were a more positive reason to go ipv6 than getting out of the bread lines, but the killer ipv6 app remains elusive. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: Abuse procedures... Reality Checks
Bingo. Read the note below again, it is the path to enlightenment, Shein's law of resources: Needs, no matter how dire or just, do not alone create the resources necessary to fulfill. On April 7, 2007 at 20:41 [EMAIL PROTECTED] (Robert Bonomi) wrote: > > > > From: "Frank Bulk" <[EMAIL PROTECTED]> > > Subject: RE: Abuse procedures... Reality Checks > > Date: Sat, 7 Apr 2007 16:20:59 -0500 > > > > > If they can't hold the outbound abuse down to a minimum, then > > > I guess I'll have to make up for their negligence on my end. > > > > Sure, block that /29, but why block the /24, /20, or even /8? Perhaps your > > (understandable) frustration is preventing you from agreeing with me on > > this > > specific case. Because what you usually see is an IP from a /20 or larger > > and the network operators aren't dealing with it. In the example I gave > > it's really the smaller /29 that's the culprit, it sounds like you want to > > punish a larger group, perhaps as large as an AS, for the fault of smaller > > network. > > BLUNT QUESTIONS: *WHO* pays me to figure out 'which parts' of a provider's > network are riddled with problems and 'which parts' are _not_? *WHO* pays > me to do the research to find out where the end-user boundaries are? *WHY* > should _I_ have to do that work -- If the 'upstream provider' is incapable of > keeping _their_own_house_ clean, why should I spend the time trying to figure > out which of their customers are 'bad guys' and which are not? > > A provider *IS* responsible for the 'customers it _keeps_'. > > And, unfortunately, a customer is 'tarred by the brush' of the reputation > of it's provider. > > > Smaller operators, like those that require just a /29, often don't have > > that > > infrastructure. Those costs, as I'm sure you aware, are passed on to > > companies like yourself that have to maintain their own network's security. > > Again, block them, I say, just don't swallow others up in the process. > > If the _UPSTREAM_ of that 'small operator' cannot 'police' its own customers, > Why should _I_ absorb the costs that _they_ are unwilling to internalize? > > If they want to sell 'cheap' service, but not 'doing what is necessary', I > see no reason to 'facilitate' their cut-rate operations. > > Those who buy service from such a provider, 'based on cost', *deserve* what > they get, when their service "doesn't work as well" as that provided by the > full-price competition. > > _YOUR_ connectivity is only as good as the 'reputation' of whomever it is > that you buy connectivity from. > > You might want to consider _why_ the provider *keeps* that 'offensive' > customer. There would seem to be only a few possible explanations: (1) they > are 'asleep at the switch', (2) that customer pays enough that they can > 'afford' to have multiple other customers who are 'dis-satisfied', or who > may even leave that provider, (3) they aren't willing to 'spend the money' > to run a clean operation. (_None_ of those seems like a good reason for _me_ > to spend extra money 'on behalf of' _their_ clients.)
Re: Every incident is an opportunity
Of course, but the point was the goal of that targetting. The US public by and large believed, and seems to still believe (i.e., the TV show Jericho) that the goal of a USSR attack was purely vindictive, complete annhilation. Apparently Civil Defense leaned more towards invasion as a goal. No doubt as weapons systems evolve how you achieve one goal or the other evolves. Either goal leads to different targeting strategies, as possible. If your goal is invasion then value preservation is important (factories, bridges, civilian infrastructure, etc.) If anniliation is the goal than it's of no importance, just bomb the densest population centers. On February 12, 2007 at 16:17 [EMAIL PROTECTED] (Steven M. Bellovin) wrote: > On Mon, 12 Feb 2007 15:05:45 -0500 > Barry Shein <[EMAIL PROTECTED]> wrote: > > > > In the late 60s I remember having an interesting conversation with > > someone who did this kind of strategizing for the Dept of Civil > > Defense. > > > > His scenarios were markedly diferent from the "urban folklore" you'd > > hear from people about what the Russkies were likely to nuke, other > > than everyone agreed they'd try to get the silos and a few other key > > military assets to try to prevent retaliation. > > > Targeting strategy changed over time, because of changes in technology, > quantity of bombs available, accuracy, perceived threats, and internal > politics. For a good history of US nuclear targeting strategy, see > "The Wizards of Armageddon", Fred Kaplan, 1983. The short answer, > though, is that it changed markedly over time. To give just one > example, at one time the US targeted cities, with very big bombs, > because the missiles of the day couldn't reliably hit anything > smaller. Since that's what was possible, a strategic rationale evolved > to make that seem sensible. > > > --Steve Bellovin, http://www.cs.columbia.edu/~smb -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Every incident is an opportunity
On February 12, 2007 at 04:28 [EMAIL PROTECTED] (Robert Bonomi) wrote: Mostly the same as what I said, but one important difference: duck and cover was a response to seeing the flash (only seconds), not to sirens going off (minutes) which was generally get your coat and go into the hallway and close the classroom doors and await further instruction like maybe head to the basement, being sent home was discussed and there's even some cultish early 60's? movie that revolves around the teachers sending the kids home upon hearing nuclear attack was imminent, etc. > BTW, I was in school (elementary/seconndary) in those days (1958-71), in a > mid-sized Midwestern city. We -never- had any of those kind of drills. > Apparently 'the powers that be' concluded that there was nothing in our > vicinity that would be worth dropping a nuke on. :) POSSIBLE OPERATIONAL CONTENT: In the late 60s I remember having an interesting conversation with someone who did this kind of strategizing for the Dept of Civil Defense. His scenarios were markedly diferent from the "urban folklore" you'd hear from people about what the Russkies were likely to nuke, other than everyone agreed they'd try to get the silos and a few other key military assets to try to prevent retaliation. But by and large his scenarios worked forward from the assumption that it was a prelude to an invasion and if you're going to invade you don't want to destroy immediately valuable assets like big factories etc. which usually meant you didn't want, or have any good reason, to nuke major cities, they'd make good slaves. Notice how this "they'll nuke the big cities first to kill as many of us as possible" presumption carries forward even today to the central plot of the current US TV show Jericho (it's summarized in the wikipedia) tho of course the enemy and its strategy has changed since the end of the cold war. Then again much of 9/11 did kinda happen in a big city. Anyhow, far be it for me to try to outline an invasion for fun and profit scenario in less words than you'll tire of reading. But it's somewhat different than a white-hot grudge match fling them all at major population centers extermination scenario. The operational content is to be careful of folkloric wisdom in regards to major disaster no one involved has ever really personally experienced. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Every incident is an opportunity (was Re: Hackers hit key Internet traffic computers)
> > During the cold war American kids > > were trained to hide beneath their desktops in caseof a nuclear > > attack. Much good that would have done. ... >I don't pretend to know the real reason but keeping control is usually >better even if you can't change the outcome. The goal was some protection from flying glass and debris from a blast. The idea was if you saw the flash you'd drop under your desk. Sure, other places would provide more protection but the assumption was if you saw that nuclear flash you didn't have time to do much more than just drop under the desk and put your head between your knees and your hands over your head (and kiss your a.. goodbye as we'd say) in the hope that you'd protect your head and face and eyes etc from flying bits and perhaps the initial heat flash. You were also probably blinded by the flash so slipping under your desk was about all you could expect from 30 little kids now suddenly blinded to manage in a few seconds. Obviously if you were so close to the blast that you didnt even have time to drop under the desk that's ok, it wouldn't help. But a blast wave travels at roughly the speed of sound so that's around 4 seconds per mile so if you were at least a half mile you had time for the teacher to shout "DUCK AND COVER!" and drop under your desk. If a bomb siren sounded that meant you had more time, probably minutes, so you'd quickly line up and all move to the school hallway presumably away from windows etc. I lived through that era and well remember those drills (NYC public schools.) -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: Question about SLAs
On February 9, 2007 at 08:32 [EMAIL PROTECTED] (Fox,Thomas) wrote: All good stuff (you can find the note) but I'd like to point out: > 3. Pay all of your bill except for the disputed portion. Include with every > payment a "SLA CREDIT REQUEST" form that you complete, detailing > the reasons why you feel you are owed a credit, including the ticket > history, etc. Then, every month, include that documentation, and > copies of all other correspondence you've sent... until it is resolved. Read your contract carefully, it often disallows exactly this and allows them to apply payments as they see fit which means they can treat your account delinquent and proceed that way even if you believe you're due a credit. I also believe the law tends to agree with that, as a rule of thumb, you can't withhold a priori, except in specific cases like tenant law where an immediately dangerous condition persists due to landlord negligence, broken furnace in winter, etc. That is, it require more urgency than just "I think I'm due this". But, IANAL, and in practice it might of course force the issue since neither side is likely to sue anyhow unless a lot of money is involved. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: Question about SLAs
On February 9, 2007 at 09:41 [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote: > > > > An SLA is a contract. > > > > A contract is... a contract. > > Does that mean you can take them to small claims court if they don't pay > you the agreed SLA credits? Oh I'm certain you could if you wanted to be bothered, it's a contract with a promise of value like any other. Absolutely nothing unusual or even very difficult to understand unless it gets into a real technical pissing match that confuses the referee. But that's all a crap shoot at best and time-consuming. One reason to always avoid direct legal action is that even if you get what you're due it's exceedingly rare to be awarded legal or other expenses. Expect only the prima facie value. Despite common folklore it's just not done, that's the cost of not figuring out some other way to settle the matter as far as the court is concerned. In fact, at least here in MA, I don't believe a small claims court has any authority to award either legal fees (and even if you don't bring a lawyer it might be a good idea to rack up a coupla hours with your lawyer to make sure you're using the right lingo and statutes etc), or punitive damages tho they can award some direct costs like if you had to (reasonably) pay a moving company to move some object in question, something like that, and you'd better have a receipt and it better not be a "normal" expense (like don't bother asking for bus fare or gasoline for your car or phone calls or other incidentals.) I'd just say you want to go to legal means for things like this only as a very last resort and maybe not even then. What you want to do is figure out ways to raise the stakes in a way to make them into better people even if it goes entirely against their nature. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Question about SLAs
Other than "give them the bum's rush!" what do you do when a vendor is a PITA about SLAs for outages? Obviously there's not enough on the table to get lawyers involved, but it's aggravating when first they act like they lost your SLA request, then claim their logs don't match your logs in some significant way, then try to avoid returning calls to find out what got decided about disputes I guess hoping you'll give up, etc. It's lousy "game theory" if the vendor just wants to insist their logs are very different than the customer's (highly detailed logs), for example, short of bolting, which there might be other reasons to not want to do except as a last resort, like the cost would be a lot more than the SLAs in question. But where's the leverage? I hope this is operational enough for this list, if not feel free point me somewhere else. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: what the heck do i do now?
On February 1, 2007 at 05:34 [EMAIL PROTECTED] (Roland Dobbins) wrote: > On Jan 31, 2007, at 7:04 PM, Matthew Kaufman wrote: > > > (As an example, consider what happens *to you* if a hospital stops > > getting emailed results back from their outside laboratory service > > because their "email firewall" is checking your server, and someone > > dies as a result of the delay) > > Moral issues aside, I'd love to see this litigated. About 20 years ago, probably a little more, I got a call at Boston University from an IT admin working at a hospital in Rhode Island. He told me IBM was making a competitive bid for the hospital's campuswide network and was pushing hard for their own token-ring solutions against his preferred ethernet solutions. What he wanted me to help him think through was that IBM had told the hospital's administration that because ethernet is designed to drop packets (i.e., collisions, let's not quibble my quick description you all know what I mean) that data could be LOST and a patient could DIE and the hospital could be held LIABLE! He said that thus far explaining TCP/IP's reliability had gone right over their heads and all they could see were the materials about ethernet's lossiness IBM had left with them. I forget what I advised, I think I tried to get some other similar players already using ethernet in touch as reference sites. It was 20+ years ago. My only point is that this "unreliability could cause children to die, and, worse, lawsuits!" is awfully old grist for the mill. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: what the heck do i do now?
Just add to your services price list "high-reliability electronic mail service: $10,000/month" or whatever with some general wording about how suitable it is for customers who rely on email for critical and high-dollar business dealings, life and death situations, and similar. Point to it from your general email services menu item. If someone nibbles you could always say you're not taking on new high-reliability email customers for a few months due to demand (theirs.) If what you describe happens you can point to how if they were so concerned they could have purchased the high-reliability email option. They aren't likely to be successful suing you for failure to deliver a service they haven't purchased. Remember the rule: If it isn't worth much to you, it certainly isn't worth much to me. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: what the heck do i do now?
> one problem with this is that the pain is not felt by the misconfigured > folk, but by distant innocents. etc. One problem we have is that we tend to see the internet as a perfect simulation of a fair and just system, at least as a first goal. I don't know if that's possible or not. I don't know if anyone has actually explored the issue deeply. One problem is that there are many different notions of justice present globally. Probably thousands with significant real-world referents. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: AOL Non-Lameness
In the near future half the net will spend half their time wondering what happened to half their mail. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: tech support being flooded due to IE 0day
Once again, ONE arguably off-topic post, followed by a non-stop stream of DOZENS of messages, for days, by self-appointed listcops. I'm sorry if the only thing which prompts you, and you know who you are, to post is that little rush of self-righteous adrenaline upon seeing a message you think is conceivably off-topic but resist the urge and sit on your hands or only send it to your imagined offender. It's a lot like shouting at the television set. Or, better, if you see something off-topic, POST A MESSAGE YOU FEEL IS ON-TOPIC, lead by example rather than by whining. Few things energize us more than another's sin. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: [Fwd: Kremen VS Arin Antitrust Lawsuit - Anyone have feedback?]
On September 8, 2006 at 16:28 [EMAIL PROTECTED] (Fergie) wrote: > > I like how Jack Bates framed it: The IP address space is a "community > asset" and as such, the allocation of it needs to be done in a way > which serves & benefits the Internet community at-large. > Which would form a strong analogy to the FCC's original legal justification for existence in 1934 which was that the radio spectrum is a limited, public trust and as such the FCC is given the power to regulate it and its contents in the public's interest (and, hence, to regulate content in "the public interest".) I would be very careful what I wish for. Fortunately IPv6 could be a counter-balance to any claims of jurisdiction based on limited address space though perhaps the camel's nose will get into the tent first; in theory all address space is finite, even if vast. It's hard to imagine power over content achieved based on IPv4's limited address space would be later yielded for IPv6 any more than the tiny spectrum space of 1934 was ever yielded due to the vast expansion of spectrum afforded by subsequent improved technology. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: [Fwd: Kremen VS Arin Antitrust Lawsuit - Anyone have feedback?]
On September 8, 2006 at 09:06 [EMAIL PROTECTED] (Matt Ghali) wrote: > > People who use the courts as a way to bleed their targets like this > are vermin. Not surprising at all that this is all about some > domain-squatting nonsense. If a lawyer, any lawyer, sits you down in his office, looks you square in the eyes, and says "Don't let them get away with that!" my advice is leap up and run as if you are running for your life because indeed you are. A client's moral outrage and lust for revenge are an attorney's stock-in-trade. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Is it my imagination or are countless operations impacted today with mysql meltdowns
Can I make a suggestion about inappropriate postings which I GUARANTEE would help a lot?! Can we have a DESIGNATED WHINER, or small list of whiners, who has a CANNED MESSAGE and the option to add some text specific to the message? And can take further suggestions of this sort so people can release that "this message was inappropriate" steam? Then every time someone posts something inappropriate we don't have to wade through 20 or 30 individual "That was inappropriate" messages often resulting in further discussion like oh no that's not the right list it should have been on THIS list ooops I got that address wrong here's the correction oh this one is probably good to use also for that topic can we stop posting URLS can we stop feeding the troll are we sure that's inappropriate yes it is I agree I agree too well maybe sometimes it's not inappropriate what if it involves...oh I think that's also inappropriate well I don't it belongs on...wouldn't this be a better mailing list for that topic oh yes you're right oops I typo'd that URL here's a correction ok this one also who died and made you king I dunno who died and made you king don't feed the troll i just want to say there's too much inappropriate traffic on this list yeah me too too much inappropriate traffic yeah me too I'm considering dropping the list because of the traffic yeah me too why can't that topic go onto this mailing list that's a good list but this might be better oops I typo'd the address here's a correction can we get back on topic is that operational i just thought of something funny to interject in this inappropriate thread how about this on youtube oops the url got cut off here's the corrected url can you tinyurl that can we please get back to some operational topic don't feed the troll blah blah BLAH blah blah BLAH blah blah... It's harsh of me to say, but something I've found in around 25 years of these groups is that there's a certain type of person, and it's a fairly common person, who never has anything to contribute (which is fine) but one inappropriate message and it's like taunting mean cops, watch out, they're all over it and suddenly get chatty. Scolding the vast unknown seems to be their specialty. And their imagined target is just about the least likely to read their fantasy scolding. Too many cops. Way more "that was inappropriate" messages than inappropriate messages. There, now *I* did it. No, I don't volunteer, but maybe one of the cops can. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: ISP wants to stop outgoing web based spam
Much of this misses the point about spam. There is spam, and there is SPAM. spam is when some jerk sends me an ad I don't want. SPAM is when some jerk uses sophisticated, illegal techniques to send a few hundred million ads a day. The most effective technique currently uses zombie spambot armies; PCs hijacked through security flaws, upwards of a million of them at any moment. Why? a) Zombie spam armies provide nearly arbitrary quantities of bandwidth and compute power to send out spam. Far more than spammers' business models could ever actually pay for. b) Zombie spam armies provide address mobility. You can't block them like you might block a legitimate site you find obnoxious. It's whack-a-mole at near light speed in a Hilbert space. The vector for these has been almost purely Microsoft Windows. People can rationalize all they want about Windows being more common or how in theory other OS's could also be hijacked but the simpler explanation is that there have been horrible flaws in Windows, including yesterday's high-prio security alert amplified by DHS (MS06-40). It's Windows. MS make tons of money off of spam. They make tons of money off of spam by not fixing their OS except at their own pace and as it fits their marketing goals to not interfere with profitable software applications which may require flaws in their OS to operate, or to operate more profitably. Their near-monopoly means no one can effectively put any pressure on them to get their act together. The best example of that is how they led every primary Windows user to always have admin ("root") privileges on by default which meant that any trick which could get any random user to run a little code could do anything, overwrite any system file, install software, whatever, without any warning or protest. This allowed the installation of software, patches, updates, spyware type programs, etc to go more smoothly and thus more profitably, more friction-free as they say in marketing. No nasty secondary passwords or scary messages like "What you are trying to do requires administrative privileges [warning text], would you like to enable them now? [OK] [CANCEL]" Let's call a spade a spade. We're not being firehosed by Mac OS machines. We're not being firehosed by Linux/FreeBSD/Solaris or other Unix variations. Etc. And it's not simply explained away by the numbers. There may be less, but there are still millions of those machines on the net. And to the best of my knowledge not a single one of them is part of a zombie spam army. I realize people react emotionally to the seeming one-sided blame this implies and feel they make the universe more fair and liveable by rationalizing some spreading of the blame no matter how nonsensical and ungrounded in reality. I realize some people make their living using Microsoft software and these harsh realities make them feel bad and make them want to soften the blow with argumentative responses. Cut yourself some slack, YOU didn't write Windows. But you know who agrees with me? MICROSOFT! Why? Look at the dozens of patches they try to put out weekly to close these holes! Look at the changes, such as moving away from ``every user has admin privs'' in recent and future releases of their OS. That's the problem. It's being worked on, perhaps too slowly to save the patient (e.g., not see the destruction of email), maybe too kid gloved with their vendors and bottom line (at the cost of ISPs et al), but let's not deny a problem that not even Microsoft denies. Plug up the major security flaws, float Windows on a Linux kernel or something (Apple did it on a FreeBSD kernel), and the problem will by and large whither and die as a major problem. Zombie spam armies running on compromised Windows systems are the spammers stock in trade. Everything else is trying to deal with the cause by treating the symptoms. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: ISP wants to stop outgoing web based spam
I assume you were about to provide us with one great legal case cite. Don't be shy, go right ahead. On August 9, 2006 at 13:57 [EMAIL PROTECTED] (Allan Poindexter) wrote: > > >>>>> John Levine <[EMAIL PROTECTED]> writes: > > Allan> I would let any ISP I use make this mistake once. After that > Allan> the individuals responsible would be up on ECPA charges. > > John> I suppose any ISP foolish enough not to disclaim ECPA > John> confidentiality gets what it deserves. > > The ECPA doesn't provide any mechanism to explicitly disclaim > responsibility under it. Even if it did such a disclaimer would > undermine any claim to anything like common carrier status for an ISP > This would make the ISP vulnerable to such things as libel based on > user's content. This strikes me as jumping out of the spam/virus > frying pan into the defamation fire. > > > > -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: ISP wants to stop outgoing web based spam
I think what was being talked about was that a lot of spam now comes as embedded images which unpack into ads for the usual stuff. It's actually been going on for a few years but I guess as the other stuff gets more and more effectively blocked this form becomes more salient. Thus far I don't know of any good filter for these. Common spam software seems to rotate or vary these slightly so it's not as simple as comparing to one you've seen before. Since the image formats are compressed, usually gif, tiny changes can ripple through the entire encoding. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: mitigating botnet C&Cs has become useless
I promised myself I'd never, ever post three comments on the same topic here, but hey... What I think would be a good thing would be focusing on ONE miscreant, some low-hanging fruit for starters. Just one. And shut him/her/it down, hound him off the face of the earth, get him arrested, whatever, put him out of business. And then move on to #2. Not that it will, one by one, get them all. But it *will* raise the stakes, particularly as techniques are developed. IMHO part of the problem is that everyone is trying to solve the entire problem all at once with some magic bullet. It's whack-a-mole in a Hilbert space, too difficult. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: mitigating botnet C&Cs has become useless
On August 2, 2006 at 07:54 [EMAIL PROTECTED] (Jamie Bowden) wrote: > > I'd just like to point out Paul, that while we may rely on police to > handle crimes in the real world, we still lock our doors. > And, in most neighborhoods, feel reasonably safe with locked doors and glass windows (particularly for our vehicles.) The problem starts when the best suggestion is to board up all the windows because they're so easily broken and entered. That is, when security measures become so onerous that they devalue the quality of life. At some point it's time to put the onus on the bad guys and make *them* afraid. P.S. A trick I learned working with the Boston Fire Dept: Many buildings with solid locked doors and barred windows can be cut into right thru the wall in a minute with common handtools, at least enough to reach around and unlock the door. Sound familiar? -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: mitigating botnet C&Cs has become useless
On August 1, 2006 at 11:50 [EMAIL PROTECTED] (Scott Weeks) wrote: >... > there has to be a technical way to do this, rather > than a diplomatic way as the diplomatic ways historically > have not worked in the other areas mentioned, so they > probably won't work here, either. Or we have to keep > going until one can be contrived. Many good attempts > have been made and there will be more to come until we > hopefully rid ourselves of the sickness others of lower > values force on us daily... I have nothing against technical solutions tho after over ten years of a lot of smart people trying, and a grand prize of probably a billion dollars increase in personal wealth, it doesn't seem forthcoming. However, I do take exception to the assertion that "diplomatic ways historically have not worked in other areas mentioned". I think what you mean is that they haven't worked perfectly, but slipped the semantics a little. Surely you didn't mean to say that all efforts to oppose, e.g., the human slave trade have been in vain? The effectiveness has a lot to do with the profitability making the risk worthwhile (e.g., drug trade), and who the crime appeals to; some poor, desparate people will take risks others won't (e.g., high-seas piracy.) Unfortunately all this reasoning might be edifying but it leads nowhere. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: mitigating botnet C&Cs has become useless
On July 31, 2006 at 08:51 [EMAIL PROTECTED] (Scott Weeks) wrote: > > That's all fine and dandy until you consider the > international base of these things. I'd like to see > "...jackbooted [US is implied in the text] government > thugs...kicking in a door somewhere and confiscating every ... This is a common fallacy which goes back to practically day 1 of The Spam Crisis (tm). I remember being invited to a meeting at the Massachussets state house probably around 1998 and being shouted down by this reasoning for a few minutes. Believe it or not spam is not the only internationalized problem on this planet. There's drug trade, actual high-seas piracy, slave trade, phone fraud, investment fraud, and on and on. So the usual snappy response is: And look how well we do with all that! Well, yes, you can make the best the enemy of the good. But there's a logical fallacy involved in trying to extrapolate that to "so therefore we should do nothing". Pressure can be put onto countries which are either spam-friendly or, more likely, spam agnostic (it's just not on their list of priorities.) Spam crime is of only limited value to those countries, one just has to find that value and the right buttons to push. > powered device and every living person in the building" in > China, an African country, Russia, or choice here>. These things span continents and countries > and every time you cutoff the current head, it immediately > spawns another and not always in a country that cares. > > scott -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Sitefinder II, the sequel...
On July 13, 2006 at 13:15 [EMAIL PROTECTED] (John Payne) wrote: > > > On Jul 13, 2006, at 12:19 PM, Joe Greco wrote: > > > I don't really think it is entirely appropriate that a child who is > > looking > > for information on the White House could land somewhere obscene > > through > > entering a web address that appears obvious and logical. > > Who gets to decide that? I don't think it's entirely appropriate that a child chasing a bouncey-ball can so easily run out into the street and get killed by a passing car. According to MMWR over 500 children per year under 14 years of age wander out into the street and and are killed by a car (US.) Another 30,000+/year are injured seriously enough to need an emergency room visit. Ban cars or at least limit them to under 5 mph! And we're not just talking about a kid seeing some bare breasts (isn't kids seeing bare breasts the most appropriate use of bare breasts?), we're talking DEAD. Or maybe the better answer is: Don't let your young kids wander out into traffic, or allow them to use table saws, etc. Sarcasm aside isn't the right answer, for starters, software interfaces for kids? -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Fridays are always good for shock headlines...
I apologize, my note (appended below) was intended for another list which was also discussing this article. I hope no one was seriously injured. -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo* On July 10, 2006 at 13:54 [EMAIL PROTECTED] (Barry Shein) wrote: > > > On July 8, 2006 at 03:04 [EMAIL PROTECTED] (Fergie) wrote: > > [snip] > > > > The FBI has drafted sweeping legislation that would require Internet > > service providers to create wiretapping hubs for police surveillance > > and force makers of networking gear to build in backdoors for > > eavesdropping, CNET News.com has learned. > > I say: Double-plus ungood! > > I guess they can mandate whatever in hell they want in the name of > catching bad guys, anything. > > It should remind us why those "obnoxious" folks from the ACLU et al > really need to have a more balanced influence. > >-b > > P.S. In a somewhat unrelated but amusing chapter from the "Clear > Thinking in Jurisprudence" dept: > > The NY State Supreme Court last week tossed gay marriage as being > compelled by the state's constitution. > > One of the reasonings shot down was the assertion that there is any > problem with discrimination because the result forbids both straights > and gays from marrying same-sex, thus the result is non-discriminatory. > > I'll admit there may be arguments to be made on both sides but...WHEW!
Re: Fridays are always good for shock headlines...
On July 8, 2006 at 03:04 [EMAIL PROTECTED] (Fergie) wrote: > [snip] > > The FBI has drafted sweeping legislation that would require Internet > service providers to create wiretapping hubs for police surveillance > and force makers of networking gear to build in backdoors for > eavesdropping, CNET News.com has learned. I say: Double-plus ungood! I guess they can mandate whatever in hell they want in the name of catching bad guys, anything. It should remind us why those "obnoxious" folks from the ACLU et al really need to have a more balanced influence. -b P.S. In a somewhat unrelated but amusing chapter from the "Clear Thinking in Jurisprudence" dept: The NY State Supreme Court last week tossed gay marriage as being compelled by the state's constitution. One of the reasonings shot down was the assertion that there is any problem with discrimination because the result forbids both straights and gays from marrying same-sex, thus the result is non-discriminatory. I'll admit there may be arguments to be made on both sides but...WHEW!
Re: Proxad? (Was: Drone Armies)
Who owns/operates *.abo.wanadoo.fr? I've had enormous non-stop spam flooding from them for years. Anyone have their complete list of IP ranges they'd be willing to share? Getting kind tired of running scripts to discover them. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: MEDIA: ICANN rejects .xxx domain
On May 12, 2006 at 18:12 [EMAIL PROTECTED] (Todd Vierling) wrote: > On 5/12/06, Barry Shein <[EMAIL PROTECTED]> wrote: > > On May 12, 2006 at 14:51 [EMAIL PROTECTED] (Todd Vierling) wrote: > > > The complexity added by TLDs has one extremely critical good side > > > effect: distribution of load by explicitly avoiding a flat entity > > > namespace. The DNS has a hierarchical namespace for a reason, and > > > arguments to the contrary will convince on the order of sqrt(-1) > > > people. > > > > As if you couldn't just hash on whatever the last component is and > > pick a server on that basis? Query(server[Sum(bytes) mod Nservers])? > > > > There are probably good answers to people's suggestions for change but > > working backwards from "that's the way we've always done it" > > If you bothered to read the 1983 RFCs I mentioned, and others related > to machine naming, you'd realize that the DNS of today is not, in > fact, "the way we've always done it." I've been on the net since 1977, nearly 30 years. I participated in the public discussions which led to the current DNS system. I managed Boston University's campus-wide internet environment when the DNS system was implemented ca 1984-5. When my group connected BU to the internet the host table was still in use. Hunt down "BU joins the internet", a typo in our initial update tickled a bug in the bsd hosttable program which brought down about 2/3 of the internet (yes, down.) I can't say I'm proud of that, but it's kind of hard to forget. > The namespace *was* flat, once. That didn't scale, and not just > because of technical limitations -- the fact that there are only so > many useful combinations of 26 letters in a relatively short name had > some weight in there too. So hierarchical naming was standardized > (some forms of nonstandard hierarchy existed before then), and it's > unlikely we're going back anytime in the foreseeable future. But there's no technical advantage of a hierarchical system over a simple hashing scheme, they're basically isomorphic other than a hash system can more easily be tuned to a particular distribution goal. There might be political or sociological or managerial advantages, but spreading out requests in a reasonably balanced manner among more than one server is a fairly simple technical problem. So that alone is not really a showstopper. I don't dispute the practical, non-technical issues. > Changing *how* the names are structured into a different hierarchy of > organization, I could believe. Changing the fact that they are > structured back to being unstructured... the ship has already sailed. So your argument is that it shouldn't be considered because that's not the way it is. At any rate, as I said in my note I'm not advocating this, I'm just pointing out that some of the arguments against it have been rather shallow, claiming it wasn't technically practical or that's not the way it's been done so that's not the way it will be done. There's no particular technical reason not to flatten the namespace, particularly 30 years later with modern hardware where the compute cost of hashing vs strrchr(host,'.') wouldn't be as much of an issue. There are practical, non-technical issues. My understanding wasn't that the suggestion was to eliminate all hierarchy, only to eliminate the manor TLDs (.com, .net, .org), I believe the example was something like lists.nanog rather than lists.nanog.org. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: MEDIA: ICANN rejects .xxx domain
On May 12, 2006 at 16:55 [EMAIL PROTECTED] (Robert Bonomi) wrote: > > > From: Barry Shein <[EMAIL PROTECTED]> > > Date: Fri, 12 May 2006 15:45:46 -0400 > > Subject: Re: MEDIA: ICANN rejects .xxx domain > > > > On May 12, 2006 at 14:51 [EMAIL PROTECTED] (Todd Vierling) wrote: > > > The complexity added by TLDs has one extremely critical good side > > > effect: distribution of load by explicitly avoiding a flat entity > > > namespace. The DNS has a hierarchical namespace for a reason, and > > > arguments to the contrary will convince on the order of sqrt(-1) > > > people. > > > > As if you couldn't just hash on whatever the last component is and > > pick a server on that basis? Query(server[Sum(bytes) mod Nservers])? > > That's right, you =couldn't=. In the first case, *WHO* runs that server? > What if you are the -only- hit in that hash bucket? > What do you do if *nobody* is running a server for that hash bucket when > you want to register a name that hashes into it? I'll just say that you don't seem to understand the mathematics of hashing. Put another way, it wouldn't be wise to make Nservers larger (or smaller) than the actual number of servers. > The current DNS architecture has a 1:1 correspondence with 'levels', > 'zones', zone administrators, and administrative authority. > > Every 'TLD' has its own, *independant*, administrative policies. > Some of them have 'structured' second levels, (e.g. .uk., .tw., .jp) > others *don't* (e.g. .no, .fr, .ca, .ch). > > If you just eliminate the top level, then *which* ("in the end, there can > only be one") of the various '.com.{CC}" registrars gets to control the > 'new' ".com", and what happens to the registrations in all the _other_ > '.com.{CC}" 2nd-levels that are now disenfranchised? Obviously changing things would require changes. At any rate it wasn't completely clear whether this was instead of the current hierarchy or in addition to it. > If you eliminate all the 'structured' name elements, you have a 'mell of > a hess' of name collisions to deal have to resolve. *who* gets to use > 'McDonalds', for example. the American hamburger chain, or the Scots Clan? > Who gets to use "yellowpages"? (anybody remember why Sun had to change the > name of their network directory service?) who gets "shaw", 'shaw.ca', or > 'shaw.com'? They're *not* the same company. :) I mentioned these problems in the note you responded to. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: MEDIA: ICANN rejects .xxx domain
On May 12, 2006 at 14:51 [EMAIL PROTECTED] (Todd Vierling) wrote: > The complexity added by TLDs has one extremely critical good side > effect: distribution of load by explicitly avoiding a flat entity > namespace. The DNS has a hierarchical namespace for a reason, and > arguments to the contrary will convince on the order of sqrt(-1) > people. As if you couldn't just hash on whatever the last component is and pick a server on that basis? Query(server[Sum(bytes) mod Nservers])? There are probably good answers to people's suggestions for change but working backwards from "that's the way we've always done it" with trailing remarks intended to stifle a response isn't, to my mind, an answer. The best answer I can think of off-hand is that dropping .com etc wouldn't add much, if anything. Any savings in typing would be off-set by having to generate non-colliding names which would've been .com and .org, etc. It would just be creating a new TLD, the null TLD moving collision avoidance left by one. As to .XXX: To my mind the real camel's nose in the tent is that to create it would seem to urge or at least validate its enforcement and coercive means would necessarily arise (civil lawsuits, criminal charges, regulatory apparatus.) Otherwise of what use would it be, in terms of the conceptions of its champions as opposed to unintended consequences? The deeper problem is the conception by many (unwashed) that someone must be in charge, we used to get calls asking for contact info for the Internet complaint dept, and they didn't mean us. People were often shocked to hear that we had no answer. And widespread conceptions like that have a way of materializing, sans some force of resistance. I suppose some may say it's 10 years too late for that comment. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Is your ISP Influenza-ready?
According to the wikipedia's quote of WHO the weighted average mortality rate, which would be across 50 human cases, is 66% in 2006, and 56% across all 194 cases reported since 2004. http://en.wikipedia.org/wiki/H5N1 -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Is your ISP Influenza-ready?
On April 18, 2006 at 10:53 [EMAIL PROTECTED] (David W. Hankins) wrote: > On Mon, Apr 17, 2006 at 02:05:41PM -0400, Jared Mauch wrote: > >Back to the original question, how well could you cope for such > > an event? It's always challenging to think about what would happen > > as sometimes it includes the unexpected. > > All the guidance suggests you're going to lose as much as 40% of your > workforce. > > Well, what intrigues me, is: which 40? (rest of interesting note snipped because you know how to find it) (Warning: unnecessary and overly long speculation follows) Studies of changes brought on by major outbreaks of the plague in Europe tend to be surprised by the qualitative and unexpected changes which occurred. Many make sense only in retrospect. For example, there was recently an article floating around in the news about how the plagues of 1666 and thereabouts may've brought on the mini ice age thereafter which itself may've been in part responsible for motivating the US revolution against Britain in 1776, among other events, but that's a pretty big one in the course of modern history. The reasoning was that the plague so reduced both the farming population and consumption that it caused a lot of farmland to be abandoned to second growth forest which caused widespread carbon sequestering or something like that leading to the drop in temperature and its subsequent effect on European civilization (I won't try to actually argue that point here but it's intriguing.) So if you're really expecting something as macro as 40% of the population dropping dead I think one has to think much bigger and much more in the realm of unexpected consequences. As one guess, if 40% of the population dropped dead a more likely effect than having to continue on with the other 60% of the staff is that the company would just be unable to deal with the loss of customers and staff not to mention the services these people are trying to get to, they're collapsing for the same reasons, a cascade effect. Most would be closed in short order. Maybe all of them, kind of like the airlines trying to adjust to higher fuel costs, many just can't even if the desire to fly (demand) appears to be sufficient to keep them going the business models just cease working. Ok some airlines obviously weathered the change and even prospered but I hope you get my point that it's way beyond Delta or UA et al just cutting an appropriate number of flights and staff (which doesn't seem to have worked), a linear response to a linear problem (higher fuel costs), and required entire reworking of business models from (ahem!) the ground up, or dissolution. Most companies don't go under because they lose a lot of their revenue, they're often dead due to losing a relatively small amount of revenue (like 10-15%) due to fixed overheads. For example, do you think your ISP's landlords are going to let them out of their office leases just because they have so many fewer staff to seat? Particularly in the face of a sea of bankruptcies cancelling leases? Etc. You'd probably be smarter just going into the casket business or something like that, grief counseling perhaps. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
ongoing DDoS...
[Feel free to respond with: take it to list XYZZY] There's been an ongoing DDoS here at world.std.com (The World) tho it's not quite DoS'ing (you got this, right?) it's getting very tiring and obviously is affecting many systems "out there". The MO: (easy to understand but pretty nasty): What I presume is a zombie army sending out gazillions of emails to thousands of hosts out there (not ours) with a randomly generated (usually) return/source address @ our domain(s). The target addresses are usually also unknown so it just bounces back at us. Besides the obvious SMTP traffic this also generates a lot of DNS traffic. At this point the DNS traffic seems to be more of a nuisance probably because so many target hosts are retrying. At one point we were doing around 10K pkts/second in DNS traffic, very unusual. This has been going on for about a week. I'd hoped some little mitigation tricks here and there and a few days' patience and the excess mouths would get tired of this and go back to stuffing neighbors' pets down their garbage disposals for yucks, etc. So where does one start. It seems a mother ship needs to be shut down somewhere, etc. Obviously ID'ing a miscreant would be a nice result. P.S. If you think "get a firewall": The problem traffic is coming from legitimate hosts in the form of DNS+SMTP, not the bots (not to us anyhow.) So not so simple, what's the filter? -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: The Backhoe: A Real Cyberthreat? [ & Re: cyber-redundancy ]
On January 21, 2006 at 01:35 [EMAIL PROTECTED] (Fergie) wrote: > > I still believe in Jon Postel's maxim -- "Be conservative in what > you send, and liberal in what you recieve." > And one can sum up spammers' and similar miscreants' behavior as being precisely the opposite of that. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Compromised machines liable for damage?
To beat a dead horse just a little harder the problem I have is when a certain company kept distributing software with security flaws specifically because they're profiting from those flaws. For example, graphics libraries which accept binary code chunks to be executed in kernel mode without limits for support of quick screen updates in games considered of marketing importance. Blaming it on the games vendors seems inadequate, particularly over several years and releases of each. That's just pure economics and, hence, profiting on others' serious pain. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
RE: Compromised machines liable for damage?
On December 25, 2005 at 23:14 [EMAIL PROTECTED] (Hannigan, Martin) wrote: > > Dave, RIAA wins almost 100pct vs p2p'ers ir sues. Its an interesting > dichotomy. Mostly because it's almost always cheaper to settle than pursue a defense. Read the articles about this "internet illiterate download mom vs RIAA" story (you can't have missed it.) She could've settled for ~$3500, she decided to fight it, she's now at $24,000 in legal expenses and hasn't even gotten close to trial. No juries to convince, no expert witnesses, no courtroom, no fascinating point of law debated, just a simple economic choice, wanna plead guilty for $3500 or run up $25K in legal bills and more? And probably settle anyhow when you decide you've had enough. Anyone who speaks about juries, the law, judges, etc in these kinds of cases is just revealing themselves as having never had any experience with the US legal system, or is speaking for a wealthy corporation who can toss $50K at cases on a whim. In my experience you can easily run up $25K in initial filings, just letters going back and forth between both sides' lawyers, no judge or court involved other than it's being filed by a clerk who checks some mechanics (e.g., deadlines), but no one at the court is reading any of it and they sincerely hope they never have to (i.e., that you'll settle out of court, probably because one side ran out of money.) -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: OT - Vint Cerf joins Google
On September 8, 2005 at 12:32 [EMAIL PROTECTED] (Steve Sobol) wrote: > > Uhhh... why does a dotcom need an Internet evangelist? > To call for the assassination of certain other heads of companies? (no, don't bother, I know, ok?) -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: Phone networks struggle in Hurricane Katrina's wake
Sorry for the interruption but I wish just once I could follow a topical list where 50% or more of the traffic wasn't people posting or arguing about how this or that post was off-topic! The meta-banter gets worse than the banter; the latter at least usually touches on some possibly interesting subject such as phishing policies or Katrina or FCC/VOIP issues, unlike the meta-banter. A SUGGESTION (this isn't just more meta-banter) A committee (of one or more) with an alias who become generally understood as being the SOLE SOURCE of polite "that's off-topic" postings, and an alias others who wish someone would point out that a thread or post is off-topic can send that suggestion to rather than any number of people buzzing the entire list with their complaint. I realize it won't be perfect and there'll be leaks but maybe it'll come to be a commonly accepted convention with some prodding and routine announcements etc. Call it: nanog-ombudsman (nanog-ombudsperson?), whatever, nanog-meta? Sorry for the meta-banter and no I'm not volunteering mainly because I honestly don't think I'm qualified to judge what is on/off-topic as this note amply demonstrates. -- -Barry Shein The World | [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Login: Nationwide Software Tool & Die| Public Access Internet | SINCE 1989 *oo*
Re: centrist...
We used to refer to 10 digit dialing as 17 digit dialing cuz you'd dial 7 then realize oops flash and dial 10. Since this is almost ubiquitous one wonders why no one* sells a phone with a big red DIAL LOCAL AREA CODE button you can set up? I realize us nerds can manage to set up speed dial features to do this (actually I have almost zero patience for diddling with such things personally) but c'mon you want the big red clown nose to push, (PFX) NPA, it could even act as another "ON" button (you usually have to push something to get a dial tone on most modern phones, particularly cordless.) What was the question again? * Well how can I say with authority "no one" but I've never seen this. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: New N.Y. Law Targets Hidden Net LD Tolls
Can't one still get minimal phone service which charges a toll on every phone call? I know this used to cost like $5/mo but I think they eliminated it in MA a few years ago, or made it hardship-only. Simple business lines here normally charge for every phone call, 1MB as they're called, MB = Measured Business tho I guess that's not what Spitzer was concerned with. But that's a big part of the problem, the telcos don't make this information readily available in a form ISPs can use, and even if they did it'd depend on the specific service option the customer had. In our experience customers don't generally know what phone service they have in any useful way (such as the exact name the telco calls it, circle dialing, metro calling, etc.) And boy howdy we've tried to help, motivated by the occasional livid customer who got an unexpectedly large bill. We've had a warning just like the one suggested on our pick a number since before some list members here were born. In my not insignificant experience there's some VP inside every RBOC cackling madly over the revenues generated by this confusion. And, no, don't give me the old "don't attribute to malice what can be adequately explained by stupidity." Double-digit billion $$ companies don't make universal, big revenue generating mistakes over a period of probably 50 years with no doubt millions of complaints (not just ISP dialing) out of "stupidity". Such confusion is their stock in trade. And I suspect that's, as Paul Harvey used to say, "The rest of the story". Spitzer's office must have tried to look into why ISPs et al can't just make a reasonably accurate suggestion to customers looking for a phone number and, upon querying the telcos, was met with a big: hahahahahahaha yeah, right! It's too obvious to have possibly been missed. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Economics of SPAM [Was: Micorsoft's Sender ID Authentication......?]
em and let the rest of us get back to our own lives. Sometimes that's exactly correct, certainly. Oftentimes it's nothing other than an attempt to get someone else to pay the bill or avoid some hard thinking, or hard work. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Economics of SPAM [Was: Micorsoft's Sender ID Authentication......?]
One useful definition of (some sorts of) insanity is doing the same thing over and over but expecting different results. I therefore assert there is no technical solution to spam. What will stop it is some sort of new economic model, billing for e-mail (yeah yeah some reasonable amt "included"), along with vigorous enforcement of that model against theft of service etc. Miscreants of the sort we're dealing with only understand jail time. But, as they say, ya get what ya pay for, or put differently and to paraphrase someone else who I don't know wants the attribution: Most people want free e-mail in the worst way, and that's just how they get it. I'll venture that any such sea-change will not come from the technical community. That's another example of doing the same thing over and over; clearly the internet technical community is stuck in a rut on this issue and has been for years. -b
Re: Micorsoft's Sender ID Authentication......?
We've already tackled reputation systems, they were called web site certificates. You have to submit to a few fairly stringent checks on who you are, typically provide a D&B id which isn't very expensive or difficult but not all that easily defrauded w/in some reasonable parameters (it ain't bank security but it's good enough to be pretty sure you're giving your credit card info to who you think you are, damn, you hand your card to strange bartenders right?) But there was real money in web site certificates, indirectly, in the form of e-commerce. And that area had the good luck of evolving rapidly in a huge market boom. There's basically no such money in e-mail, not versus not adding a reputation system. No further explanation should be necessary. However, I'll add my voice that I believe "reputation" systems as an approach to spam-prevention are neither useful nor sufficient w/o repeating what others have said. The problem is really pretty simple; we're trying to solve a big problem w/o creating any concomitant economics to support a solution. It's a nice fantasy, and that's what it remains after a decade. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
RE: Administration Asks Appeals Court To Compel ISP Searches
A major concern is indemnification and immunity for the ISP. When someone is prosecuted they usually face major legal expenses, and often are incapable of paying them. The prospect of a lengthy prison sentence and/or criminal record does not portend well either. Defense lawyers know this all too well and will go after various deep pockets to help fund their client's defense, such as an ISP who they will argue revealed information inappropriately, violated a position of trust, etc. etc. etc. A proper subpoena issued by a court of competent jurisdiction and reasonably fulfilled tends to be slam-dunk defense against such lawsuits. Likely a judge would just toss any attempt at a lawsuit at initial hearing if it's obvious you were legally compelled to provide the information in question. To me this is at least as big a concern as any vague sense of fair play. Add in gag orders and the like, an atmosphere of silence and denial by LEOs this creates, and one gets the sinking feeling one can find themselves, as the expression goes, way up the creek without a paddle. I've certainly had exactly this conversation with LEOs who sent requests for customer information, even an Ivy League university's senior legal counsel once when their "police dept" was demanding info and for some bizarre reason refused to get a subpoena even over a period of months of ever more heated requests and never had the slightest doubt expressed that I was exactly correct in my concerns. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Schneier: ISPs should bear security burden
On April 28, 2005 at 09:09 [EMAIL PROTECTED] (Adi Linden) wrote: > > Its not up to the ISP to determine outbound malicious traffic, but its up > > to the ISP to respond in a timely manner to complaints. Many (most?) do > > not. > > If they did their support costs would explode. It is block the customer, > educate the customer why they were blocked, exterminate the customers PC, > unblock the customer. No doubt there'll be a repeat of the same in short > time. This mantra is often repeated but their costs are going to explode anyhow as the defensive blocking of them goes on, world-wide, and their customers want to know why they can no longer send email or browse in random, and ever-growing, chunks of IP space (and, frustrated, find new providers.) Only that situation is going to be much more expensive to fix since it's others' IP space they'll need to get policy changes in, not their own. -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Utah governor signs Net-porn bill
On March 23, 2005 at 10:44 [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote: > Finally, someone who recognizes what this bill is > all about. It merely asks ISPs to provide parents > with a filtering tool that cannot be overridden by > their children because the process of filtering takes > place entirely outside the home. > I assume one can opt out of this statutory filtering voluntarily. What's to stop their children (think teens not infants) from doing that as easily as they might disable a local filter? Ok, require ISPs to figure out how to secure against that, password management or whatever. Oh good, another arms race as kids pass around how to by-pass the filters at school...I know, use unlimited national cell rates to dial an out of state ISP. Or find a remote proxy to use. etc. It's not very hard, and if one kid figures it out the others just have to follow the formula. I have a better idea, why doesn't the Utah legislature just outlaw cancer. Wouldn't that do a lot more people a lot more good? Are those lawmakers in favor of people, CHILDREN!, suffering and dying of cancer? Shame on them! -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Utah governor signs Net-porn bill
The Utah governor's name is Jon Huntsman. Use the word "huntsman" as new slang for some sexual act which would make a dead man blush until people demand that any site using the word "huntsman" be blocked. -Name Withheld By Request
Re: AOL scomp
On March 1, 2005 at 14:17 [EMAIL PROTECTED] (Jim Segrave) wrote: > I don't understand this complaint - we process AOL TOS Notifications > daily and I find perhaps 1 in a hundred or so are not valid complaints. Here about 99% are not valid or interesting. Which is to say, I had one small burst once caused by an infected customer machine which we got shut off fast and fixed. The rest are virtually all just people on mailing lists hosted here sending each and every completely on-topic posting to TOS. I suppose I should figure out some way to track them so I can boot them off those lists since AOL removes all identifying information. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "an
On January 13, 2005 at 17:41 [EMAIL PROTECTED] (Stephane Bortzmeyer) wrote: > Of course, I know that. I just mentioned Africa because, in many > countries in Africa, it is simply impossible to get a PTR > record. That's a fact, there are many reasons behind. That's because one of their leader's widows has 10 million PTRs they can't get to without your help and are more than willing to give you 15% of them if you would just deposit... I think the answer to not having rDNS in such an endemic way is to arrange to have your email delivered by a host which does like hotmail or whatever or pay someone to accept your non-rDNS connections as a special case and forward it along. Put another way, I don't know much chaos we should accomodate when solutions really aren't very difficult. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Spam Abuse Script from The World (roky@shell.TheWorld.com)
I've responded off-list to the complaint about a customer here and indicated to the original complainant that if he tries to use nanog as an amplification device again I'll put him in a filter here and will urge nanog do the same. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Spam. Again.. -- and blocking net blocks?
The only solution to spam is to start charging for email (perhaps with reasonable included minimums if that calms you down for some large set of "you") and thus create an economic incentive for all parties involved. Face it folks, the party is over, the free-for-all was a nice idea but it simply did not work. See "The Tragedy of the Commons". On December 10, 2002 at 13:00 [EMAIL PROTECTED] (hostmaster) wrote: > > > The only solution for eliminating spam is a radical change in social > behavior of those whom are causing, allowing and facilitating it. All > reasonable attempts to do so have failed, mainly due to commercial > interests. Thus only a primitive and for some painful interference > helps. Though few want to admit it, as long as all the backbones - > unanimously - are not seriously addressing this problem, and factually > accept the financial consequences of cut off's, and forcefully propagate > those policies to whomever is connected to them, only the hard way remains. > I advocate that spews and others are tough, but apparently necessary means. > The more spam, the harder the action-pack to combat it. > The problem is not necessarily only Korea, Nigeria, Costa Rica, etc. We, in > the US are a significant source of this activity ourselves, probably the > biggest. Painfully enough we lack the initiative to set a standard for the > rest for the World. > > best, > > Bert > [EMAIL PROTECTED] > > > > > > >
Re: Spam. Again.. -- and blocking net blocks?
Are you billing and presumably suing (if they don't pay) the owners of the website et al for the damages they've caused your business by all this? If not you're just subsidizing their attempt to profit off of mayhem at your expense. The question of course is rhetorical. On December 10, 2002 at 10:00 [EMAIL PROTECTED] (Mark Segal) wrote: > > Before the flame begins.. > > I'm not sure when this started.. > > Background: > We have a downstream ISP, who hosts a website of questionable material. > This customer (of our customer) used a third party to spam on their behalf.. > Which is a violation of our AUP. (In fact we null0 the /32 in question). > > Problem: > For some reason, spews has decided to now block one of our /19.. Ie no mail > server in the /19 can send mail. > > Questions: > 1) How do we smack some sense into spews? > 2) Does anyone else see a HUGE problem with listing a /19 because there is > one /32 of a spam advertised website? When did this start happening? > > Regards, > Mark > > -- > Mark Segal > Director, Data Services > Futureway Communications Inc. > Tel: (905)326-1570
Re: Cyberattack FUD
Given the attacks and scale of attacks, such as 300+ broken into servers simultaneously spewing the same spam (we've experienced this) recently described here, I think it would be very naive to shrug it all off as mere obnoxiousness. The attack on the WTC not only took out the WTC, it essentially has taken out our airline industry. Many bombings and similar have been targetted at tourist locations in countries sensitive to tourist income. This enemy is very savvy about economics. Their general terrorist technique is to scare or discourage the general populace out from under some economic base. It's nearly impossible to believe they haven't figured out that poisoning the internet with spam, worms, viruses etc will drive the public away, as it has. One of our worst problems has been we (i.e., the targets) have been relatively slow to "get it" and prefer to dismiss attacks as random events by sociopaths rather than concerted efforts by true and viable enemies. Final food for thought: Just because spam actually seems to advertise something doesn't prove it's innocent. Remember that Al Qaida was funding millions of dollars per month via discount coupon fraud in the US. Just because they were real coupons for real and innocent looking products didn't mean there wasn't evil afoot. How much is really known about the spammers? That they may be roping in dopes to pay them doesn't particularly exonerate them in my mind. In fact, it would tend to fit their MO (i.e., don't just wreck things, try to make some money wrecking things!) -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Even the New York Times withholds the address
Before we get too, too, smug about this if you view the Manhattan skyline, particularly downtown (e.g., SOHO/Tribeca) you'll see house-sized water tanks on many, many buildings, particularly 3-10 story older buildings. I assume due to inadequate water pressure but I honestly don't know why they're there, but they're all over. I don't know if they're quite large enough for the proposed use, but their existence would seem to defy most of the objections asserted below. On November 19, 2002 at 13:43 [EMAIL PROTECTED] (blitz) wrote: > > One last addition to this idiotic water idea.. since the water doesn't get > up there to the reservoir on the roof by itself, add your costs of huge > pumps, plus the cost of pumping it up there, and a less than 100% > efficiency in converting falling water to electricity. Also, add heating it > in the winter to keep it liquid instead of solid, decontamination chemicals > (cant have any Leigonella bacillus growing in there in the summer) Its all > moot, as the weight factor makes this a non-starter. > > > Next: > > You cant store large amounts of propane inside an occupied building, I cant > imagine any FD allowing it. We had an example in a nearby city some years > ago, a 500 gallon propane tank leaked and exploded inside a brick > building, leveled a city block and killed 12 firefighters. Nahh... > > Fuel cells, run on natural gas are the best idea I've heard to date, and > the safest if you're confined to upper floors, but youre talking BIG $$$ > here...whats wrong with batteries, a natural gas genny and a converter > system, telco style? If this is all about diesel storage, why not put the > tanks/gennys in the basement or lower more secure floors? (Im assuming > burial is out of the question in NYC) That way a small day tank would > suffice at the upper floors. > > Marc > > > > >Now, figure out how many kw you need to run a telecom hotel, and you'll > >know just how large your tank needs to be (and how much weight the > >building structure is going to have to support). Even if you assume > >100% efficiency, the tank is still going to me, um, rather largish. > > > > -- Brett -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: DNS issues various
That sounds to me more like considering the use of sonic repellants rather than rat poison to keep the vermin out of the relays and providing latex gloves for removing the dead rats, rather than designing out the relays the rodents get into entirely. On October 24, 2002 at 17:29 [EMAIL PROTECTED] (Sean Donelan) wrote: > On Thu, 24 Oct 2002, Barry Shein wrote: > > Something I'd love to see is a blue-ribbon commission (meaning, made > > up of people with real clue) whose job it was to come up with a > > bird's-eye view of what the internet would look like if it were > > designed from scratch today. > > How about a council? > > http://www.eweek.com/article2/0,3959,642876,00.asp > October 21, 2002 > Network Council to Urge New Practices > By Caron Carlson > > "A council of the largest telephone carriers and ISPs, charged by the > federal government with preventing disruptions to the nation's > telecommunications system, is preparing a checklist of procedures to > protect networks from terrorism and natural disasters." > -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: DNS issues various
Something I'd love to see is a blue-ribbon commission (meaning, made up of people with real clue) whose job it was to come up with a bird's-eye view of what the internet would look like if it were designed from scratch today. Maybe this is some of what Internet-II is supposed to be doing but I think it's more focused on very high bandwidth gated community stuff. In theory the internet could be radically redesigned, at least on paper, and still deliver just about the same function as far as end-users are concerned; surfing, email, file transfer, routing, naming, etc. Task one would be "what must be preserved -- what can be tossed?" So, e.g., web browsing/serving must be preserved, but all of IP per se maybe is up for grabs for redesign, etc. The point being maybe we all spend so much time backpatching etc and assuming that the technology can't be shifted much due to backwards compatability that, truth be told, we don't really know what that shift we're avoiding might be if it were feasible. Can't really know how hard it is to build the bridge if you don't know how wide the river is. And now a song for anyone who read this far: Deep in the Heart of Internet (tune: Deep in the Heart of Texas) The web at night - is big and bright, Deep in the heart of Internet. The smurfers' eye - are on that pie, Deep in the heart of Internet. The roots do loom - just like perfume, Deep in the heart of Internet. Reminds smurfs of - why they get no love. Deep in the heart of Internet. The admins cry - eat 'wall and die, Deep in the heart of Internet. The smurfers rush - to send their gush, Deep in the heart of Internet. The reporters wail - hot on the trail, Deep in the heart of Internet. And the spammers spam - and spam and spam, DEEP IN THE HEART OF INTERNET! Lyrics written anonymously by Barry Shein -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: spam, what to do:)
1. Make sure you have accurate billing information on them, a good credit card, a phone number you've actually called them back on, that sort of thing. 2. Make it clear you'll charge some clean-up fee for spamming billed at $250/hour 4hr minimum. the first item is most important, spammers thrive on anonymity (actually, fraudulent identity), if they feel your procedures don't allow them anonymity/fraud they'll go somewhere else. On October 8, 2002 at 23:21 [EMAIL PROTECTED] (Scott Granados) wrote: > > My question is this. The company I work for has a no spam policy. > Sometimes users do and of course we shut them off. My own feelings asside > its what is considered proper in the isp community so we do it with out > question. However, what is the best policy and procedure to prevent > people from spamming in the first place and secondly if they do and get > terminated fix the damage done. I have no desire to support spam or > enable spammers but there are bad users and sometimes they do. Any > positive advise on dealing with these guys above just turning them off > would be helpful. >
Re: How do you stop outgoing spam?
On September 18, 2002 at 00:01 [EMAIL PROTECTED] (Dave Crocker) wrote: > the claim is that outbound 25 is blocked to prevent spam. however > accessing a remote 25 with smtpauth ensures full accountability and, > therefore, prevents spam. blocking 25 disables use of this mechanism. Part of the disagreement here is basically one of calibration, how serious and desparate the spam problem is perceived to be. One attraction of blocking port 25 is that you can now say to the any spam complaints about your users demanding an answer WE DON'T ALLOW PORT 25 ACCESS SO IT MUST BE SOMETHING ELSE and get on with your day rather than sitting and staring at the headers like tea-leaves trying to formulate a reasoned reply. Over and over and over and over and over and over and over and over and over and over and over and over (get my point?) And maybe that quick answer would even be true. Also, with blackhole lists, many running on automatic and hair-trigger, it lessens the chance that some excess mouth doesn't manage to get your entire ISP blackholed or at least makes it easier to make your case. Think about it: Some little dork with a pc can manage to get your ISP onto some widely used blackhole list and then your phones and email complaint lines really light up. Nothing like a few hundred extra customer complaints an hour to get your attention. It sucks, Dave, it doesn't suck just a little bit, it sucks kinda like anthrax in the mail sucks, spam is a wrecking ball which is successfully taking down the internet we once knew. If you find that hard to believe I invite you to sit here in my offices. I guarantee you your words at the end of the day will be "oh my f***ing god, I just didn't understand how bad it really is." And it gets worse daily. If something doesn't come along and stop it I predict in 5 years e-mail will only work in "gated" communites (corporate LANs) etc and the net will basically become this passive electronic billboard system. Blocking port 25 is kinda like the post office requiring packages over 1lb not be put in mailboxes or banning pocket knives on planes, it's become so trivial relative to the actual problem it's hardly worthwhile discussing. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: How do you stop outgoing spam?
And locking your car, taking the keys, setting the alarm or whatever doesn't guarantee someone won't load it into a soundproof truck. BUT IT HELPS! And having run an ISP for 13 years now I'm here to tell you what I say HELPS. I'm not just making this stuff up, I'm telling you what I know from experience. Spammers et al look for easy marks they don't have to compound their crimes with. As to CyberCafes, I don't know anything about those, never used one, never thought about it, surprised they'd be popular with spammers. -b On September 11, 2002 at 14:12 [EMAIL PROTECTED] (Brad Knowles) wrote: > At 2:37 PM -0400 2002/09/10, Barry Shein wrote: > > > A) Make a clear policy as part of the terms & conditions, including a > > significant clean-up fee + direct charges (e.g., if they ask you or > > prompt a legal question they can pay the legal fee for you to get it > > answered.) > > That's nice to have, but hard to enforce. That is, unless you > ask for a large up-front cash deposit. > > > B) KNOW WHO THE HELL YOU'RE GIVING ACCOUNTS TO so that (A) works. Get > > a credit card or verify the phone number and other info (e.g., call > > them back, insist on calling them back.) > > Do you know how many credit cards are out there? Do you know how > many of them are fake or stolen? You can't even get a decent charge > that you can reliably apply to them, because the bank at the other > end will refuse payment from a non-existent or closed account. > > > C) Use (B) to enforce (A). > > Doesn't work. See above. > > > The problem in 99% of the cases is either (B) or ISPs who just don't > > care at all. > > CyberCafe's can't use (B), even if it did work. That would > violate their basic premise. > > -- > Brad Knowles, <[EMAIL PROTECTED]> > > "They that can give up essential liberty to obtain a little temporary > safety deserve neither liberty nor safety." > -Benjamin Franklin, Historical Review of Pennsylvania. > > GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI$ P+>++ L+ !E W+++(--) N+ !w--- > O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) > tv+(+++) b+() DI+() D+(++) G+() e++> h--- r---(+++)* z(+++) -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: How do you stop outgoing spam?
Ya know Vadim, with all due respect, some people choose to live on their knees, one govt after another. You do know what happened to HUAC et al don't you? They got their butts thrown out of congress. Sen Joe McCarthy died a lonely, bitter, drunk. Meanwhile, civilization demands of us to use a govt or govt-like entity to run a legal system, not vigilantism. -b On September 10, 2002 at 18:29 [EMAIL PROTECTED] (Vadim Antonov) wrote: > Some of us came from places where the new sheriff came and stayed. And > because just scaring didn't work after some time, he proceeded to hang and > hang and hang, murdering millions just to keep the rest properly scared. > > When someone gets power he's quite unlikely to part with it on his own. > Harsher view of the reality, if you wish. Or, rather, real life > experience. > > Calling on government to come and fix problems which can conceivably be > fixed without it is a surefire way to get more sheriffs on your neck. > HUAC[*] reading your e-mail to determine if it contains loathed > un-american terrorist-sponsoring spam. With Ashcroft being in charge of > grilling spammers. Or whomever he declared an enemy today. > > Be careful with what you wish. Your wish may be granted. > > --vadim > > [*] House Un-American Activities Commitee.
Re: How do you stop outgoing spam?
On September 10, 2002 at 14:41 [EMAIL PROTECTED] (Dan Hollis) wrote: > On Tue, 10 Sep 2002, Barry Shein wrote: > > A problem with spam is not only aren't you likely to get caught, it's > > not even generally agreed to be illegal. ...some stuff snipped... > Fully half the fault and responsibility for the current state of affairs > lies with providers who are unwilling to take any action to shut down well > known spammers and abusers. But much of that goes back to spamming not being clearly illegal, in two ways: 1. Some just take the attitude that if it's not illegal then it's ok, ignorable even if obnoxious behavior. No doubt the fact that it's paying customers doing the spamming in some cases colors this view. For others it's probably just "overworked, yet another distraction". 2. Some others take the attitude that if it's not illegal they're taking a chance (of lawsuit etc) if they shut someone down. Unless of course they have clear T&C's, but no matter how you write them some obnoxious, agressive, pond-scum can try to dispute that it applies to them. Been there, done that. Unless you do something nice and transparent like "you get 5 complaints per month free, the rest cost you $100/each." -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: How do you stop outgoing spam?
On September 10, 2002 at 14:20 [EMAIL PROTECTED] (Dave Crocker) wrote: > > Well, it's clear that the real point I was trying to make was entirely > missed by everyone, so let me try again. > > Dealing with problems, by focusing on absolute outbound port control, > restricts legitimate use, as well as problematic use. For a group that is > largely dominated by libertarian thinking, opting for blanket, outbound > port control is odd. Very odd. I think we do understand very well. In a nutshell: We're hosed. Everyone is running around willy-nilly doing things like blocking outbound port servers, analyzing mail headers which were never meant to be analyzed, doing full body text searching against hundreds of regexp patterns, blocking hundreds if not thousands of IP addresses and entire (CIDR forgive me) nets, etc. >>At this point your easy-to-agree-with point is kinda like saying >> "I pay taxes, I damned well ought to be able to walk any street in any >>city at any time of the day or night and be safe!" > >No. It is like saying that because there is some street crime, in some >places, let's make it illegal to walk anywhere, ever. The word for this is "curfew" and it's not unusual in troubled areas. >And it is like saying that because some people make obscene phone calls, >all phone calls will now be monitored. All phone calls are potentially monitorable because of problems like this. etc etc etc let's not quibble the analogies too much. My point is that we are now in a high crime zone, and what the "laws" (standards) say are becoming less and less influential versus frantic attempts to stop crime (spam.) You can't have law without order. Put another way, if no one will (or can) enforce the law such that order prevails people will just do what they have to. This often results in chaos. 1. Outlaws running crazy in the streets, drunk, raping, looting, tipping badly, etc. 2. Citizens meet in the church, yell at the sheriff, sheriff shrugs shoulders, bunch of men grab rifles and march out to confront outlaws themselves. 3. Massacre, vigilantes shoot each other, other honest townspeople, criminals laugh hysterically and vow to get drunker and have more fun (Dave, you've come in just about here.) 4. New sheriff comes into town, scares the crap out of everyone because he's so mean. Threatens to hang any citizen who takes law into own hands, etc. 5. New sheriff cleverly thwarts criminals while citizenry cowers behind closed doors and drawn curtains. 6. Law and order is restored, townspeople tearfully beg new sheriff to stay. Sheriff sneers, rides into sunset, next time you have to do it for yourselves. 7. Haunting tune whistled, credits roll. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: How do you stop outgoing spam?
For about 20 years I've been saying on these lists: Civilization is the knowledge that your house is reasonably locked up even though you have glass windows. (most) door locks (usually) work because breaking into them is accepted as illegal and there's a finite chance of being caught and going to jail for breaking them. Not because they're generally impervious to technology (e.g., crowbars, sharp kicks, charge cards.) A problem with spam is not only aren't you likely to get caught, it's not even generally agreed to be illegal. Hell, it's not even generally agreed to be anti-social except among the anointed. The solution (at this point) is not to nail plywood over all your windows. First we (as a society) need to agree spamming is even illegal. I fear those of us who don't like spam are rapidly losing that battle, however, and spam is becoming a regular and normal business activity. The spammers are winning by demonstration. You have probably 90% of internet users see spam in their mailbox every day and they come to believe that it must be ok, even if annoying. Like telemarketing calls. -b On September 10, 2002 at 13:48 [EMAIL PROTECTED] (Vadim Antonov) wrote: > > On Tue, 10 Sep 2002, Barry Shein wrote: > > > And, although some won't like me saying this, having the technical > > community deal with these new criminals is a bit like sending the boy > > scouts after Al-Qaida. > > > > Unfortunately it's going to take a much harsher view of reality than > > "maybe this regexp will stop crime". > > > Last time I checked policemen weren't designing door locks. Not even in > business of selling them. > > What we have is a lot of open doors having prominent signs "come in and > take whatever you please" on them. This can and should be fixed by the > technical community. > > US is not going to send troops to Nigeria just to catch some spammers > anyway. Consider that a "harsher view of reality" :) > > --vadim > > PS. Criminals are criminals because they are stupid. If they were smart > they could make good living legally. Governments avoid competition, > too.
Re: How do you stop outgoing spam?
On September 10, 2002 at 10:16 [EMAIL PROTECTED] (Dave Crocker) wrote: > > At 08:20 PM 9/9/2002 +, Paul Vixie wrote: > >outbound SMTP should be blocked for any dynamic or dialup source within > > One of the basic problems with discussions about spam control is that it > focuses entirely on spam. Blocking output SMTP from individual dial-ups > has a serious negative consequence: Yeah, well, too late, that battle was fought and settled years ago. The spammers are driving the standards at this point, not reasonable people trying to make things work. Ultimately that's one of my big problems with spammers, they're like termites in the RFCs quietly chewing away at both the letter and intent. At this point your easy-to-agree-with point is kinda like saying "I pay taxes, I damned well ought to be able to walk any street in any city at any time of the day or night and be safe!" nice sentiment, but unfortunately no longer realistic, not where the criminals are in charge. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: How do you stop outgoing spam?
Point of information: Can you really distinguish all this intentionality vs. the spammer just changing which relay to rape? Perhaps because the raped relay was shut down or secured when the owner found out what was going on? Or the spammer just switching relays to rape for no specific reason other than they seem to "go bad" after a few hours so use one for a while (perhaps a batch of addresses to spam) and then switch to the next in the list? On September 10, 2002 at 09:12 [EMAIL PROTECTED] (Joe St Sauver) wrote: > Actually, our experience *does* follow the backoff paradigm: if you block a > particular source of spam, that rejection *does* seem to trigger "message > volume" backoff at the source, with only periodic check probes apparently > designed to see if the spam source is really still blocked (and of course > it really still is). > > Now it is true that in many cases the spammer *will* do a set of probes in an > effort to see just how broad a given block is (e.g., is it just a /32 that's > being blocked? is it my entire netblock? is it a domain based filter? can I > slide in via an open SMTP relay or an abusable proxy server?), but at least > here at the U of O, we're NOT seeing spammers waste their time attempting > delivery of hundreds or thousands of messages per day via hosts that have > been identified and filtered. > > Regards, > > Joe -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: How do you stop outgoing spam?
On September 9, 2002 at 14:47 [EMAIL PROTECTED] ([EMAIL PROTECTED]) wrote: > On Mon, 09 Sep 2002 10:37:35 PDT, Al Rowland <[EMAIL PROTECTED]> said: > > How many (more) protocols are we willing to cripple in the name of > > fighting spam? > > Crippling protocols won't help, in the long run. What will help is > the use of a baseball bat, properly applied. Unfortunately, although > it would probably be *cheaper* to hire group> to simply whack the cluelessmailers.org list of top 100 > offenders, network providers fall into two distinct classes: You've certainly gotten to the heart of the problem, Valdis. The problem is we're up against a new organized crime on the internet in the form of scams and spams. And, although some won't like me saying this, having the technical community deal with these new criminals is a bit like sending the boy scouts after Al-Qaida. Unfortunately it's going to take a much harsher view of reality than "maybe this regexp will stop crime". -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: How do you stop outgoing spam?
The best way to stop spam from going out of an ISP is to: A) Make a clear policy as part of the terms & conditions, including a significant clean-up fee + direct charges (e.g., if they ask you or prompt a legal question they can pay the legal fee for you to get it answered.) B) KNOW WHO THE HELL YOU'RE GIVING ACCOUNTS TO so that (A) works. Get a credit card or verify the phone number and other info (e.g., call them back, insist on calling them back.) C) Use (B) to enforce (A). The problem in 99% of the cases is either (B) or ISPs who just don't care at all. I no longer believe "it was a throwaway account" is a reasonable excuse except in a rare case where something slipped through the cracks, I understand it can happen. But when a spammer is creating throwaway after throwaway the ISP needs to change their account creation procedures because this information is shared by spammers and they've become a target. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
RE: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at
On August 29, 2002 at 11:54 [EMAIL PROTECTED] (Jeroen Massar) wrote: > Never been in the city (those places where more than 100k people live) > now have you ? Born and raised in NYC, lived the past 25+ years in Boston, spent some time in between living in LA. If there are any other questions I can help you with please, please don't hesitate to ask. -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at
From: Paul Vixie <[EMAIL PROTECTED]> >i measure success by the fraction: > > rejected_spam / total_spam > >thus if i can reject 6000/1 that may not seem better than rejecting >1000/4000 since i ended up dealing with 4000 received spams rather than >3000, but it actually does mean that my situation got better >_compared_to_having_done_nothing_. Fair enough but let me explain why I find this unsatisfying. It's like I'm living in a neighborhood where the crime rate is rising and rising, and you're "selling" security grates and better locks. They even seem to keep the crooks out of the bedroom at night for a while anyhow, so that's your measure, often keeps you from being murdered! The problem is, the crooks are still banging at the doors, trying to crowbar their way in, etc. Let me give two common spam examples to show this is a very tight analogy: a) The other day our mail servers were groaning unusually. What was happening was that someone had firehosed MSN.COM with a spam with a return address forged with our domain. So even tho we were blocking it, in fact the bounce user didn't exist so we didn't really have to block it, all of MSN's server power being pointed at us trying to return many thousands of bounces as fast as they could was quite painful. b) A few weeks ago I counted over 200 open relays simultaneously spewing the same spam at us. The point being they will fill your pipes, cause you to need more servers just to run these various filters, run our people ragged, etc. So, it's nice that someone is providing security grates and alarm systems etc, but it'd be nice if the crack (spam) houses would just shut down entirely so we could sit on our porches and chit-chat without worrying about the constant drive-by shootings. If you get my drift. And that's going to require socio-legal approaches, not ever stronger security grates. Because sooner or later you can't see out the grated windows any more or get some air through them, and you're afraid to go outside... -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at
Oh to some extent even the first time it's because they're slackers. If instead of a brainless rush to sign up dial-up accts and check credentials later they demanded a credit card or other verifiable information (a phone number we can call you back at to activate) then they'd burn up about 99.9% of the opportunities for spammers to get throw-away, anonymous accounts. I say this from absolutely first-hand experience. On August 27, 2002 at 15:22 [EMAIL PROTECTED] (Paul Vixie) wrote: > > [EMAIL PROTECTED] (Paul Vixie) writes: > > > whenever you get spammed, it's because some isp somewhere is a slacker, > > what i meant to say was "whenever you're getting repeat spam from the same > place, day after week after month, it's because some isp somewhere is a > slacker." any given isp can be attacked and used to send outbound spam. > but not every isp can be used in this way over and over by the same bunch > of people. to the second group, i say: "please shift the cost of dealing > with spam from your network, back inside your network." > -- > Paul Vixie -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
Re: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at
On August 27, 2002 at 03:15 [EMAIL PROTECTED] (Paul Vixie) wrote: > > > Every single purely technical approach to stopping spam has been a > > complete loser. > > In the fullness of time, the universe itself will die of heat. So what? How come this makes me want to raise the issue of our immortal souls? > What matters more is what use is made of time before it gets so "full." A > number of purely technical approaches to stopping spam have been quite > successful... in the short term... which not the same as being a complete > loser in the long term. (Everything's a complete loser if you measure it > right.) I guess my assertion has been that it really hasn't been measured and the sense is that spam has always been rising either linearly or super-linearly. Putting bomb-sniffing dogs at the security gates only to see them take the planes with box-cutters is not my idea of "successful" even in the short term. So for example saying this or that filter appears to have repelled 1M spam msgs per day doesn't really prove much unless one can say with some (preferably mathematical) confidence that it's actually reduced spam not just caused it to flow around the filter. Put another way it'd be nice to know that a technical approach was statistically superior to just shutting off SMTP for an hour per day which would also block some amount of spam. Look! Not one single piece of spam from 1AM-2AM (while we had our machinery all turned off.) Maybe there is no technical solution, of any value, possible (at the system / DoS level, not talking about individual approaches like whitelisting.) I'm quite serious. I think it's sad to watch all this effort go into chasing technical solution after technical solution for all these years by so many bright people only to feel like it was all pretty much for naught. About the only real value I've seen is that we can at least sort of point at these efforts when some nihlist says "who is to say spam is bad?" and respond, well, these people are going to all this trouble (possibly futile) to stop it so I guess that's one bit of evidence that it's not universally loved. My point is that I think we really need to start focusing on solutions which aren't primarily or solely technical. One that keeps coming to mind is charging for all bulk commercial e-mail as a regular custom for reasons I've outlined here previously. But I don't claim that to be the only or even best solution. It's just one that makes some sense to me. And, more importantly, is an example of the kind of thing I'm thinking so people don't always finish reading my notes by shaking their heads and saying ``gosh he writes pretty well but WTF is he talking about???'' -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*
RE: Paul's Mailfrom (Was: IETF SMTP Working Group Proposal at smtpng.org)
From: JC Dill <[EMAIL PROTECTED]> >I guess you haven't read RFC 3098 yet then. > >http://www.geektools.com/rfc/rfc3098.txt Wow, I missed that. It's really quite good. So good, in fact, that I just sent copies of it out to the 300 MILLION ADDRESSES I have on this CD here... No, seriously, it's good stuff, thank you for pointing it out. Now how do we get legislators, judges, etc. and their staff to read it? (said somewhat rhetorically / thinking out loud, I'll print it nicely and send it to my reps with a cover letter.) -- -Barry Shein Software Tool & Die| [EMAIL PROTECTED] | http://www.TheWorld.com Purveyors to the Trade | Voice: 617-739-0202| Login: 617-739-WRLD The World | Public Access Internet | Since 1989 *oo*