Re: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )

[Steven J. Sobol]

On Fri, 9 Dec 2005, Douglas Otis wrote:

> [AV notifications are] a third-party acting in good faith

Perhaps in your world. Definitely not in mine.

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

RE: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )

[Steven J. Sobol]

On Fri, 9 Dec 2005, Todd Vierling wrote:

> 
> On Fri, 9 Dec 2005, Douglas Otis wrote:
> 
> > There is a solution you can implement now that gets rid of these tens of
> > thousands of virus and abuse laden DSNs you see every day before the
> > data phase.
> 
> And it is *my* responsibility to reject UBE that shouldn't have been
> generated in the first place, because...?

If I mentioned this yesterday, forgive me:

A MAPS employee should know better than to suggest that. However, Maps was 
bought by Dave Rand and I believe Dave Rand sold out to Trend Micro. If 
this is correct, then perhaps Doug Otis should bow out of this 
conversation, seeing as how he works for one of the big AV vendors.

I'd like someone UNBIASED to take up his side of the discussion, please. 
I'm really not inclined to listen to an AV employee explain why they 
should be spamming us. 

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

RE: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )

[Steven J. Sobol]

On Fri, 9 Dec 2005, Douglas Otis wrote:
 
> There is a solution you can implement now that gets rid of these tens of
> thousands of virus and abuse laden DSNs you see every day before the
> data phase. 

Why should the burden/cost/hassle be placed on me to do this? In many 
cases, it isn't even one of my users sending the stuff! 

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

RE: SMTP store and forward requires DSN for integrity (was Re:Clueless anti-virus )

[Steven J. Sobol]

On Fri, 9 Dec 2005, Geo. wrote:

> I hear you but you and I both know AV companies are not going to give up the
> automated spamming feature that easily.

Then maybe we should bring market pressure to bear on them. Personally, I 
run Exim and ClamAV and don't have that problem. If they're going to spam 
- and I'm sorry, we're not talking about DSNs here, we're talking about 
obnoxious AV vendors telling us how great their product is - then either 
we should try to convince people to stop using those vendors or at least 
beat up on the vendors to fix their brokenness. Is anyone here a customer 
of any of the vendors that play this game?

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Re: Clueless anti-virus products/vendors (was Re: Sober)

[Steven J. Sobol]

On Tue, 6 Dec 2005, Douglas Otis wrote:

> > Not my problem.  I don't need or want, and should not be hammered  
> > with, virus "warnings" sent to forged addresses -- ever.  They are  
> > unsolicited (I didn't request it, and definitely don't want it),  
> > bulk (automated upon receipt of viruses by the offending server), e- 
> > mail... thus UBE.
> 
> I know of no cases where a malware related DSN would be generated by  
> our products, nevertheless, DSNs are not Unsolicited Bulk Email.

Rght.

Virus notifications aren't DSNs.

99% of the time, they're ads for the publisher of whatever anti-virus 
filter is being used on the recipient's side.
 

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security)

[Steven J. Sobol]

On Tue, 22 Nov 2005, Randy Bush wrote:

> > the idea is that the *end-user* is supposed to know what's legit
> > and what isn't.
> 
> no.  all asn admins, including tier 1 through tier 42 and leaf
> asns.  

Bah. Forgive my stupidity, please. We got into the discussion of PKI and
PGP-style trust models and I failed to remember the TLA in the subject.
You're right, my comment doesn't apply to BGP (at least not for most 
end-users I know).
 
-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Re: BGP Security and PKI Hierarchies (was: Re: Wifi Security)

[Steven J. Sobol]

Randy:

> >for how many years have i been asking you and your evil-minded cert
> >designing friends for a pgp-like web of trust cert that could be
> >used for just this application?
> >

Steven B:
 
> of subsidiaries or allied evil ASs vouching for each other.  OTOH, 
> there are some situations where we know that absolute trust is 
> indicated -- say, 701 signing 702's certificate, or an upstream signing 
> the address certificate for a customer.

Well, there's the rub. You know who runs AS701 and AS702. Presumably most 
of us do (although I don't know who runs 702 off the top of my head. 701 
is UUNET/MCI, no? I don't do BGP).

I like the web 'o' trust idea, but the idea is that the *end-user* is 
supposed to know what's legit and what isn't. In most cases, we're not the 
end-users.

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

RE: the future of the net

[Steven J. Sobol]

On Thu, 17 Nov 2005 [EMAIL PROTECTED] wrote:
> > 
> > That's intriguing ...
> 
> Translation:  "Linux Journal has been linked to by Slashdot."

It took forever for me to pull up the article in Mozilla, but it came up 
fine otherwise. I'm sure they did get slashdotted.

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Re: [Latest draft of Internet regulation bill]

[Steven J. Sobol]

On Tue, 15 Nov 2005, Jared Mauch wrote:

> > The cable industry claims 91% of households passed with two-way cable.
> 
>   And zero in my area.  And you can't start a telco COOP in this
> state since the iLEC has encouraged laws to make that not legal.  The
> two major iLECs in this state  (Verizon, SBC) are not doing their FIOS
> nor their "Project Lightspeed" in the state last i knew.

Which state?

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Re: Minneapolis: 2 reports of tornado touchdowns

[Steven J. Sobol]

On Thu, 22 Sep 2005, Fergie (Paul Ferguson) wrote:

> I'm kind of surprised that there has been no metion of
> network outages in Minneapolis, despite tornado(es) touching
> down there tonight and power outages:
> 
>  http://www.startribune.com/stories/127/5628282.html

Tornadoes aren't an unheard-of phenomenon in the Midwest, and smart NSPs 
and ISPs will have planned for such events.

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Not OT: Why Cerf jumped to Google

[Steven J. Sobol]

There seems to be some operational content in this C|Net News.com 
article:



Specifically,

"The Mountain View, Calif., company has been investing heavily in a
communications infrastructure, buying up dark fiber, or fiber-optic cable
that's already been laid but is not yet in use. In July, it also invested
in Current Communications, a company that provides technology for
delivering broadband Net access over power lines."

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Re: OT - Vint Cerf joins Google

[Steven J. Sobol]

On Fri, 9 Sep 2005, JORDI PALET MARTINEZ wrote:

 
> I was thinking yesterday that IPv6 evangelization is a good reason,
> specially when recalling that Google asked for a prefix some time ago
> (http://www.ipv6tf.org/news/newsroom.php?id=1001) and something is probably
> being baked there ?

So is the idea that Google adopts IPv6 and then, seeing that a large, 
well-trafficked(sp?) website is actually using the technology, lots of 
service providers and smaller sites follow suit?

How widespread *is* IPv6 adoption, anyhow?

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

RE: OT - Vint Cerf joins Google

[Steven J. Sobol]

On Thu, 8 Sep 2005, Mark Bodley wrote:
 
> His name has never "hurt" a companies stock price. Remember MCI--Um,
> Worldcom. Remembering.. Um lost a ton of money... just remember. First time
> I have noticed Google do anything so blatant. Time to sell Google? Are they
> spending money on figure heads? 

I'm sure there are a lot of ways Dr. Cerf could benefit the company. I 
guess I'm a little surprised that they hired him outright and just didn't 
give him a seat on the board of directors. 
  
-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Re: OT - Vint Cerf joins Google

[Steven J. Sobol]

On Thu, 8 Sep 2005, Joe McGuckin wrote:

> 
> They're just collecting all the big brains, putting them in big glass jars

mmhmm, someone's been watching too much Futurama, eh?

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Re: New N.Y. Law Targets Hidden Net LD Tolls

[Steven J. Sobol]

On Fri, 19 Aug 2005, Steven M. Bellovin wrote:
 
> Mine doesn't -- AT&T Wireless and Cingular GSM phones have 10D or 11D 
> only, at least around here.

Leave it up to Cingular to be stupid. :P I've been a customer of Alltel,
Northcoast PCS, Sprint PCS and now T-Mobile, and the old GTE Wireless
dating back to '93. On none of those carriers have I ever been forced to
dial 10D if I wasn't roaming, and if I was dialing a number in the same
area code my cellphone number was in.

IOW, I'm pretty sure they're the only company doing that, though ICBW.

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Re: Blocking certain terrorism/porn sites and DNS

[Steven J. Sobol]

On Thu, 18 Aug 2005, Jay R. Ashworth wrote:

> I believe you've mispelt "Al Q'aeda".
> 
> You see the problem.

*Especially* with respect to English translations of Arabic names. How
many different ways are there to spell Saddam Husein? For that matter, how 
many different spellings did the media outlets use for Moammar Quaddafi? 

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

RE: New N.Y. Law Targets Hidden Net LD Tolls

[Steven J. Sobol]

On Thu, 18 Aug 2005, Brian Johnson wrote:

> Pardon my ignorance, but don't most phone companies require 10 digit dialing
> for long-distance.

So I signed up for a trial of a spiffy service from RingCentral, who 
insist that they have numbers local to Victorville/Apple Valley, 
California, USA.

They assigned me 760-301-.

301 is Ridgecrest, an hour north of Victorville on US 395, and a toll 
call. 

But Verizon still allows 7D dialing for toll calls in this part of the 
country.

(RingCentral later told me "we just allow you to pick a city to determine 
which area code your number will be in" - no, morons, you advertise local 
numbers in Victorville, and you should just allow people to pick an area 
code without listing cities in that area code.)

And there are plenty of spots around the US where 10D dialing is required 
even for local, non-toll calls.


-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Re: Cisco crapaganda

[Steven J. Sobol]

On Sat, 13 Aug 2005, Dave Howe wrote:

> 
> Rich Kulawiec wrote:
> > More bluntly: the closed-source, "faith-based" approach to security
> > doesn't cut it.  The attacks we're confronting are being launched
> > (in many cases) by people who *already have the source code*, and
> > who thus enjoy an enormous advantage over the defenders.

> TBH though, usually the open source "faith based" approach to security
> doesn't cut it either. its easy to say "its open source, therefore
> anyone can check the code" but much harder to actually find someone who
> has taken the time to do it
 
Depends on the project.

Some OSS projects turn around enhancements and bug fixes, and fix 
vulnerabilities, quickly. Some don't. Some do some of the time, depending 
on the type of change. (For example, Mozilla is good about patching 
vulnerabilities quickly, but there's an Thunderbird enhancement almost 200 
people voted for on Bugzilla, that people have been complaining about for 
months, that they've not done anything about.)

-- 
Steve Sobol, Professional Geek   888-480-4638   PGP: 0xE3AE35ED
Company website: http://JustThe.net/
Personal blog, resume, portfolio: http://SteveSobol.com/
E: [EMAIL PROTECTED] Snail: 22674 Motnocab Road, Apple Valley, CA 92307

Re: ICANN warns world of domain hijacking

[Steven J. Sobol]

On Tue, 12 Jul 2005, Fergie (Paul Ferguson) wrote:


> found that domain name hijacking incidents are commonly
> the result of flaws in registration and related processes,

And in other news: Researchers found today that the sun rises in the east, 
and sets in the west.

Is ICANN actually going to come up with a set of guidelines that will be 
enforced?

-- 
JustThe.net - Steve Sobol / [EMAIL PROTECTED] / PGP: 0xE3AE35ED
Coming to you from Southern California's High Desert, where the 
temperatures are as high as the gas prices! / 888.480.4NET (4638)

"Life's like an hourglass glued to the table"   --Anna Nalick, "Breathe"

Re: London incidents

[Steven J. Sobol]

On Tue, 12 Jul 2005, Jim Popovitch wrote:

> 
> --- "Patrick W. Gilmore" <[EMAIL PROTECTED]> wrote:
> > 
> > No, it's damned if you take stupid action, damned if you do not do  
> > something you should.
> > 
> > People in charge of our security should not be allowed to take  
> > whatever action comes to mind in the name of security.  
> 
> Then who should, and with data from who's mind?  I suppose they (the 
> ones in charge) could spend their time polling the audience, but that
> has it's price and uncertainty too.

Indeed it does, but I have to question whether the cellphone decision was 
well-thought-out. I really can't believe it was.
 
-- 
JustThe.net - Steve Sobol / [EMAIL PROTECTED] / PGP: 0xE3AE35ED
Coming to you from Southern California's High Desert, where the 
temperatures are as high as the gas prices! / 888.480.4NET (4638)

"Life's like an hourglass glued to the table"   --Anna Nalick, "Breathe"

Re: ATT CDPD

[Steven J. Sobol]

On Sat, 9 Jul 2005, Alex Rubenstein wrote:

> AMPS, as I understand it, is required to be around until 1/1/2007, as 
> mandated by tge FCC.

I think the date actually got pushed back to '08, but I've not heard 
anything about requiring CDPD.

-- 
JustThe.net - Steve Sobol / [EMAIL PROTECTED] / PGP: 0xE3AE35ED
Coming to you from Southern California's High Desert, where the 
temperatures are as high as the gas prices! / 888.480.4NET (4638)

"Life's like an hourglass glued to the table"   --Anna Nalick, "Breathe"

Re: ATT CDPD

[Steven J. Sobol]

On Fri, 8 Jul 2005, Jay R. Ashworth wrote:

> Scheduled to die soon, if it hasn't already.  I was a second-tier CDPD
> sub, via Earthlink, until about a year ago; they took a hit to move me
> to 1xRTT,

??

AT&T doesn't use CDMA... so they wouldn't be running 1xRTT. EDGE, perhaps?

-- 
JustThe.net - Steve Sobol / [EMAIL PROTECTED] / PGP: 0xE3AE35ED
Coming to you from Southern California's High Desert, where the 
temperatures are as high as the gas prices! / 888.480.4NET (4638)

"Life's like an hourglass glued to the table"   --Anna Nalick, "Breathe"

Re: DNS .US outage

[Steven J. Sobol]

On Thu, 7 Jul 2005, Michael Painter wrote:

> In case other Win users aren't aware:
> 
> http://www.samspade.org/ssw/features.html

Do be aware that the WHOIS functionality is out of date - it doesn't know 
to search whois.publicinterestregistry.org for .ORG domains, for example.

The source code is available, and I have a copy and am planning to create 
an updated package based on SS (no, it won't be the next version of SS), 
but it won't be finished for a while (I've *barely* just started working 
on it).

Other than that, it's a great piece of software.
 
-- 
JustThe.net - Steve Sobol / [EMAIL PROTECTED] / PGP: 0xE3AE35ED
Coming to you from Southern California's High Desert, where the 
temperatures are as high as the gas prices! / 888.480.4NET (4638)

"Life's like an hourglass glued to the table"   --Anna Nalick, "Breathe"

VZ and VZW are completely separate (from an SMTP point of view)

[Steven J. Sobol]

To get an answer on the VZW mail filtering issue, we'd have to talk to a
mail admin at Verizon Wireless, as described by my acquaintance at Verizon
Online.

-- Forwarded message --
Date: Fri, 20 May 2005 09:45:00 -0500
From: <[EMAIL PROTECTED]>
To: Steve Sobol <[EMAIL PROTECTED]>
Subject: Re: [Fwd: VerizonWireless.com Mail Blacklists]

Steve,

Verizon Wireless is a completely different animal with no, repeat 
no, relation to VOL at any business or technical level other than being 
owned by the same mother ship.  That would definitely include SMTP or 
any other mail related protocols transiting my platforms.  I have no 
idea what kind of filters or block lists they use.  I will make some 
inquiries but don't hold your breath, they really are a seperate entity 
from the trenches perspective.  Please do not put my info on NANOG.  Thanks.

Re: Experiences with 911 calls and SIP

[Steven J. Sobol]

On Wed, 18 May 2005, Dan Lockwood wrote:

> I'm having a discussion with one of my vendors about the 911
> capabilities of their SIP VoIP phone system.  The vendor says that if we
> use an Enhanced 911 service that their phone system will transmit
> location information to the PSAP at the time of the call in addition to
> the ANI.  I was under the impression that this functionality was not
> possible, hence all the problems that Vonage is having.  Can anyone help
> clarify this for me?

Given the state of flux that VoIP is in right now regarding E911, your
best bet may be to set up the PBX at each site to route 911 to a bank of
two or three outgoing POTS lines.

(I will be very interested to find out what you eventually decide. In 
addition to the work I'm doing at JustThe.net, I'm working at another 
California school district, and our assistant IT director is talking about 
possibly going VOIP in the next few years.)

-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"   
--New Order, "Bizarre Love Triangle"

Re: DNS requests and Bandwidth

[Steven J. Sobol]

On Wed, 11 May 2005, Gadi Evron wrote:

> > 14:40:09.407336 212.26.72.85.34997 > ns.MyNameServer.net.domain:  51794 MX? 
> > MyDomain.com. (29)(DF)
> > 14:40:09.411707 212.26.72.85.34997 > ns.MyNameServer.net.domain:  14233 A? 
> > MyDomain.com. (29) (DF)
> > 14:40:09.415880 212.26.72.85.34997 > ns.MyNameServer.net.domain:  39317 MX? 
> > MyDomain.com. (29) (DF)
> > 14:40:09.419827 212.26.72.85.34997 > ns.MyNameServer.net.domain:  49503 A? 
> > MyDomain.com. (29) (DF)
> > 14:40:09.423700 212.26.72.85.34997 > ns.MyNameServer.net.domain:  29362 A? 
> > MyDomain.com. (29) (DF)
> > 14:40:09.426963 212.26.72.85.34997 > ns.MyNameServer.net.domain:  16692 A? 
> > MyDomain.com. (29) (DF)
> > 14:40:09.430590 212.26.72.85.34997 > ns.MyNameServer.net.domain:  65288 A? 
> > MyDomain.com. (29) (DF)
> > 14:40:09.434350 212.26.72.85.34997 > ns.MyNameServer.net.domain:  1341 A? 
> > MyDomain.com. (29) (DF)
> > 14:40:09.438163 212.26.72.85.34997 > ns.MyNameServer.net.domain:  57932 A? 
> > MyDomain.com. (29) (DF)
> 
> As happy as I'd be to go and yell DoS!! (I love that word)... there are
> other possibilities here.

The one time this happened to a DNS server for which I was responsible, it 
was a misconfigured Windows 2000 server with Active Directory installed.

"myNameServer.net" is a generic enough domain name that someone might have 
used it as an example in a HOWTO document on setting up AD. 

(just a thought, FWIW) 

-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"   
--New Order, "Bizarre Love Triangle"

Re: Slashdot: Providers Ignoring DNS TTL?

[Steven J. Sobol]

On Sun, 1 May 2005, Dean Anderson wrote:

> On Sun, 1 May 2005, Edward B. Dreger wrote:
> 
> > e.g., I specifically cited laws and cases that appear to apply to
> > blacklists... now you claim I stated DNSBLs are exempt?  Someone needs
> > to put down the crackpipe.
> 
> You agreed with me on something?  I must have missed that at the time. I'm 
> *sure* I would have made a note of that.

I would say there are laws that apply to blacklists too; just not the same 
laws that you cite. But IANAL, and neither are you.

-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"   
--New Order, "Bizarre Love Triangle"

Re: FCC To Require 911 for VoIP

[Steven J. Sobol]

On Sun, 1 May 2005, David Lesher wrote:

> Oh, don't forget 'special' zip codes such as 44181 and my favorite
> for survey-takers -- 20505.

There are plenty like 44181, which is Cleveland, Ohio's airmail facility, 
that don't represent physical locations. Others are 44101, the Cleveland 
main post office, and 44072, "Novelty, Ohio" (which doesn't exist as a 
municipality, only a post office; it's part of the town of South Russell).

Most ZIP codes do map to geographic locations, though, and even ones like
this aren't too hard to map if you know the area (44181=SW Cleveland by
the airport, 44101=downtown, 44072=South Russell).


-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"   
--New Order, "Bizarre Love Triangle"

RE: Schneier: ISPs should bear security burden

[Steven J. Sobol]

On Fri, 29 Apr 2005, Miller, Mark wrote:

> Unfortunately, a lot of static "business" DSL IP space is still on
> those lists and legitimate mail servers can get blocked.  I usually use
> the DUL as a "white list" to negate hits on the traditional dnsbls since
> those are almost always stale.

 That's
because the ILECs, especially, don't feel the need to separate IPs on
which servers are allowed, and IPs on which they aren't. SBC is the worst
in this regard. No separation, no custom reverse DNS for DSL customers, no
way to be absolutely certain if sending mail from a specific IP is a
violation of SBC's TOS. 

I've noticed that you work for Qwest. If the people designing your network
DO have enough clue to separate IPs, bravo... but my experience is that
many ISPs, especially ILECs/RBOCs, don't.

-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"   
--New Order, "Bizarre Love Triangle"

Re: Schneier: ISPs should bear security burden

[Steven J. Sobol]

On Fri, 29 Apr 2005, Dave Rand wrote:
 
> Dunno what a ton of ISP buy-in is, but the MAPS DUL now contains about
> 190,000,000 entries.  We've been working on it very hard for the last year or
> two.  Most ISP-level subscribers figure it stops a pretty large percentage of
> the compromised-home-computer spam.

Well, that's it then: "for the last year or two" - I don't recall a lot of 
entries being on the DUL in its original incarnation. (Not for lack of 
trying.)

-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"   
--New Order, "Bizarre Love Triangle"

Re: Schneier: ISPs should bear security burden

[Steven J. Sobol]

On Wed, 27 Apr 2005, Owen DeLong wrote:

> >
> > What's rDNS for the ip address(es) assigned to you?
> >
> I don't know about him, but, on my ADSL connection, it is controlled
> by my nameservers:
> 
> ;; ANSWER SECTION:
> 10.159.192.in-addr.arpa. 86400  IN  NS  ns.rop.edu.
> 10.159.192.in-addr.arpa. 86400  IN  NS  ns.delong.sj.ca.us.
 
> Who are you to decide that there is no damage to blocking residential
> customers?  I'm a residential customer, but, I have a number of
> servers running, and, a port 25 block would be very destructive to
> the operation of my mailserver.

Ah, but *you* wouldn't get blocked. You maintain your own rDNS and 
presumably have enough clue to not make the rDNS look like a pool of 
dynamic residential IPs that aren't terribly important. To wit:

[EMAIL PROTECTED]: ~ $host 192.159.10.1
1.10.159.192.in-addr.arpa domain name pointer ns.delong.sj.ca.us.

[EMAIL PROTECTED]: ~ $host 192.159.10.2
2.10.159.192.in-addr.arpa domain name pointer owen.delong.sj.ca.us.

[EMAIL PROTECTED]: ~ $host 192.159.10.8
8.10.159.192.in-addr.arpa domain name pointer www.diagnostix.com.

Those are OBVIOUSLY not hostnames that comply with de-facto standards for
dynamically assigned dialup and broadband pools like

ip-192-168-0-1.AppleValleyCA.BigDSLProvider.net 

or

port1.as29.phoenix.DialupFarm.com

(for example). 

The idea is that your ISP should either allow you to run your own DNS or 
give you DNS that doesn't look like something out of a big pool of 
addresses, which makes it much, MUCH easier to decide what to block and 
what not to block. Any IP that a provider allows servers on should have 
distinctive, non-dynamic-looking DNS (and preferably be in a separate 
netblock from the dynamically-assigned IPs).

That way you can be reasonably sure that you're not blocking someone whose 
ISP has allowed them to run servers.

(Some providers are much better than others at doing this kind of 
thing...)

> Why should an ISP decide what a residential
> customer can or can't do with their internet connection.  (This is not
> an advocation for abandoning TOS or allowing abuse.  I am talking about
> within the confines of legitimate internet use, such as hosting a web
> site (or even several), running nameservers, mail server(s), etc.)

Your ISP, or the provider of the person deciding whether to block you?

Is there anything wrong with an ISP saying "you can't run servers on 
certain types of Internet connection"?

-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"   
--New Order, "Bizarre Love Triangle"

Re: Utah governor signs Net-porn bill

[Steven J. Sobol]

On Wed, 23 Mar 2005 [EMAIL PROTECTED] wrote:

> > that's EASY: there is hyperconcern for the welfare of
> > children in Utah,
> 
> Finally, someone who recognizes what this bill is
> all about. It merely asks ISPs to provide parents
> with a filtering tool that cannot be overridden by
> their children because the process of filtering takes
> place entirely outside the home.

Are you absolutely sure that that's all the bill will actually do?

-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"   
--New Order, "Bizarre Love Triangle"

Re: Utah governor signs Net-porn bill

[Steven J. Sobol]

On Wed, 23 Mar 2005, David Barak wrote:

> 
> --- Daniel Senie <[EMAIL PROTECTED]> wrote:
> 
> > Anyone want to publish a definitive list of IP
> > addresses for Utah? A week 
> > of null-routing all such traffic by many web sites
> 
> Wouldn't you then be guilty of doing the exact thing
> which the legislature is doing?  

Any such action would have to be voluntary. You couldn't force it on your 
end-users or customers.


-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"   
--New Order, "Bizarre Love Triangle"

Re: Utah governor signs Net-porn bill

[Steven J. Sobol]

On Tue, 22 Mar 2005, Owen DeLong wrote:

> Were I running an ISP of which Utah subscribers were not a large portion
> of my customer base, I would probably seriously consider simply
> disconnecting
> all of my Utah customers.

Of course, you're making sure none of the web servers under your purview 
are reachable from Utah either.

...Right?

-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"   
--New Order, "Bizarre Love Triangle"

Re: Utah governor signs Net-porn bill

[Steven J. Sobol]

On Tue, 22 Mar 2005, Baker Fred wrote:
 
> I am told (not my expertise) that there are labels that can be put on 
> web pages to prevent search engines from searching them, and that a 
> certain class of pornographer actually uses such. Keeping them out of 
> the search engines is a good thing. That said, not all such do, so one 
> is forced to have a plan B. BTW, HTML PICS don't especially help with 
> virus-bot-originated spam.

Internet Explorer has had provisions to use RSAC ratings forever.

One thing that the competing browsers (which I like better) have *never* 
had. 

-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"The wisdom of a fool won't set you free"   
--New Order, "Bizarre Love Triangle"

Re: Internet Email Services Association ( wasRE: Why do so few mail providers support Port 587?)

[Steven J. Sobol]

On Fri, 25 Feb 2005 [EMAIL PROTECTED] wrote:

> 
> >  I'll agree with you on one thing, though -- the whole
> > business of port 587 is a bit silly overall...why can't the same
> > authentication schemes being bandied about for 587 be applied to 25,
> > thus negating the need for another port just for mail injection?
> 
> Because that would require providers to act like professionals

I don't see what the big deal is. mx.justthe.net, for instance, requires 
SMTP AUTH on port 587 for everyone and requires SMTP AUTH on port 25 for 
anyone attempting to relay mail outside my network.

The biggest cost I can see, and it *is* a significant cost, is walking 
users through the process of configuring their MUAs to do the 
authentication. Configuring the servers, however, shouldn't be a huge 
problem, and you can mitigate the cost issue by only setting up 587 for 
people who need to have it set up.

-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"In case anyone was wondering, that big glowing globe above the Victor 
Valley is the sun." -Victorville _Daily Press_ on the unusually large 
amount of rain the Southland has gotten this winter (January 12th, 2005)

Re: The entire mechanism is Wrong!

[Steven J. Sobol]

On Sun, 16 Jan 2005, Jim Shankland wrote:

> Of course it's unreasonable to expect a registrar to have to
> put up with such a burden during off hours:  God only knows what
> kind of silly calls would come in.  "Emergencies" are best
> handled in a batch during the regular work week.  For the
> stuff that really won't wait, you just put a lawyer on retainer,
> who can fax off a letter telling the complainant to sod off until
> Monday morning, or until the moon is in the seventh house and Jupiter
> aligns with Mars, whichever comes first. 
> 
> I mean, if we can't be on the golf course by 3:00, what are we
> in this business for, anyway -- right?

The registrar DOES need to define "Emergency."

"Emergency" does not mean "page on-call staffers because I forgot to renew 
my domain and it's fallen out of the roots, and Customer Service is closed 
Saturday." Such an event is defined as being "My Own Fault, Not Due to 
Catastrophic Conditions" and doesn't warrant bugging the person on-call.

As long as the registrar defines what constitutes a page-able emergency, 
they should be ok. (Or is this overly simplistic?)

-- 
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET (4638)
Steven J. Sobol, Geek In Charge / [EMAIL PROTECTED] / PGP: 0xE3AE35ED

"In case anyone was wondering, that big glowing globe above the Victor 
Valley is the sun." -Victorville _Daily Press_ on the unusually large 
amount of rain the Southland has gotten this winter (January 12th, 2005)

I've been informed that I'm off-topic and off-charter

[Steven J. Sobol]

so I will no longer post about SPEWS here. 

Of course, I find it exceedingly interesting that Ms. Harris decided to 
yell at me and apparently not at any of the other 30+ people participating 
in the thread. Nor can I find any comments in the charter or on the web 
site about whether spam or DNS blacklists are on-topic or off-topic for
this mailing list. And I don't expect Susan to reply to the private e-mail
I sent her reiterating those two exact points.

**SJS

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

RE: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Benjamin P. Grubin wrote:


> Saying that a report is voluntary and/or advisory gets more and more
> irrelevant as rate of adoption increases.  Yes, the thousands of credit
> card companies could choose to evaluate you in any manner they wish, but
> yet they *all* judge you solely on your credit report.  So in *reality*,
> is it really still useful to say it is voluntary and advisory therefore
> undeserving of scrutiny/complaint?

I'm really not sure why you're making these assumptions. I don't beat 
around the bush... I've never seen you on NANOG before, nor have I talked
to you in any other venue, so I assume you aren't aware of that particular 
point. I didn't say SPEWS or any other listing service was undeserving of
scrutiny. I didn't even try to imply that.


-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

RE: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Benjamin P. Grubin wrote:

> But credit reports *are* legislated, whether you want them to be or not.

Regulated, yes. That really has no bearing on the fact that companies can
choose to use or not use credit reports in determining whether to do 
business with, extend credit to, or employ someone. The credit bureaus 
maintain files which are used in an advisory manner and the use of such
information is completely voluntary.
 
> that uses these lists by default.  Yes--it is subscription, but at some
> point it becomes de-facto public record, and everyone simply trusts them
> because they don't know any better and everything occurs behind the
> scenes.  Eventually that too will become an oligopoly (if it isn't
> already). 

That doesn't negate the point I was trying to make.

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re[3]: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Richard Welty wrote:

> 
> 
> On Thu, 20 Jun 2002 20:39:58 -0400 (EDT) "Steven J. Sobol" <[EMAIL PROTECTED]> 
>wrote:
> > Although Paetec is now being implicated in some TCPA violations over on
> > the junkfax mailing list, so I'm no longer convinced they're whitehat.
> 
> i never claimed they were white hat. i have some direct personal experience
> them, and believe that at best, they're deeply confused.

I never claimed that you claimed they were white hat. The "white hat" 
assessment was based on what I've seen of their fight with Monsterhut. 

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002 [EMAIL PROTECTED] wrote:

> > Well if you want to talk about western networks, qwest ranks second just 
> > behind chinanet in terms of black hat and spam.
> 
> s/qwest/verio/g
> 
> As someone who has recently had the "pleasure" of dealing with some of their
> pink sheet clientele...

IME, Verio has been clueless in many ways in the past, but they do have an
abuse desk. It appears that the guy in charge is a white-hat. I have even
met someone who claims to work the Qwest abuse desk, and I haven't been
given any reason not to believe her yet! :) (She even LARTed a spamming
Qwest salesrep for me, which was cool.)


-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002 [EMAIL PROTECTED] wrote:
> 
> > There is actually a guy trying to clean up Chinanet now. @Home was my
> 
> A guy.  Singular.  I'm not going to hold my breath, unless he has the
> authority to deploy military forces. ;)

>From what I hear, he's having some effect. Perhaps not much... 

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002 [EMAIL PROTECTED] wrote:

> When you're dealing with what some people refer to as "tier 1 providers"
> (I'll just say really big networks), this can be counter-productive.  From
> what I've seen the following providers have been notoriously unresponsive
> to spam complaints (apologies if any of this is dated):
> 
> UUnet (Worldcom)
> Sprint

Yeahbut the only blocklist I know of that is blocking all of Sprintlink 
is spambag. And again, folks... we're discussing SPEWS here, not spambag.
And yes, spambag is an extremely aggressive list that its homepage 
specifically *states* is a personal blacklist. If you're foolish enough to
use an overly aggressive blacklist that was never intended for public use, 
sorry, but you don't *deserve* to talk to half the Internet.

Is SPEWS blocking all of Sprint? All of ANY large provider, for 
that matter?

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: heh - ScanMail Message: To Sender, sensitive content found andaction t aken. (fwd)

[Steven J. Sobol]

On Thu, 20 Jun 2002, Dan Hollis wrote:

> On Thu, 20 Jun 2002, Stephen J. Wilcox wrote:
> > Looks like all those nasty words 'terrorism' 'militia' 'killing' and of
> > course 'blacklist' have tripped someones content alarm ;)
> 
> im waiting for someone to trip godwins law

They have mail filters for that? Cool...
 

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Dan Hollis wrote:

> 
> On Thu, 20 Jun 2002, Regis M. Donovan wrote:
> > On Thu, Jun 20, 2002 at 02:35:16PM -0400, Steven J. Sobol wrote:
> > > *Spamming* or launching a DoS attack in response to spam is definitely
> > > abusive. 
> > and black-holing "innocent bystander" networks not a denial of service?
> 
> Its my box, my hardware, my property. No one has an inherent right to 
> force speech on an unwilling recipient.

Hear, hear. Dan sounds like he agrees with my assessment of property
rights taking priority over rights to expression.

Anyone using SPEWS, the MAPS RBL+, SpamCop's blacklist, or *any* arbitrary 
list of abusive ISPs or ISP customers does so voluntarily, and I consider 
the action to be similar to companies sharing credit information. You can
deny credit or employment, or refuse to do business with an individual or 
company based on the information in a credit report. Likewise, you can 
choose to communicate or not communicate with an AS or network (or server) 
based on whether you think the people running the server(s) are good 
net-neighbors. 

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re[2]: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Richard Welty wrote:

> > Then the ISP shouldn't be punished just because they wrote a bad
> > contract.
> 
> actually, i think Valdis was alluding to the Paetec fiasco with Monsterhut.
> in that particular case, the contract was ok, but Monsterhut lied to the
> court about the source of their addresses in order to try and weasel out of
> being terminated.
> 
> the whole mess took a year or so to wend its way through the NY court
> system. bleah.

I remember that. 

Although Paetec is now being implicated in some TCPA violations over on
the junkfax mailing list, so I'm no longer convinced they're whitehat.

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Dan Hollis wrote:

> 
> On Thu, 20 Jun 2002, Chrisy Luke wrote:
> > David Lesher wrote (on Jun 20):
> > > > The service providers are not the enemies. If you treat them like enemies
> > > > then enemies they will become.
> > > That's right; no service provider will ever harbor spammers just
> > > to make a quick buck. It's never happened, and never will.
> > Name the ones that do. All of them. Name the ones that will.
> 
> chinanet

There is actually a guy trying to clean up Chinanet now. @Home was my
favorite example before they went titsup.com. Just about any of the Korean
providers would be a good current example.

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002 [EMAIL PROTECTED] wrote:

> What do you do if the ISP says "We want to turn them off, but they've managed
> to get a restraining order preventing us"?  We've seen THAT before

Then the ISP shouldn't be punished just because they wrote a bad contract.
In such a case I would say that escalation is *not* appropriate, since we
have prima facie evidence that the ISP is trying to do the right thing.  

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Chrisy Luke wrote:

 
> Can't find the terrorists you're looking for so start killing bystanders
> until someone submits? Sounds militia to me.

And your suggested alternatives are...?
 
> The service providers are not the enemies.

You'll never convince me of that fact as a generality... Many aren't. Some
simply don't care what happens on their network. For example, @Home, which
(in my direct experience) tried to actively discourage abuse reports.


-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Clayton Fiske wrote:

> Fair enough. I agree with the idea in spirit. However, care must be
> taken to define acceptable criteria.

Oh, absolutely. Escalation is not something that should be taken lightly.
e.g. for MAPS, escalation was (is?) only used as a last resort.

> I think the concerns here (at
> least my concerns) are that a) some organizations do it before exhausting
> other avenues, and b) the avenues for removal from such listings can
> be difficult to nonexistent (as is the case with SPEWS, from the sound
> of it).

Agreed.
 
> I think one must be cautious to avoid seeking vengeance on something
> whose mere existence bothers them,

Yes. There are well-documented cases of people getting into trouble when
they let their personal opinions and emotions get in the way of running 
such a list.

> Agreed. However, my impression from the initial post(s) in this thread
> is that the specific list(s) in question have not been doing this.

Yup. I think we have to be careful not to let this thread go completely
off-topic. I think I'm going to do a little more research before posting
further on the topic, though. As I said, I've never been in a situation 
where I have to ask SPEWS to delist me.

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Gerardo A. Gregory wrote:

> I think this is just plain lazzines...there is no other way to view it.

So if you have a problem with someone dumping crap onto your network and
you've done everything you can to get the provider to stop the offender, 
and they won't, what would you do then? Ignore it?

> Along the lines of SPEWS is spambag.org
> this idiot, because there is no other way to describe him, has blocked
> SPRINTLINK netblocks in huge chunks, and then raves on like a lunatic on how
> he justifies his actions (I wonder if it because he realizes what a lazy,
> good for nothing "administrator" he is, since he seems so emotional in
> letting you know that he is a "professional" administrator)

Yeah. I know the guy who runs spambag. He is very aggressive about 
blocking. He also doesn't advertise that his block list is usable for 
anyone besides himself. So what's your point?

Sprint has cleaned up a lot. They used to be absolutely horrible WRT 
hosting spammers and abusers, which I'm sure is why spambag lists all of
Sprint. 

I wouldn't use any list that lists an entire backbone, myself. But guess 
what... it's his server and he is allowed to protect it in whichever way 
he deems appropriate.
 
> He doesnt realize that he only hurts himselfwe where going to one of his
> sites for a mail server solution, as soon as I read all his ravings I just
> cruised somewhere else..to hell with him and his lazy administration skills.

Your choice.

> I still believe the guy blocked sprintlink because he cant really
> subnet...he has no concept of math, that and lazzines.

Nah, he's a decent programmer; I've used some of his stuff before. And a 
*ton* of spam used to come from Sprint. Like I said... they've made good 
efforts to clean up recently... but...

The fact remains that there are a number of people who run very aggressive
block lists (much more so than SPEWS). I can think of spambag and at least
one or two others. (xbl.selwerd.cx comes to mind.) None of these people
advertise that anyone else should use their lists. They're personal lists.
Read the spambag.org homepage and it states very clearly that it's a
personal list. SPEWS is a completely different animal, as I don't believe
it was ever meant to be a personal list; it was meant to be used by
others...

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Andy Johnson wrote:

> Doesn't anyone see the irony here? Fighting abuse with abuse is somewhat
> counter-productive.

*Spamming* or launching a DoS attack in response to spam is definitely
abusive. I understand your point here. I don't think it's an invalid one.
I do believe that whether escalations are abusive is a question that is
open to debate. Indeed, I believe the question *should* be debated.

> This all boils down to more or less the user missing/not receiving an
> important email. So by blacklisting a netblock which originated SPAM, and
> more importantly, its neighbors (or in SPEWS case, the entire AS and
> netblocks announced from it), you are preventing valid emails from being
> delivered. So SPEWS is just as guilty of depriving people of their mail as
> spammers are IMO.

Which is more important? The right to express yourself or the right for
a property owner to protect his property? I've always claimed that 
property rights trump free-speech rights, and where spam is concerned,
the courts have agreed with me (e.g. the AOL case and the CompuServe
case against Sanford Wallace back in the mid-1990's). 

Now, the big question with blocking is whether or not your users are aware
of the blocking happening. In a service-provider environment, a good
network admin will make his customers aware of the blockage and either
have them agree to it or allow them to turn it off. But that is not a 
moral or ethical issue. That's a contractual issue. If the provider is
arbitraily blocking stuff without telling his customers, yes, that can
be said to be a moral or ethical issue, but I make the assumption, for
the sake of this particular thread, that the customers know what's going 
on.

As to whether it's counter-productive, again, whether or not it is is 
based in large part on whether or not the customers have agreed to it.
My opinion is that the end-users *must* always have final say over what is
blocked or not blocked.

> Regarding your last comment, when tracking down and filtering a DoS, do
> you filter just the offending IP space, or ALL netblocks announced by that
> AS?

Neither; I don't run any devices that need to speak BGP. If I did, I'd
start by filtering the offending IPs only. If I still saw attacks coming
from elsewhere in the ISP's netspace I would broaden the range of the 
blocks.

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Peter Galbavy wrote:

> > the organization in question) instead of just the offending one is "in
> > order".
> 
> It depends on your maturity and 'professionalism' I guess. Some of us see
> the problem, some see it as a 'cool way of getting attention'.

I'd have no respect for people who do it just to get attention.

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: SPEWS?

[Steven J. Sobol]

On Thu, 20 Jun 2002, Clayton Fiske wrote:

> > I agree with that, *if* initial notifications to the ISP are ignored. 
> > Escalations are then in order, definitely.
> 
> I fail to see how blacklisting neighboring subnets (not associated with
> the organization in question) instead of just the offending one is "in
> order".

Let me clarify, then.

If the offending ISP does not respond, and you have exhausted all avenues
available to you to get the ISP to get its customer to stop spamming - 
whether by TOS'ing the customer, education or whatever - then escalation 
may work if the collateral damage caused by escalation is enough to get 
the spammers' neighbors to complain to the ISP.

This principle is based on the fact that an ISP is more likely to listen 
to its paying customers than to outsiders.

And I don't think this is a potential solution only for spam; it is 
appropriate (IMESHO) in other abusive situations too.

I don't advocate doing it unless you have tried all other reasonable 
methods to get in touch with the ISP and ask them to disconnect or 
otherwise educate their customer.


-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: XO

[Steven J. Sobol]

On Tue, 18 Jun 2002, blitz wrote:

> > > The difference is XO will be fine, Adelphia will be bought by , or
> > > potentially liquidated.
> >
> >They're talking about selling out to Charter.
> 
> The deal with Charter fell through a week ago.Adelphia's so dirty, no 
> one wants to touch them...guess we'll wait for the fire sale.

Hey, cool. That means the only broadband access available in Mentor on the
Lake will continue to be SBC DSL. Adelphia was supposed to upgrade and 
have cablemodem access launched here in the fall. :P~~

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: XO

[Steven J. Sobol]

On Mon, 17 Jun 2002, Martin Hannigan wrote:
 
> The difference is XO will be fine, Adelphia will be bought by , or
> potentially liquidated.

They're talking about selling out to Charter.

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: Reclaiming hijacked handle

[Steven J. Sobol]

On Mon, 10 Jun 2002, Martin Hannigan wrote:

> Question 1: Did ARIN start expiring unused handles or did
> something in the process of the hijack cause my handle to increment up
> to 569, which I'm assuming was the next open number in the
> in the scheme for 'MH'.

If they did start expiring unused handles... Mine is used on a SWIP
for a netblock which I no longer control, 207.166.196.176/28. I haven't
used it for anything else. Was your handle taken off all of the records
it used to be on? My handle (sjs5-arin, corresponding to my NetSol handle
sjs5) is still active. With incorrect information, of course, and I have
to update it, but it's still there. But I am still the POC of record for
207.166.196.176/28. My upstream isn't planning to take me off the SWIP 
until they reassign the block. :-/

> Question 2: If an account is passworded, how were they able to
> take it? Does ARIN not ask for a copy of a license or other
> photo ID when making voice/fax based changes to POC's?

I required no such info to do my SWIP. In fact, I was working for the 
company that is now my upstream at the time, and I just e-mailed the 
template in, and they threw it into the database. I didn't even PGP-sign 
it.

Keep in mind that this happened at least four or five years ago...


-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: NAS filed chp 11

[Steven J. Sobol]

On Thu, 6 Jun 2002, Dan Hollis wrote:

> > http://biz.yahoo.com/djus/020605/200206051047000419_1.html
> 
> now someone will surely step up to the plate in their defence and rant 
> about how this is all a good thing for NASC and how they will go on to 
> reemerge next year as a lean, mean, bigger & better company.

I'm certainly a lot less worried than I would be if it was another
form of bankruptcy. Chapter 11 is a reorg, typically.

I won't say it's *good* for the company - and there are too many telecomm
firms filing bankruptcy these days anyhow. It might not be the end of the
world.

-- 
Steve Sobol, CTO  JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET
- I do my best work with one of my cockatiels sitting on each shoulder -
6/4/02:A USA TODAY poll found that 80% of Catholics advocated a zero-tolerance 
stance towards abusive priests. The fact that 20% didn't, scares me...

Re: OT: Trying to find a connectivity provider that wont go under(wa s RE: CAIS/Ardent and now Network Access Solutions)

[Steven J. Sobol]

[ Warning: mini-rant follows ]

On Fri, 31 May 2002, Rowland, Alan  D wrote:

> But you have Drew Carey!

And a very entertaining gentleman he is. Quite funny, in fact. Doesn't 
help our broadband situation. ;)
 
> What about cable access? It's more and more an option that has, IMHO,
> significant benefits over DSL. No PPPoE for starters...

Bahahahaha.

I understand from my partner, who used to work in the industry, that 
Cleveland was the last big US city to get cable TV. We're also probably 
the last to get cable Internet... Cablevision used to have a chokehold
on the market, holding franchises for Cleveland (the old North Coast 
Cable) and most of the suburbs. But they knew as early as 1997-1998 that
they were leaving Cleveland to focus on NYC, their home area, so they 
didn't do squat with their infrastructure; we couldn't even get them to
add channels.

Adelphia took over and now has broadband Internet access in parts of
Cleveland. Parts. Not all; parts.

Here in Lake County, it's Adelphia (former TCI) and AT&T Broadband (former 
Continental Cablevision/MediaOne). AT&T told me last spring that it'd be 
three months to get RoadRunner deployed, and then I met up with an 
installer at a local gas station, queried him and found out it'd be more 
like a year or two -- and that was *before* AT&T dropped @Home and 
RoadRunner in favor of their own service. Doesn't matter, I moved 
anyhow... here in M-O-L, Adelphia has the franchise, and Customer Service 
assures me that we'll have Powerlink (not to mention the channels I 
want... gimme Comedy Central and Food Network, dammit) when upgrades are
completed in the fall.

I sure hope so. I can't even sell myself DSL, fercryinoutloud. Rhythms
used to be in M-O-L, but WCOM opted not to stay in my CO, probably due to
economics; the M-O-L CO serves an area that is 95% residential, 4.5%
wetlands and only about .5% businesses. I am stuck with Bell DSL. Until
Adelphia launches Powerlink here, that is.

Of course, the founding family just left Adelphia amidst a large to-do
about... **drumroll...** accounting irregularities! I'm not convinced 
they'll stick around. Although, if they launched Internet access in M-O-L 
I'd still sign up and drop Ameritech DSL immediately...

I think my last, best hope for broadband access is to launch the WiFi
service that my colleagues and I are talking about doing. Supposedly, one 
of my friends has funding for this little venture. I won't get excited 
until I see some signed contracts...

Oh. Did I mention that three small cities to the south and east of us --
Akron, Canton and Ashtabula -- have cablemodems? RoadRunner has been in 
the Akron/Canton Area for years already... 

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"In a 32-bit world, you're a 2-bit user/You've got your own newsgroup:
alt.total.loser"   - "Weird Al" Yankovic, "It's All About the Pentiums"

RE: Trying to find a connectivity provider that wont go under (wasRE: CAIS/Ardent and now Network Access Solutions)

[Steven J. Sobol]

On Thu, 30 May 2002, Brian wrote:

> Surprised there isnt much connectivity in the Detroit area, I mean it is
> Motor City and all, I would think tons of manufacturing palnts all needing
> telecom of some sort or other..

Try to get DSL here; everyone backhauls to Chicago. And Cleveland is the
25th largest city in the USA. Lots of local providers for DS1 and Frame 
and ATM, just not DSL. :)

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"In a 32-bit world, you're a 2-bit user/You've got your own newsgroup:
alt.total.loser"   - "Weird Al" Yankovic, "It's All About the Pentiums"

Re: CAIS/Ardent and now Network Access Solutions

[Steven J. Sobol]

On Thu, 30 May 2002, Christopher X. Candreva wrote:

> NAS has been nothing but trouble.  We are (or were) a Covad reseller, first
> direct through Covad, then through CAIS.

Jeez. About 18 months ago I couldn't even get CAIS to return calls to
their sales department. I guess I'm glad they didn't.


-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"In a 32-bit world, you're a 2-bit user/You've got your own newsgroup:
alt.total.loser"   - "Weird Al" Yankovic, "It's All About the Pentiums"

Re: Routers vs. PC's for routing - was list problems?

[Steven J. Sobol]

On Thu, 23 May 2002, Dave Israel wrote:

> 
> Then why ot boot from a CD-ROM?  Sure, it moves, but only for the
> few minutes it takes to boot.  Then it spins down and sits idle for
> the n days/weeks/months until the next reboot.  It would probably
> last as long as the solid state drive, and would be cheaper.  

> The big problem here, of course, is software upgrades.

CD's were the other option I was considering. I'd rather use CD's because 
they are more durable than floppies. WRT software upgrades, the only thing 
I'd be rebuilding is the kernel - you rebuild the kernel, create an ISO
filesystem, and rip it to CD...


> Personally,
> I'd just use a hard drive and initrd (under linux) and leave the hd
> controller out of the kernel.  When it comes time to upgrade, reboot
> to an alternate kernel that has the hd support code.  But that's more
> of a discussion for a Linux list than here.

Yup. Topic drift...

 

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"In a 32-bit world, you're a 2-bit user/You've got your own newsgroup:
alt.total.loser"   - "Weird Al" Yankovic, "It's All About the Pentiums"

Re: Routers vs. PC's for routing - was list problems?

[Steven J. Sobol]

On Thu, 23 May 2002, E.B. Dreger wrote:

> SJS> a basic question, but the only EIDE mass-storage devices
> SJS> I've used are more traditional drives.
> 
> Why not partition wisely, then mount the desired partition as
> read-only?  Or I guess one _could_ mount each partition as RO...
> 
> But why?

The box I want to build is passing packets between the rest of my network 
(and the public Internet) and one server that will hold sensitive data.
It'll be a Linux box with the TCP/IP stack running in bridged mode, with
two ethernet adapters installed. The box just needs to boot up and run. It
doesn't need to log anything.

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"In a 32-bit world, you're a 2-bit user/You've got your own newsgroup:
alt.total.loser"   - "Weird Al" Yankovic, "It's All About the Pentiums"

Re: Routers vs. PC's for routing - was list problems?

[Steven J. Sobol]

On Thu, 23 May 2002, Jake Baillie wrote:

> the config changed. Which means you'd need some sort of singular 
> configuration file.
> 
> But I was wrong. :) He meant "read-only"

I'm just throwing ideas out there. I could boot Linux off a floppy or
a bootable CD and create a ramdisk upon bootup - Linux has always had this 
capability. I'm just a person who occasionally comes up with silly 
half-baked ideas and wonders if he can implement them. ;)

And to be honest, I figured that having the OS boot off of some 
solid-state storage device would be useful... for something...

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"In a 32-bit world, you're a 2-bit user/You've got your own newsgroup:
alt.total.loser"   - "Weird Al" Yankovic, "It's All About the Pentiums"

Re: Certification or College degrees?

[Steven J. Sobol]

On Wed, 22 May 2002, Stephen Sprunk wrote:
> 
> Thus spake "Stephen Kowalchuk" <[EMAIL PROTECTED]>
> > Certification in the IT industry has become a nightmare
> > because people who are less than clueful have abused it in
> > the hiring and compensation processes.
> 
> Picture yourself as a job-seeker three years ago.  Every recruiter you call
> hangs up on you because you don't have a CCNA.  What's the obvious
> conclusion?  CCNA == job.
> 
> Try getting an accounting job without being a CPA; it's possible in some
> states, but it's not easy.

Your analogy is flawed. You have to be certified by the local bar 
association to practice law in most states, and unless I'm mistaken (and
I might be) you have to have taken the CPA test and be certified as a CPA,
because the government says so.
 

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"In a 32-bit world, you're a 2-bit user/You've got your own newsgroup:
alt.total.loser"   - "Weird Al" Yankovic, "It's All About the Pentiums"

Re: Routers vs. PC's for routing - was list problems?

[Steven J. Sobol]

On Thu, 23 May 2002, Dan Hollis wrote:
 
> On Thu, 23 May 2002, Steven J. Sobol wrote:
> > On Thu, 23 May 2002, E.B. Dreger wrote:
> > > EIDE-based flash drives have become very inexpensive.  Some
> > > embedded systems use CompactFlash boards.
> > Can you set flash drives to be write-only?
> 
> Why would you want to do this?

Duh. Sorry about the brainfart. I was about to launch into a long 
explanation of what I want to do when I realized I wrote "write-only"
instead of "read-only." I meant "read-only."

Note to self: Engage brain *before* fingers.

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"In a 32-bit world, you're a 2-bit user/You've got your own newsgroup:
alt.total.loser"   - "Weird Al" Yankovic, "It's All About the Pentiums"

Re: Routers vs. PC's for routing - was list problems?

[Steven J. Sobol]

On Thu, 23 May 2002, E.B. Dreger wrote:
 
> EIDE-based flash drives have become very inexpensive.  Some
> embedded systems use CompactFlash boards.

Can you set flash drives to be write-only? Sorry if this is a basic
question, but the only EIDE mass-storage devices I've used are more
traditional drives.

This would be a great solution for a Linux box I want to build as a 
bridge.

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"In a 32-bit world, you're a 2-bit user/You've got your own newsgroup:
alt.total.loser"   - "Weird Al" Yankovic, "It's All About the Pentiums"

Re: Interconnects

[Steven J. Sobol]

On Fri, 17 May 2002, Stephen J. Wilcox wrote:


> Is it necessary for you to continually air personal grievances on this
> public list?

Apparently.

I'd tell Mitch personally that I'm tired of the crap he pulls on this
mailing list, but he refuses mail from me, probably because I've indicated
same to him personally in the past.

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"In a 32-bit world, you're a 2-bit user/You've got your own newsgroup:
alt.total.loser"   - "Weird Al" Yankovic, "It's All About the Pentiums"

Re: anybody else been spammed by "no-ip.com" yet?

[Steven J. Sobol]

On Sat, 4 May 2002, Richard A Steenbergen wrote:
 
> Faxes are a little bit easier to trace than email.

Sometimes. If the faxer is identifying s/h/itself properly.
 

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"The Indians are unfolding into the 2002 season like a lethal lawn chair."
  (_News-Herald_ Indians Columnist Jim Ingraham, April 11, 2002)

Re: anybody else been spammed by "no-ip.com" yet?

[Steven J. Sobol]

On Sat, 4 May 2002, Eric A. Hall wrote:
 
> > Anyone who thinks that government can pass a law and this will go away
> > is hopelessly naieve. 
> 
> Uh, thanks. The government has all kinds of property protection laws. My
> mail spool is my property. Do the math.

Indeed, the courts have already ruled that an ISP has a right to tell
a spammer to sod off.

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"The Indians are unfolding into the 2002 season like a lethal lawn chair."
  (_News-Herald_ Indians Columnist Jim Ingraham, April 11, 2002)

Re: anybody else been spammed by "no-ip.com" yet?

[Steven J. Sobol]

On Fri, 3 May 2002, Scott Granados wrote:

> 
> Well the costs you mentioned  with aol seem high

Not when you consider how much time and money AOL has sunk into the 
development of their mail system. They are the only company that has to
scale their operations to the size to which they scale, and I guarantee
you can't do what they do with off-the-shelf software.

Plus, you have to multiply costs out over *mumble* million users.

> The case against spam probably should 
> be decided entirely on economics not on content issues.

Agreed, completely. Start dealing with content and you get into very murky
waters.

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"The Indians are unfolding into the 2002 season like a lethal lawn chair."
  (_News-Herald_ Indians Columnist Jim Ingraham, April 11, 2002)

Re: anybody else been spammed by "no-ip.com" yet?

[Steven J. Sobol]

On Fri, 3 May 2002, Gregory Hicks wrote:

> > money. Today with flat rate access and many people not paying on a per 
> > packet basis it seems to me that the responsibility lies with the end 
> > user to filter properly and or dress that delete key.  I always shut 
> [...snip...]
> 
> The problem with this is that, yes, to the END USER, there is no direct
> cost involved.
> 
> However, in order to maintain the same level of service, the ISP is
> forced to go get a bigger pipe and/or bigger, faster routers and/or
> servers.  (Raises prices a bit per account)

Yes, I've always said that the costs MUST be looked at in the aggregate.
 
> In all of this, the bozo (well..., 'user' really)

no, 'bozo' is appropriate.

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"The Indians are unfolding into the 2002 season like a lethal lawn chair."
  (_News-Herald_ Indians Columnist Jim Ingraham, April 11, 2002)

Re: RoadRunner abuse?

[Steven J. Sobol]

On Fri, 3 May 2002, Mitch Halmu wrote:

> > anyone out there before I go whining to MAPS, et al.
> 
> Good luck. Roadrunner is a (presumed paying) MAPS customer:

Eddy, contact me off-list, I have a contact at RR.
 
>- The following addresses had permanent fatal errors -
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> 
>- Transcript of session follows -
> ... while talking to vamx01.mgw.rr.com.:
> >>> MAIL From:<[EMAIL PROTECTED]>
> <<< 553 5.3.0 Mail from 205.159.140.2 rejected,see 
>http://mail-abuse.org/rbl/enduser.html
> 501 [EMAIL PROTECTED],[EMAIL PROTECTED] Data format error
> 
> NetSide is a MAPS et al. blocked ISP. We have plenty of rr.com spam 
> examples, but are unable to notify them. If anyone cares...
> 
> --Mitch
> NetSide
> 
> 

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"The Indians are unfolding into the 2002 season like a lethal lawn chair."
  (_News-Herald_ Indians Columnist Jim Ingraham, April 11, 2002)

Re: Large ISPs doing NAT?

[Steven J. Sobol]

On Fri, 3 May 2002, Avleen Vig wrote:

> Ha! I've been in Burbank (in the Valley north of LA) for 7 months now, I
> moved here from London. I've looked and looked and looked for *ANYTHING*
> other than the odd gas station or supermarket open passed 9pm!

??

Plenty of gas stations around here open after 9, some all night long.
Same with groceries. Drugstores close pretty early though.

> Coming from a place where restaurants are regularly open until 3am, even
> far into the suburbs, this is a serious culture shock :-/
> 
> 

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"The Indians are unfolding into the 2002 season like a lethal lawn chair."
  (_News-Herald_ Indians Columnist Jim Ingraham, April 11, 2002)

Re: Large ISPs doing NAT?

[Steven J. Sobol]

On Fri, 3 May 2002, michael thomas guldan wrote:

> > > 
> > > It's prevalent elsewhere. I'd be surprised if there aren't more GSM 
> > > subscribers in the world than non-GSM subscribers.
> > 
> > GSM is *the* standard in Europe. Australia, Korea, Japan and a couple
> > other Pacific-Rim countries are primarily CDMA. South America is primarily 
> > TDMA. Most of the rest of the world is GSM, if I'm not mistaken.
> >
> 
> correct on all counts but japan..  no gsm in japan as of nov 2001 :-(

Read again, I said Japan is CDMA.
Although I think I was corrected on that.
 
> 3GSM is avalible tho... 
> 
> http://www.gsmworld.com/roaming/gsminfo/cou_jp.shtml
> 
> michael
> 
> 

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"The Indians are unfolding into the 2002 season like a lethal lawn chair."
  (_News-Herald_ Indians Columnist Jim Ingraham, April 11, 2002)

Re: Large ISPs doing NAT?

[Steven J. Sobol]

On Thu, 2 May 2002, Jake Khuon wrote:
 
> Time to start thinking a little further down the line.  What if the phone
> actually becomes an wireless IP gateway router?

Yuck. Current WAP-based phones can't even do websites well.
I've not been privy to 3G tests, so I don't know if GPRS/CDMA 1x does 
better. 

Of course, some of that is phone-specific. My Verizon Wireless Qualcomm
860's web browser always responded much more quickly than my current VZW
Nokia 3285's, and both phones feature microbrowsers authored by the same
company (Phone.com/Openwave). 

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"The Indians are unfolding into the 2002 season like a lethal lawn chair."
  (_News-Herald_ Indians Columnist Jim Ingraham, April 11, 2002)

Re: Large ISPs doing NAT?

[Steven J. Sobol]

On Thu, 2 May 2002, Joe Abley wrote:
 
> The concern exists regardless of the specifics of the always-on, 
> cellular packet radio protocols being used, surely?

You're right, of course. I was focusing on the wrong thing when I replied.
 
> > [GSM coverage is patchy in the US]
> 
> It's prevalent elsewhere. I'd be surprised if there aren't more GSM 
> subscribers in the world than non-GSM subscribers.

GSM is *the* standard in Europe. Australia, Korea, Japan and a couple
other Pacific-Rim countries are primarily CDMA. South America is primarily 
TDMA. Most of the rest of the world is GSM, if I'm not mistaken.

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"The Indians are unfolding into the 2002 season like a lethal lawn chair."
  (_News-Herald_ Indians Columnist Jim Ingraham, April 11, 2002)

RE: Large ISPs doing NAT?

[Steven J. Sobol]

On Wed, 1 May 2002, Deepak Jain wrote:

> I'm more concerned that if the major metropolitan markets deploying GPRS
> all use NAT, then the Next Big Thing won't ever happen on GPRS devices.
> Customers won't jump ship if they have no where to jump to.

The only people who'd be deploying GPRS are GSM cellular providers, no?

Verizon and Sprint PCS, in particular, are not using GPRS, but migrating
to CDMA-based 3G cellular technologies. I don't know that those 
technologies use CDMA.

And of course, there are still markets like my very own hometown (2nd
largest city in Ohio) that don't have GSM yet (even though #1 and #3 do).
VoiceStream is supposedly launching their GSM network in Cleveland 
(*snort* I've heard that before). But they're not here yet, AT&T is 
nowhere near doing GSM here as far as I know, and Cingular's network here 
(former AmeriBlech Cellular) is TDMA. 

I could be completely off base, of course. Being a customer of Sprint PCS
and Verizon, and a former customer of Alltel and Northcoast PCS, I've not
had much reason to follow GSM developments; every one of the companies 
I've used runs CDMA. Feel free to correct me if I am wrong.

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"The Indians are unfolding into the 2002 season like a lethal lawn chair."
  (_News-Herald_ Indians Columnist Jim Ingraham, April 11, 2002)

Re: UUNET instability?

[Steven J. Sobol]

On Fri, 26 Apr 2002, Lionel wrote:

> >>
> >>"A butterfly in outter mongolia flapped its wings" will probably be cited
> >>before long...
> >
> >telnet bofh.engr.wisc.edu 666
> 
> Folks, please don't try to connect to that service.
> Posting it here seems to have Slashdotted it.

I'll see if I can put up a mirror. 
 
-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
"The Indians are unfolding into the 2002 season like a lethal lawn chair."
  (_News-Herald_ Indians Columnist Jim Ingraham, April 11, 2002)

Re: NANOG on Trial

[Steven J. Sobol]

On Mon, 8 Apr 2002 [EMAIL PROTECTED] wrote:


> > CAR> Come on now, he's one of those 14 year old wonder kids that will change
> > CAR> the way we think of the Internet, go Generation "Y"
> > 
> > It's generation "K-12":
> > http://latency.net/~asr/wcom.jpg

> C|N>K
> Oh thats GOOD..

But... but... I've actually visited UUNET's NOC and seen kids that age
working at the consoles. ;)

CSO? 

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
Need a programmer? Resume going up at http://sourceforge.net/users/webdude216

RE: Best provider to use ?

[Steven J. Sobol]

On Mon, 8 Apr 2002, Donn Lasher wrote:


> Of all the places to try to get away with this type of thing It's like 

spamming news.admin.net-abuse.* ? :)

-- 
Steve Sobol, CTO (Server Guru, Network Janitor and Head Geek)
JustThe.net LLC, Mentor On The Lake, OH  888.480.4NET   http://JustThe.net
Need a programmer? Resume going up at http://sourceforge.net/users/webdude216

RE: ILEC Map

[Steven J. Sobol]

On Mon, 11 Mar 2002, Mark Radabaugh wrote:

> 
> Here is the map for Ohio:
> http://www.puc.state.oh.us/pucogis/STATEMAP/AC_TelServAreaA.pdf
> 
> Only 43 ILEC's here...

Mark, I wouldn't expect you to know this, as you don't live in the proper
part of the state to know the telco history here. :) But Western Reverse
(er, Western Reserve) Telephone and Alltel are listed separately, and
Alltel bought out Western Reserve years ago. Alltel has local headquarters
out in Hudson, the former home of WRT.
 
I suspect that a lot of states are like this, with the records reflecting
more ILECs than actually still exist. Alltel has always done business as
Alltel west of Cleveland (for example, in Elyria in Lorain County) but
they may still be operating Western Reserve as a separate business unit 
covering the rural areas south and east of the city..

No big surprises here, really. Ameritech is the ILEC in the big cities,
and much of the rest of the state is divvied up between Verizon and 
Sprint... 

If I actually had time to research it, I'd love to find out how many of
the carriers listed on this PDF are still in business...

-- 
Steve Sobol, Proud Native of the Great Frozen City of Cleveland, Ohio
http://www.Cleveland.OH.US/ http://www.TravelCleveland.com/
http://www.LakeCountyOhio.org/ (Where the Snow is Cold but our Hearts Aren't!)
CTO, JustThe.net LLC, Mentor On The Lake, Lake County, OH http://JustThe.net/ 

Re: ILEC Map

[Steven J. Sobol]

On Mon, 11 Mar 2002, David Lesher wrote:
 
> I can never recall who owns Cincy Bell this week.

Broadwing. Broadwing was formed by the merger of Cincinnutty Bell and
IXC Communications.

-- 
Steve Sobol, Proud Native of the Great Frozen City of Cleveland, Ohio
http://www.Cleveland.OH.US/ http://www.TravelCleveland.com/
http://www.LakeCountyOhio.org/ (Where the Snow is Cold but our Hearts Aren't!)
CTO, JustThe.net LLC, Mentor On The Lake, Lake County, OH http://JustThe.net/ 

Re: ILEC Map

[Steven J. Sobol]

On Mon, 11 Mar 2002, Irwin Lazar wrote:

> 
> Folks,
> Is there a web site out there that provides a map of the united states
> showing each ILEC and the states within their region (Bellsouth, SBC, Qwest,
> & Verizon)?

No, but maybe this will help.

Verizon is Bell Atlantic + GTE, but GTE covers rural areas in a ton of
different states. Used to, anyhow... Bell Atlantic covers the Eastern 
Seaboard, New England, WV and PA.

Due to the GTE merger, however, Verizon has chunks of several large
states, including a nice chunk of northern Ohio and several significant
pieces of California, including a chunk of the metro Los Angeles area.

SBC is SNET [Southern New England Telephone, Connecticut] + Ameritech
[Ohio, Michigan, Illinois, Wisconsin, Indiana] + Pacific Bell [California] +
Nevada Bell [duh :)] + Southwestern Bell. Southwestern Bell
looks like it covers Texas, Oklahoma, Missouri and Kansas. (I figured this 
out by visiting 



and checking out the list of states in which they've filed tarriffs, and
eliminating the states that I knew are part of other SBC operating 
companies.)

BellSouth covers the Southeast - AL, FL, GA, KY, LA, MS, NC, SC, TN 
(according to their web page http://bellsouthcorp.com/whoweare/corp.vtml).

If I'm not mistaken, the rest of the continental US is covered by Qwest.
Their web site cites WA, OR, ID, MT, WY, ND, SE, NE, MN, IA, UT, CO, AZ 
and NM as their coverage area.

(*counting*) yup, that's 48 states, and I believe Verizon covers Hawaii
(former GTE area), and I have absolutely no clue who covers Alaska.

The other ILEC of any significant size would be Alltel, but they only 
cover a few major markets; most of their coverage is in outlying rural 
areas.

(Your timing was good. I happened to be bored a few minutes ago... you
gave me something to do...)

-- 
Steve Sobol, Proud Native of the Great Frozen City of Cleveland, Ohio
http://www.Cleveland.OH.US/ http://www.TravelCleveland.com/
http://www.LakeCountyOhio.org/ (Where the Snow is Cold but our Hearts Aren't!)
CTO, JustThe.net LLC, Mentor On The Lake, Lake County, OH http://JustThe.net/ 

Re: Telco's write best practices for packet switching networks

[Steven J. Sobol]

On Wed, 6 Mar 2002, Rob Pickering wrote:

> Why would you want to expose a management protocol like ssh to the 
> Internet?

I do it so my customers with shell accounts don't have to telnet in.

Of course, if you're talking about ssh on something like a router, that's
different, and you should assess the need for people to have access to 
that device over the public Internet.

-- 
Steve Sobol, Proud Native of the Great Frozen City of Cleveland, Ohio
http://www.Cleveland.OH.US/ http://www.TravelCleveland.com/
http://www.LakeCountyOhio.org/ (Where the Snow is Cold but our Hearts Aren't!)
CTO, JustThe.net LLC, Mentor On The Lake, Lake County, OH http://JustThe.net/