duplicate emails?
This host appears to be resending nanog posts? : Received: from e500smtp01.nga.mil(164.214.6.120) by relay5.nga.mil via smap (V5.5) id xma020150; Tue, 29 Jun 04 10:25:13 -0400 Originally received yesterday sometime... -- Forwarded message -- Return-path: [EMAIL PROTECTED] Envelope-to: [EMAIL PROTECTED] Delivery-date: Tue, 29 Jun 2004 14:25:46 + Received: from exim by mx-0.telecomplete.net with spam-scanned (Exim 4.22) id 1BfJYP-00065u-Li for [EMAIL PROTECTED]; Tue, 29 Jun 2004 14:25:46 + Received: from exim by mx-0.telecomplete.net with scanned-ok (Exim 4.22) id 1BfJYP-00065h-1o for [EMAIL PROTECTED]; Tue, 29 Jun 2004 14:25:45 + Received: from relay5.nga.mil ([164.214.4.61]) by mx-0.telecomplete.net with esmtp (Exim 4.22) id 1BfJYO-00065C-6w for [EMAIL PROTECTED]; Tue, 29 Jun 2004 14:25:44 + Received: by relay5.nga.mil; id KAA20159; Tue, 29 Jun 2004 10:25:38 -0400 (EDT) Received: from e500smtp01.nga.mil(164.214.6.120) by relay5.nga.mil via smap (V5.5) id xma020150; Tue, 29 Jun 04 10:25:13 -0400 Received: from relay2.nga.mil(164.214.6.52) by e1000smtp2.nima.mil via csmap id 78e94c8c_c949_11d8_9cac_0002b3c81b76_16242; Mon, 28 Jun 2004 17:24:00 -0400 (EDT) Received: by relay2.nga.mil; id RAA13558; Mon, 28 Jun 2004 17:22:36 -0400 (EDT) Received: from trapdoor.merit.edu(198.108.1.26) by relay2.nga.mil via smap (V5.5) id xma010754; Mon, 28 Jun 04 17:14:29 -0400 Received: by trapdoor.merit.edu (Postfix) id 6C1A091277; Mon, 28 Jun 2004 17:12:33 -0400 (EDT) Delivered-To: [EMAIL PROTECTED] Received: by trapdoor.merit.edu (Postfix, from userid 56) id 3590491285; Mon, 28 Jun 2004 17:12:33 -0400 (EDT) Delivered-To: [EMAIL PROTECTED] Received: from segue.merit.edu (segue.merit.edu [198.108.1.41]) by trapdoor.merit.edu (Postfix) with ESMTP id 2AB5D91277 for [EMAIL PROTECTED]; Mon, 28 Jun 2004 17:12:26 -0400 (EDT) Received: by segue.merit.edu (Postfix) id 568C759D1B; Mon, 28 Jun 2004 17:12:26 -0400 (EDT) Delivered-To: [EMAIL PROTECTED] Received: from uswgco34.uswest.com (uswgco34.uswest.com [199.168.32.123]) by segue.merit.edu (Postfix) with ESMTP id 21E1559C56 for [EMAIL PROTECTED]; Mon, 28 Jun 2004 17:12:26 -0400 (EDT) Received: from egate-ne2.uswc.uswest.com (egate-ne2.uswc.uswest.com [151.117.64.200]) by uswgco34.uswest.com (8/8) with ESMTP id i5SLCLSu006141; Mon, 28 Jun 2004 15:12:21 -0600 (MDT) Received: from ITDENE2KSM02.AD.QINTRA.COM (localhost [127.0.0.1]) by egate-ne2.uswc.uswest.com (8.12.10/8.12.10) with ESMTP id i5SLCKCx008243; Mon, 28 Jun 2004 16:12:20 -0500 (CDT) Received: from itdene2km08.AD.QINTRA.COM ([10.1.4.107]) by ITDENE2KSM02.AD.QINTRA.COM with Microsoft SMTPSVC(5.0.2195.5329); Mon, 28 Jun 2004 15:12:20 -0600 X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: RE: BGP list of phishing sites? Date: Mon, 28 Jun 2004 15:12:12 -0600 Message-ID: [EMAIL PROTECTED] Thread-Topic: BGP list of phishing sites? Thread-Index: AcRdUpLPcFNCkm3pQvC9Iiw2DaWELgAAelTA From: Smith, Donald [EMAIL PROTECTED] To: Stephen J. Wilcox [EMAIL PROTECTED] Cc: Scott Call [EMAIL PROTECTED], [EMAIL PROTECTED] X-OriginalArrivalTime: 28 Jun 2004 21:12:20.0544 (UTC) FILETIME=[9965D400:01C45D54] Sender: [EMAIL PROTECTED] Precedence: bulk Errors-To: [EMAIL PROTECTED] X-Loop: nanog X-Virus-Scanned: by Telecomplete X-Spam-Checker-Version: Telecomplete X-Spam-Level: X-Spam-Status: No, hits=-4.9 required=5.0 tests=BAYES_00=-4.9 autolearn=no I agree phishing bgp feed would disrupt the ip address to all ISP's that listened to the bgp server involved. I was addressing a specific issue with listening to such a server and that is the loss of control issue. Sorry if that wasn't clear. So would ISP's block an phishing site if it was proven to be a phishing site and reported by their customers? [EMAIL PROTECTED] GCIA pgpFingerPrint:9CE4 227B B9B3 601F B500 D076 43F1 0767 AF00 EDCC Brian Kernighan jokingly named it the Uniplexed Information and Computing System (UNICS) as a pun on MULTICS. -Original Message- From: Stephen J. Wilcox [mailto:[EMAIL PROTECTED] Sent: Monday, June 28, 2004 2:58 PM To: Smith, Donald Cc: Scott Call; [EMAIL PROTECTED] Subject: RE: BGP list of phishing sites? Hi Donald, the bogon feed is not supposed to be causing any form of disruption, the purpose of a phishing bgp feed is to disrupt the IP address.. thats a major difference and has a lot of implications. Steve On Mon, 28 Jun 2004, Smith, Donald wrote: Some are making this too hard. Of the lists I know of they only blackhole KNOWN active attacking or victim sites (bot controllers, know malware
Re: duplicate emails?
It has been pointed out to me that other people arent seeing the dups, that these are being resent directly to my address and that its a MIL host doing it. Perhaps I dropped phrases about terrorism or porn into my posts and I'm now being targeted by eschelon ;-O Steve (hiding in basement under foil blanket) On Tue, 29 Jun 2004, Stephen J. Wilcox wrote: This host appears to be resending nanog posts? : Received: from e500smtp01.nga.mil(164.214.6.120) by relay5.nga.mil via smap (V5.5) id xma020150; Tue, 29 Jun 04 10:25:13 -0400 Originally received yesterday sometime... -- Forwarded message -- Return-path: [EMAIL PROTECTED] Envelope-to: [EMAIL PROTECTED] Delivery-date: Tue, 29 Jun 2004 14:25:46 + Received: from exim by mx-0.telecomplete.net with spam-scanned (Exim 4.22) id 1BfJYP-00065u-Li for [EMAIL PROTECTED]; Tue, 29 Jun 2004 14:25:46 + Received: from exim by mx-0.telecomplete.net with scanned-ok (Exim 4.22) id 1BfJYP-00065h-1o for [EMAIL PROTECTED]; Tue, 29 Jun 2004 14:25:45 + Received: from relay5.nga.mil ([164.214.4.61]) by mx-0.telecomplete.net with esmtp (Exim 4.22) id 1BfJYO-00065C-6w for [EMAIL PROTECTED]; Tue, 29 Jun 2004 14:25:44 + Received: by relay5.nga.mil; id KAA20159; Tue, 29 Jun 2004 10:25:38 -0400 (EDT) Received: from e500smtp01.nga.mil(164.214.6.120) by relay5.nga.mil via smap (V5.5) id xma020150; Tue, 29 Jun 04 10:25:13 -0400 Received: from relay2.nga.mil(164.214.6.52) by e1000smtp2.nima.mil via csmap id 78e94c8c_c949_11d8_9cac_0002b3c81b76_16242; Mon, 28 Jun 2004 17:24:00 -0400 (EDT) Received: by relay2.nga.mil; id RAA13558; Mon, 28 Jun 2004 17:22:36 -0400 (EDT) Received: from trapdoor.merit.edu(198.108.1.26) by relay2.nga.mil via smap (V5.5) id xma010754; Mon, 28 Jun 04 17:14:29 -0400 Received: by trapdoor.merit.edu (Postfix) id 6C1A091277; Mon, 28 Jun 2004 17:12:33 -0400 (EDT) Delivered-To: [EMAIL PROTECTED] Received: by trapdoor.merit.edu (Postfix, from userid 56) id 3590491285; Mon, 28 Jun 2004 17:12:33 -0400 (EDT) Delivered-To: [EMAIL PROTECTED] Received: from segue.merit.edu (segue.merit.edu [198.108.1.41]) by trapdoor.merit.edu (Postfix) with ESMTP id 2AB5D91277 for [EMAIL PROTECTED]; Mon, 28 Jun 2004 17:12:26 -0400 (EDT) Received: by segue.merit.edu (Postfix) id 568C759D1B; Mon, 28 Jun 2004 17:12:26 -0400 (EDT) Delivered-To: [EMAIL PROTECTED] Received: from uswgco34.uswest.com (uswgco34.uswest.com [199.168.32.123]) by segue.merit.edu (Postfix) with ESMTP id 21E1559C56 for [EMAIL PROTECTED]; Mon, 28 Jun 2004 17:12:26 -0400 (EDT) Received: from egate-ne2.uswc.uswest.com (egate-ne2.uswc.uswest.com [151.117.64.200]) by uswgco34.uswest.com (8/8) with ESMTP id i5SLCLSu006141; Mon, 28 Jun 2004 15:12:21 -0600 (MDT) Received: from ITDENE2KSM02.AD.QINTRA.COM (localhost [127.0.0.1]) by egate-ne2.uswc.uswest.com (8.12.10/8.12.10) with ESMTP id i5SLCKCx008243; Mon, 28 Jun 2004 16:12:20 -0500 (CDT) Received: from itdene2km08.AD.QINTRA.COM ([10.1.4.107]) by ITDENE2KSM02.AD.QINTRA.COM with Microsoft SMTPSVC(5.0.2195.5329); Mon, 28 Jun 2004 15:12:20 -0600 X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: RE: BGP list of phishing sites? Date: Mon, 28 Jun 2004 15:12:12 -0600 Message-ID: [EMAIL PROTECTED] Thread-Topic: BGP list of phishing sites? Thread-Index: AcRdUpLPcFNCkm3pQvC9Iiw2DaWELgAAelTA From: Smith, Donald [EMAIL PROTECTED] To: Stephen J. Wilcox [EMAIL PROTECTED] Cc: Scott Call [EMAIL PROTECTED], [EMAIL PROTECTED] X-OriginalArrivalTime: 28 Jun 2004 21:12:20.0544 (UTC) FILETIME=[9965D400:01C45D54] Sender: [EMAIL PROTECTED] Precedence: bulk Errors-To: [EMAIL PROTECTED] X-Loop: nanog X-Virus-Scanned: by Telecomplete X-Spam-Checker-Version: Telecomplete X-Spam-Level: X-Spam-Status: No, hits=-4.9 required=5.0 tests=BAYES_00=-4.9 autolearn=no I agree phishing bgp feed would disrupt the ip address to all ISP's that listened to the bgp server involved. I was addressing a specific issue with listening to such a server and that is the loss of control issue. Sorry if that wasn't clear. So would ISP's block an phishing site if it was proven to be a phishing site and reported by their customers? [EMAIL PROTECTED] GCIA pgpFingerPrint:9CE4 227B B9B3 601F B500 D076 43F1 0767 AF00 EDCC Brian Kernighan jokingly named it the Uniplexed Information and Computing System (UNICS) as a pun on MULTICS. -Original Message- From: Stephen J. Wilcox [mailto:[EMAIL PROTECTED] Sent: Monday, June 28, 2004 2:58 PM To: Smith, Donald Cc: Scott Call; [EMAIL PROTECTED] Subject: RE: BGP list of phishing sites? Hi