RE: Verizonwireless.com Blacklisted SMTP
There is no 'might' about it; VZ (aka VZ Telecom, VOL, VZBusiness) != VZ Wireless They are 2 completely different operations and networks. - Wayne From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris RilingSent: Tuesday, April 25, 2006 3:30 PMTo: nanog@merit.eduSubject: Re: Verizonwireless.com Blacklisted SMTP Correct, the only thing I pulled out was our particular IP address; I've proven this true from multiple box's on Cogent's network that are unrelated to my workplace. I did go through that Verizon Online Whitelist procedure, and got a response saying that it has been approved and will be changed within 72 hours, but as someone mentioned before, VOL might != VZW... Thanks,Chris On 4/25/06, Suresh Ramasubramanian [EMAIL PROTECTED] wrote: On 4/25/06, Frank Bulk [EMAIL PROTECTED] wrote: This posting on broadbandreports.com might add some background to your issues: http://www.broadbandreports.com/shownews/73818Verizon (broadband etc) != VerizonwirelessDifferent mail farms and all The error returned seems reasonably clear - except for munging of IPs by the OP554-Your access to the VZW mail systems has been rejected due to the sending554- MTA or Network Service Provider's poor reputation/ e-mail hygiene on the Internet.554-554-Please reference the following URL for more information:554-http://www.senderbase.org/search?searchString=
RE: VZ Maryland contact needed
William, Should be back online as of this afternoon. There was a faulty network component that impacted DSL service in the MD area. - Wayne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of William Warren Sent: Monday, March 27, 2006 1:14 PM To: nanog Subject: VZ Maryland contact needed I have a client who's been offline all day. The dsl line is fine and their modem and firewall are also fine but data is not making it to them. All traffic to midatlantictime.net seems to get hung up at 130.81.10.226. I have tried from California, and two locations in Maryland and Texas. Sincerely, William Warren -- My Foundation verse: Isa 54:17 No weapon that is formed against thee shall prosper; and every tongue that shall rise against thee in judgment thou shalt condemn. This is the heritage of the servants of the LORD, and their righteousness is of me, saith the LORD.
RE: anybody here from verizon's e-mail department?
Or he hasn't paid his fair share to ride our pipes! :-P ducks - Wayne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Suresh Ramasubramanian Sent: Wednesday, February 22, 2006 1:29 AM To: Dennis Dayman Cc: nanog@merit.edu Subject: Re: anybody here from verizon's e-mail department? On 2/22/06, Dennis Dayman [EMAIL PROTECTED] wrote: No, but I have forwaded this to the abuse team I used to work in. Some of them are also on Z. Normally this is because the MAIL FROM: failed or rejected sender verfication. Which probably means Paul is blocking whatever server Verizon is using for its sender verification -- Suresh Ramasubramanian ([EMAIL PROTECTED])
RE: anybody here from verizon's e-mail department?
First, I'm not on the mail team, so I can't help you directly. Second, your best bet is to attempt contact thru the following web form: www.verizon.net/whitelist - Wayne ___ Wayne Gustavus, CCIE #7426 IP Operations Support Verizon Internet Services ___ Can you ping me now? Good! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Vixie Sent: Tuesday, February 21, 2006 12:58 PM To: nanog@merit.edu Subject: anybody here from verizon's e-mail department? last week i became unable to send mail to verizon users: Diagnostic-Code: X-Postfix; host relay.verizon.net[206.46.232.11] said: 550 You are not allowed to send mail:sv18pub.verizon.net (in reply to MAIL FROM command) (the above was from me trying to ask [EMAIL PROTECTED] about it) i'd hate to think that i've simply sent too many why-are-you-spamming-me complaints and have been blacklisted.
RE: Anyone heard of INOC-DBA?
To chime with my own experiences, the few times I have used the INOC-DBA system for an Inter-provider issue have been quite successful. The results were much faster and much less frustrating that calling through the 'front door' of the provider's NOC. And it is fair to say that the system only gains usefulness with wider implementation among network providers and appropriate deployment of the phones within the organization. Within Verizon, I deployed the phones with our IP-NOC (yes, we have *many* NOCs, but only 1 handles IP issues), with our IP escalation team (TAC), and on my desk (footnote: my desk recently moved and haven't gotten the inoc-dba phone back up on the new net infrastructure). In light of recent purchases by VZ, if none of the above methods work, just call Chris Morrow. Just kidding Chris! :-) - Wayne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christopher L. Morrow Sent: Friday, February 03, 2006 4:31 PM To: Richard A Steenbergen Cc: Sean Donelan; nanog@merit.edu Subject: Re: Anyone heard of INOC-DBA? On Fri, 3 Feb 2006, Richard A Steenbergen wrote: And then of course there is that whole using the IP network to contact someone about an IP network issue thing that doesn't seem terribly well thought out... Admittedly I haven't looked at the INOC-DBA stuff in a while, there could have been some massive advancement that I'm not aware of, but I suspect that the situation is still more work needed. Existing phone systems, call centers, and engineers with cellphones, seems to be a much safer bet right now. there is no one solution... to anything except 'life' (solution == death). So, how about looking at it as a tool to use. You might have your provider's $Person_for_Problem in your cell phone, use that if you can. Use their Customer Service number or use their INOC number putting down a project that does work because it's not the holy grail isn't productive.
NOC Contact for Tonline.de
Anyone from Tonline.de on the list or anyone have a contact for them? It appears they have outdated bogon filters that are blocking some of our customers. PLease contact off-list, thanks. ___ Wayne Gustavus, CCIE #7426 IP Operations Support Verizon Internet Services ___ Can you ping me now? Good!
RE: New Rules On Internet Wiretapping Challenged
The 1994 law will have a devastating impact on the whole model of technical innovation on the Internet, said John Morris, staff counsel for the Center for Democracy and Technology in Washington, which filed an appeal of the rules with the U.S. Court of Appeals for the District of Columbia Circuit yesterday. The Internet evolves through many tens of thousands, or hundreds of thousands, of innovators coming up with brand new ideas, he said. That is exactly what will be squelched. Implementation of the mechanisms for compliance is relatively straightforward. Depending on how scalable and/or automated the mechanisms are, the complexity certainly increases. However, I hardly agree that including these requirements in the design of the network hardware or architecture equates to the 'squelching' of innovation or a 'devastating impact' on the Internet. Especially when compared to the alternative of providing an unfettered command control communications network for the miscreants. ___ Wayne Gustavus, CCIE #7426 IP Operations Support Verizon Internet Services ___ Can you ping me now? Good!
RE: SBC/ATT + Verizon/MCI Peering Restrictions
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Barak Sent: Wednesday, November 02, 2005 2:18 PM To: NANOG list Subject: Re: SBC/ATT + Verizon/MCI Peering Restrictions snip like to point out for the record that none of the recent depeering battles have involved any RBOCs... Which makes sense when you consider much of the current traffic flows. It gets even more interesting when you look at the fast-increasing number of fat FiOS pipes. When you take (edonkey/kazaa/ptp-du-jour)+FiOS you get a network of distributed 'content providers'. Reference the earlier post about broadband getting a lot less interesting w/o the content. Well this rings true when you weigh the traffic load of 100K's of users poking around in a portal vs. 100K's of users 'shopping' for music movies! ___ Wayne Gustavus, CCIE #7426 IP Operations Support Verizon Internet Services ___ Can you ping me now? Good!
RE: Blackhole Routes
Pete, If you are in the business of fighting DDoS at the ISP level, I would recommend checking out the NSP-SEC community. Among other things, I think you will find some info regarding DDoS route servers. There are several NANOG presentations and archived emails on this community. If you can't find what you are looking for, drop me a line offlist and I'll see if I can provide more assistance. HTH, ___ Wayne Gustavus, CCIE #7426 IP Operations Support Verizon Internet Services ___ Can you ping me now? Good! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Petri Helenius Sent: Monday, October 04, 2004 4:46 PM To: Wayne Gustavus (nanog) Cc: 'Stephen J. Wilcox'; 'Abhishek Verma'; [EMAIL PROTECTED] Subject: Re: Blackhole Routes Wayne Gustavus (nanog) wrote: You can check out the info here: http://www.cymru.com/BGP/bogon-rs.html Sure the bogons by cymru are widely known, anyone for spam and ddos bots/zombies? Pete ___ Wayne Gustavus, CCIE #7426 Operations Engineering Verizon Internet Services ___ Entropy isn't what it used to be! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Petri Helenius Sent: Monday, October 04, 2004 1:41 AM To: Stephen J. Wilcox Cc: Abhishek Verma; [EMAIL PROTECTED] Subject: Re: Blackhole Routes Stephen J. Wilcox wrote: There are several sources of eBGP feeds for blackholing, they can be very useful depending on what your requirements are. You can get feeds for spam, ddos bots, bogon routes etc Can you point to the right direction where to find these feeds? They don't seem to be advertised widely. Pete
RE: Blackhole Routes
You can check out the info here: http://www.cymru.com/BGP/bogon-rs.html ___ Wayne Gustavus, CCIE #7426 Operations Engineering Verizon Internet Services ___ Entropy isn't what it used to be! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Petri Helenius Sent: Monday, October 04, 2004 1:41 AM To: Stephen J. Wilcox Cc: Abhishek Verma; [EMAIL PROTECTED] Subject: Re: Blackhole Routes Stephen J. Wilcox wrote: There are several sources of eBGP feeds for blackholing, they can be very useful depending on what your requirements are. You can get feeds for spam, ddos bots, bogon routes etc Can you point to the right direction where to find these feeds? They don't seem to be advertised widely. Pete
RE: bandwidth test
If you have a Cisco at both ends with the correct IOS, you can run a ttcp test to try and stress the DS3. ___ Wayne Gustavus, CCIE #7426 Operations Engineering Verizon Internet Services ___ How many people can read hex if only you and dead people can read hex? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bubba Parker Sent: Friday, August 20, 2004 7:47 PM To: [EMAIL PROTECTED] Subject: bandwidth test Recently my DS3 has been turned up to 8 megabits. How can I test to see if I can actually achieve that throughput? Online bandwidth test sites are only good for up to 5mb at the most, and my upstream doesn't have a method to test that. Any help would be greatly appreciated. Thanks. -- Bubba Parker [EMAIL PROTECTED] CityNet LLC http://www.citynetinfo.com/
RE: Verizon clients DOS own site?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, February 19, 2004 3:57 PM To: [EMAIL PROTECTED] Subject: Verizon clients DOS own site? I've tried contacting Verizon via email but I haven't received a response and their tech support had no information on this. Although we're now blocking this site and trying to clean up the clients, this is still generation a lot of noise on our network. Any ideas on how to get Verizon to take a look at this? Calling the NOC numbers available via the puck.nether.net site would be a good start (info recently updated from older Bell Atlantic references). This sounds like part of the support tools installed as part of the VOL setup discs. I'll fwd info onto VOL to confirm, though website IS valid (perhaps there is an issue interacting w/ VPN setup). Any input is welcome. Thanks, np ___ Wayne Gustavus, CCIE #7426 Operations Engineering Verizon Internet Services ___
RE: Monumentous task of making a list of all DDoS Zombies.
Title: Message This would essentially be impossible and not a good idea. Large volumes of hosts/zombies involved in such attacks originate from residential cable/dsl subscribers. This user baseprimarily uses dynamically assigned IP space. Hence, the IP of tonight's attacker could be the IP of tomorrow's legitimate user. This is the same reason that it is imperative that any complaints sent to ISPs providing such services MUST have a time stamp (with timezone) along with other information relative to the attack/abuse. This is the only way the ISPs can relate the IP with the actual enduser in order to contact them for remediation. ___Wayne Gustavus, CCIE #7426Operations EngineeringVerizon Internet Services___ -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Drew WeaverSent: Friday, February 06, 2004 4:15 PMTo: [EMAIL PROTECTED]Subject: Monumentous task of making a list of all DDoS Zombies. Is there a list maintained anywhere of all hosts that have been identified as a DDoS zombie? Or attack box? We got hit with an attack from more than 60 IPs last night and I'd like to add them to any list that anyone has started. Thanks, -Drew
RE: Monumentous task of making a list of all DDoS Zombies.
-Original Message- From: Suresh Ramasubramanian [mailto:[EMAIL PROTECTED] Sent: Saturday, February 07, 2004 9:58 PM To: Wayne Gustavus (nanog) Cc: 'Drew Weaver'; [EMAIL PROTECTED] Subject: Re: Monumentous task of making a list of all DDoS Zombies. snip 1. It is arguable whether dynamic IPs are to be treated as legitimate mailhosts. Your colleagues in VOL mailops might tell you something similar too. No argument there. However, the thread was originally addressing a list of DDoS Zombies, not illegitimate SMTP mailhosts. Arguably zombies used to launch DDoS attacks are treated differently than such hosts. We address both types. 2. An expiring list, where entries inserted are quickly expired, and stats used to add to other lists (such as MAPS DUL / SORBS DUHL) is a good idea, and moreover, it's already been done. http://cbl.abuseat.org Interesting approach. It would be conceivable that if this resource was Widely used, miscreants could use this service to DDoS there victims without an army of zombies :-) I still submit that it is more advisable to address the root of the problem by finding the true host that generated attack traffic. Automating this process of matching dynamic IP to customer acct with a timestamp and remediation is the goal. __ Wayne Gustavus, CCIE #7426 Operations Engineering Verizon Internet Services ___
RE: Verizon mail troubles
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andy Dills Sent: Wednesday, January 28, 2004 10:47 PM To: Bob Snyder Cc: [EMAIL PROTECTED] Subject: Re: Verizon mail troubles snip Now, they do have some decent engineers, to be fair. You just have to manipulate your way through to them...they're in really short supply on the internet end of things. Andy --- Andy Dills Xecunet, Inc. www.xecu.net 301-682-9972 --- Well thanks for for being (somewhat) fair. :-) 1. Verizon does care about IP / Internet 2. While I don't have anything to do with the VOL email operations, I will see if I can get your contact info/issue to the appropriate people 3. You're on your own with the Premier of China. ___ Wayne Gustavus, CCIE #7426 Operations Engineering Verizon Internet Services ___
RE: Apologies but...Verizon Postmaster?
Go ahead and send me your contact info offline and I'll see if I can forward it to the right people in the mail team. Wayne Gustavus, CCIE #7426 Operations Engineering Verizon Internet Services -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Loftis Sent: Thursday, November 20, 2003 5:09 PM To: [EMAIL PROTECTED] Subject: Apologies but...Verizon Postmaster? I have been trying for weeks to get in touch with someone who will respond with something other than a form letter at Verizon. Can someone please contact me off-list? My company (Modwest) is being unilaterally blocked. I can't even send mail to abuse, postmaster, etc. from an @modwest.com address because of the block in place without a reason and without recourse. TIA, and I'm sorry for posting here but it's really my last resort (as it should be anyones IMHO). -- GPG/PGP -- 0xE736BD7E 5144 6A2D 977A 6651 DFBE 1462 E351 88B9 E736 BD7E
RE: This may be stupid but..
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, November 10, 2003 6:03 AM To: [EMAIL PROTECTED] Subject: Re: This may be stupid but.. snip When I interview, I start out by asking one or two key questions that help me quickly get to the truth. For instance at one company, when I has hiring NOC folks, I started by asking them to explain traceroute to me. The answer that I wanted was one which showed that they had a detailed understanding of what was going on at the protocol level as the packets flowed through the network because that view of the network is needed to effectively troubleshoot problems. It did lead to one awkward situation with a 16 year-old who immediately started talking about ICMP echos with varying TTL and routers sending back ICMP echo-replies. I wanted to end the interview and hire him on the spot but it seemed unfair to give this young guy the idea that job interviews are that short. Especially since not all traceroutes use ICMP and the reply from the routers is typically NOT ICMP echo-reply. :-) snip --Michael Dillon -Wayne Gustavus