RE: Unplugging spamming PCs
What I am proposing is have a registry that you must register with before other mail servers will accept mail from you. Similar to how MAPS RBL works, but the mail server itself, enforces it, rather than a firewall or a ancillary device ACL. This could be made a standard of SMTP. LP Best Regards, Larry Larry Pingree 408-543-2190 Visionary people, are visionary, partly because of the great many things they never get to see. - Larry Pingree -Original Message- From: Joe Shen [mailto:[EMAIL PROTECTED] Sent: Thursday, June 24, 2004 6:36 PM To: Larry Pingree Cc: [EMAIL PROTECTED] Subject: RE: Unplugging spamming PCs Hi, Mail servers should be registered just like domains and shutdown by a registrar if they are misusing their registered services. This really needs to be handled by a multi-lateral legal solution, industry will not fix it alone. No, I don't think this is good solution First of all, we could not ask customers to register everything they planned with leased line without legal reasons. Second, if I hire DSL/leased_line service from ISP and set up domain name for myself, ISP could not ask me to tell them which port should be opened as I'm not taking a firewalling service, I'm not a member of my service provider. I should be able to do anything that are not perhibited by law or affact someothers. Blocking_port_25 indicates ISP pre-assume that customers will SPAM their network. But, SPAMmer is just a very small group of people. Maybe most of them comes from other countries ( what happens in China). To me, the proper way of anti-spam may ask cooperation between ISPs and Email service providers. Anyway, strengthening anti-spam ability in Email server is a must. regards Joe LP Best Regards, Larry Cool Things Happen When Mac Users Meet! Join the community in Boston this July: www.macworldexpo.com
RE: Unplugging spamming PCs
Authentication and Authorization are two separate and distinct issues. TLS and Authentication have been around for quite a while, but without centralized authorization it will never be deployed by disparate corporations for inter-domain mail! This will not stop spam. Unless of course you want to manage user accounts or certificates with every single customer that you want to have conversations with. Authorization must still be authorized by a third party agency which verifies validity between everyone involved in communications. LP Best Regards, Larry Larry Pingree Visionary people, are visionary, partly because of the great many things they never get to see. - Larry Pingree -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, June 25, 2004 12:14 PM To: Larry Pingree Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Unplugging spamming PCs On Fri, 25 Jun 2004 09:11:36 PDT, Larry Pingree said: What I am proposing is have a registry that you must register with before other mail servers will accept mail from you. Similar to how MAPS RBL works, but the mail server itself, enforces it, rather than a firewall or a ancillary device ACL. This could be made a standard of SMTP. Yet another it won't do any good till everybody deploys it. http://www.rhyolite.com/anti-spam/you-might-be.html
RE: Homeland Security now wants to restrict outage notifications
I agree, there are much more important things to protect than this information. It would be almost impossible to manage, and even more unlikely to ever have a positive effect. Besides, if someone with ill intentions has the abilities to act so quickly on such short notice, then we have much greater failures of our intelligence system that would need to be addressed. LP Best Regards, Larry Larry Pingree Visionary people, are visionary, partly because of the great many things they never get to see. - Larry Pingree -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Scott McGrath Sent: Thursday, June 24, 2004 11:06 AM To: [EMAIL PROTECTED] Subject: RE: Homeland Security now wants to restrict outage notifications I did read the article and having worked for gov't agencies twice in my career a proposal like the one floated by DHS is just the camel's nose. I should hope the carriers oppose this. Now a call comes into our ops center I cant reach my experiment at Stanford. Ops looks up the outages Oh yeah there's a fiber cut affecting service we will let you know when it's fixed. They check it's fixed they call the customer telling them to try it now. Under the proposed regime We know its dead do not know why or when it will be fixed because it' classified information This makes for absolutely wonderful customer service and it protects public safety how?. Scott C. McGrath On Thu, 24 Jun 2004, Tad Grosvenor wrote: Did you read the article? The DHS is urging that the FCC drop the proposal to require outage reporting for significant outages. This isn't the DHS saying that outage notifications should be muted. The article also mentions: Telecom companies are generally against the proposed new reporting requirements, arguing that the industry's voluntary efforts are sufficient. -Tad -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Scott McGrath Sent: Thursday, June 24, 2004 12:58 PM To: [EMAIL PROTECTED] Subject: Homeland Security now wants to restrict outage notifications See http://www.theregister.co.uk/2004/06/24/network_outages/ for the gory details. The Sean Gorman debacle was just the beginning this country is becoming more like the Soviet Union under Stalin every passing day in its xenophobic paranoia all we need now is a new version of the NKVD to enforce the homeland security directives. Scott C. McGrath
RE: Unplugging spamming PCs
But if you telnet from an IP that is not registered, you would be denied. Thus at least eliminating many of the erroneous email servers out there on the DSL, dial-up and other broadband connections, this has been tried in the open with such things as MABS RBL, etc by blocking common spamming IP's and mail servers. But since it is not mandatory, it falls apart too easily. LP Best Regards, Larry Larry Pingree Visionary people, are visionary, partly because of the great many things they never get to see. - Larry Pingree -Original Message- From: Joe Hamelin [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 23, 2004 5:26 PM To: Larry Pingree Cc: [EMAIL PROTECTED] Subject: Re: Unplugging spamming PCs On Wed, 23 Jun 2004 16:40:23 -0700, Larry Pingree [EMAIL PROTECTED] wrote: I agree with you it's a hard problem to solve. But unless there is mandatory cooperation within mail server software (which can be monitored) to interface with a registry of acceptable/registered sites, then this model could work. I can telnet to a mailserver and send mail to that host without much thought. What good will a registry do? What will solve spam is getting some of these virus writers to actually write some code that will trash disks of poorly patched (if a at all) hosts. Let Darwin take over. -Joe
RE: Unplugging spamming PCs
Hi John, I'm not taking it to extremes. I'm talking about the middle of the road, and certainly spam is the on the top of the scales on everyone's statistics. I'm certainly not condoning or suggesting that the government control everything, and I'm not for absolutely no government involvement either. A balanced approach is most appropriate just as with anything there also can be regional registries similar to how ARIN is setup that allow inter-continental and inter-country registration. Unless someone can come up with a better idea, I see no other choice. FYI, we do already license IP's, through ARIN, APNIC, etc so that's already been done :) LP Best Regards, Larry Larry Pingree Visionary people, are visionary, partly because of the great many things they never get to see. - Larry Pingree -Original Message- From: John Payne [mailto:[EMAIL PROTECTED] Sent: Thursday, June 24, 2004 11:40 AM To: Larry Pingree Cc: [EMAIL PROTECTED] Subject: RE: Unplugging spamming PCs --On Thursday, June 24, 2004 11:17 AM -0700 Larry Pingree [EMAIL PROTECTED] wrote: Hi Joe, If only those who are approved email senders are allowed to be accepted, this allows police, FBI, or DHS to go after only those who are registered and abusing it. It's for the same purpose that we administer car registrations, so that at the end of the day, someone is responsible for the car. In this case, someone can be responsible for the domain and mail server. In its current state, we are left way in the open. I don't disagree that government control is un-desirable, but remember, at least in my mind, even though it may be undesirable, it may be a necessary action. Anyone know why we have to get a drivers license? How about a passport? What about a SSN? All of these things are ways in which we can have accountability. Without accountability we will remain in anarchy. All that government does is bridge a gap when corporations, which only do things for profit, will not collaborate on an appropriate solution to a problem, even though one exists. But why stop at email servers? spam is only one of the unsociable and illegal acts happening on the Internet. Why not license ownership of every IP capable device? That'll stop all forms of DoS (DDoS and otherwise too). Just to make sure, let's require that all vendors both inspect the license from their customers *and* notify the government on every purchase or upgrade. Hmm. Which government though? Better to be safe... you can't be sure which country the device is being installed in, or which country the packets flowing through the device will also visit. So let's require licenses from every country... and vendors to notify every government on every purchase or upgrade. Yep, that'll do the trick.
RE: Teaching/developing troubleshooting skills
Hi Pete, If you have a test lab, a good thing would be to setup a complete functional network. Show the engineer how it's configured. Then have them leave the room and then break it. Send them back in to look at what is wrong. As they move through the process, help them by guiding them through the troubleshooting process in a mentoring fashion, help them analyze and break apart the problem. LP Best Regards, Larry Larry Pingree Visionary people, are visionary, partly because of the great many things they never get to see. - Larry Pingree -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pete Kruckenberg Sent: Thursday, June 24, 2004 4:09 PM To: [EMAIL PROTECTED] Subject: Teaching/developing troubleshooting skills I'm working on trying to teach others in my group (usually less-experienced, but not always) how to improve their large-network troubleshooting skills (the techniques of isolating a problem, etc). It's been so long since I learned network troubleshooting techniques I can't remember how I learned them or even how I used to do it (so poorly). Does anyone have experience with developing a skills-improvement program on this topic? If you've tried such a thing, what worked/didn't work for you? Outside training? Books? Mentoring? Motivational posters? I'm particularly sensitive to the I got my CCNA, therefore I know everything there is to know about troubleshooting perspective, and how to encourage improving troubleshooting skills without making it insultingly basic. Thanks for your help. Pete.
RE: Unplugging spamming PCs
Mail servers should be registered just like domains and shutdown by a registrar if they are misusing their registered services. This really needs to be handled by a multi-lateral legal solution, industry will not fix it alone. LP Best Regards, Larry Larry Pingree Partner Engineering Juniper Networks, Inc. 408-543-2190 Visionary people, are visionary, partly because of the great many things they never get to see. - Larry Pingree Juniper Networks Logo -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Petri Helenius Sent: Wednesday, June 23, 2004 1:15 PM To: Sam Hayes Merritt, III Cc: [EMAIL PROTECTED] Subject: Re: Unplugging spamming PCs Sam Hayes Merritt, III wrote: Proactive would be blocking port 25 except to comcast.net's mail servers, at least on retail users without static IPs, and then opening it up if the customer cannot work around it by using comcast's mail server to send out. Thats what responsible ISPs have done. No, that would be punishing before the crime happened. Responsible would be to punish swiftly after the fact, but not before. Pete
RE: Unplugging spamming PCs
Hi Peter, I agree with you it's a hard problem to solve. But unless there is mandatory cooperation within mail server software (which can be monitored) to interface with a registry of acceptable/registered sites, then this model could work. Is it perfect, no. And so far, I've not seen any technology that will solve this problem. So I default and say it's a problem that must be solved with agreements between countries that can provide registries that all (valid) mail servers must register. Then at least our spammer enforcement is dwindled down to those who go through some sort of process, that can be validated physically, i.e. Address, Company name, etc, etc... And then enforcement can be done only to those who misbehave that are validated and authenticated. Can you suggest another method that would have more accuracy? I think it's ridiculous that every service on the internet is provided without any authentication and integrity services, if we allowed anyone to call from anywhere within the telephone network, you'd have rampant falsification, which is what we have today. LP Best Regards, Larry Larry Pingree Visionary people, are visionary, partly because of the great many things they never get to see. - Larry Pingree -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Corlett Sent: Wednesday, June 23, 2004 4:11 PM To: [EMAIL PROTECTED] Subject: Re: Unplugging spamming PCs Larry Pingree [EMAIL PROTECTED] wrote: Mail servers should be registered just like domains and shutdown by a registrar if they are misusing their registered services. This really needs to be handled by a multi-lateral legal solution, industry will not fix it alone. Yes, that's just what we need. More unworkable legislation that nobody'll bother to enforce in the intended manner anyway. It's not as if many of the things one has to do to spam effectively isn't already good for a few years behind bars, yet I don't exactly see prisons bulging with spammers. Let's suppose mail servers are registered like domains. What mechanism is there going to be in place to shut down the mail server if it starts misbehaving? Sending in the Marines? And again, much of this comes down to enforcement. When was the last time you heard of a spammer's domain being pulled? How about the last time you saw a spammer be even remotely bothered by having their domain pulled? Do you think they'll really care less about losing a mail server when they've got another dozen lined up ready and waiting? -- PGP key ID E85DC776 - finger [EMAIL PROTECTED] for full key