[swinog] Re: Research project on Sustainable Networking
Dear Rainer, * Network connectivity for the Pi is required but DOES WORK BEHIND A FIREWALL. The only requirement is that the Pi must be able to connect to the Internet. Thanks again to those who already reached out! "the Internet" - you mean Port 443, any IP? Actually, no. We use a custom port to establish an gRPC connection from the Pi to our server back at ETH. So, if your network has tight security rules, the only thing we really need in one open port open towards one IP address. Best, -- Romain JACOB Postdoctoral Researcher ETH Zurich Networked Systems Group (NSG) Lead: Prof. Laurent Vanbever www.romainjacob.net <https://www.romainjacob.net/> @RJacobPartner <https://twitter.com/RJacobPartner> @jacobr@discuss.systems <https://discuss.systems/@jacobr> Gloriastrasse 35, ETZ G81 8092 Zurich +41 7 68 16 88 22 smime.p7s Description: S/MIME Cryptographic Signature ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Research project on Sustainable Networking
Am 2024-06-21 16:48, schrieb Romain Jacob via swinog: Dear Urs, Let me keep the list on to reply to some questions, as you are not the first to ask: * Most routers we are interested in have multiple power supply. Our strategy is to use one measurement unit per PSU. That demands extra hardware, but we wouldn't want to have two PSU connected to the same power meter anyway as this would create a potential single point of failure. * Network connectivity for the Pi is required but DOES WORK BEHIND A FIREWALL. The only requirement is that the Pi must be able to connect to the Internet. Thanks again to those who already reached out! "the Internet" - you mean Port 443, any IP? _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] SCION ISP Peering at STACK GEN01A?
Dear SCION ISPs Dear all We're intending to place SCION CORE of ours in the Romandie; current plan is to go to STACK Infrastructure's GEN01A (Plan-les-Ouates, es SafeHost). Are any of you present at GEN01A too, and would you be willing to explore possibilities to interconnect at GEN01A? Please contact us off-list. Best regards Marc EveryWare AG Marc Lüthi Senior Network Engineer Zurlindenstrasse 52a CH-8003 Zürich T +41 44 466 60 00 F +41 44 466 60 10 marc.lue...@everyware.ch<mailto:marc.lue...@everyware.ch> www.everyware.ch<http://www.everyware.ch> smime.p7s Description: S/MIME cryptographic signature ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Anyone from pcloud.com Zug on this List
Hi If anyone from pcloud.com is reading this list. Could you please quickly get in contact with me? I know why your domain is listed on the SWINOG URIBL. I would like to look into the root cause. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: on-topic-ness of SCION ?
Feel free to discuss those topics on this ML :) greetings -steven Am 30.04.2024 um 08:38 schrieb Lüthi Marc via swinog : Dear all A quick straw poll to the community: SCION on this list, [yes/no]? I could think of topics like * finding peer persons involved in operating SCION Equipment (COREs, GATEs EDGEs) among the Swiss ISP community [1] * finding/requesting/discussing peering/interconnecting options with other CORE or EDGE operators * … and a few things more. If not on topic for swinog – might this be a use case for a hypothetical swinog-scion mailing list? Thanks for your thoughts and ideas. And of course, if such a thing as a “Swiss SCION Operators Community” (Web Forum, Discord, Slack, IRC channel, Mailing List….) is already established somewhere else – I’ll happily take any pointers. EveryWare AG Marc Lüthi [1] I just came to understand that there’s a Mailing List, Slack and Matrix channel at/by https://scion-architecture.net/ - but I take it that this is more for the development side of things. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: on-topic-ness of SCION ?
> From: "Lüthi Marc via swinog" > A quick straw poll to the community: SCION on this list, [yes/no]? Within reason? “Moderation in all things?” “As long as it doesn’t start verging into cryptocurrency babble?" -Bill _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: on-topic-ness of SCION ?
my 2 cents: as it says Swiss Network operators group, and SCION should be a network protocol, this is on topic for me. If the Group would be "BGP operators of Switzerland" then maybe not - but as we aren't - feel free. it's interesting to learn also new things I guess. Silvan From: "Lüthi Marc via swinog" To: "swinog" Sent: Tuesday, April 30, 2024 6:38:07 AM Subject: [swinog] on-topic-ness of SCION ? Dear all A quick straw poll to the community: SCION on this list, [yes/no]? I could think of topics like * finding peer persons involved in operating SCION Equipment (COREs, GATEs EDGEs) among the Swiss ISP community [1] * finding/requesting/discussing peering/interconnecting options with other CORE or EDGE operators * … and a few things more. If not on topic for swinog – might this be a use case for a hypothetical swinog-scion mailing list? Thanks for your thoughts and ideas. And of course, if such a thing as a “Swiss SCION Operators Community” (Web Forum, Discord, Slack, IRC channel, Mailing List….) is already established somewhere else – I’ll happily take any pointers. EveryWare AG Marc Lüthi [1] I just came to understand that there’s a Mailing List, Slack and Matrix channel at/by [ https://scion-architecture.net/ | https://scion-architecture.net/ ] - but I take it that this is more for the development side of things. _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: on-topic-ness of SCION ?
Hi Marc Maybe check with https://www.scion.org/ They me be interested in building up a community. And it would probably make sense the the operates collaborate within SWINOG. Best Serge On 30.04.24 08:38, Lüthi Marc via swinog wrote: Dear all A quick straw poll to the community: SCION on this list, [yes/no]? I could think of topics like * finding peer persons involved in /operating/ SCION Equipment (COREs, GATEs EDGEs) among the Swiss ISP community [1] * finding/requesting/discussing peering/interconnecting options with other CORE or EDGE operators * … and a few things more. If not on topic for swinog – might this be a use case for a hypothetical swinog-scion mailing list? Thanks for your thoughts and ideas. And of course, if such a thing as a “Swiss SCION Operators Community” (Web Forum, Discord, Slack, IRC channel, Mailing List….) is already established somewhere else – I’ll happily take any pointers. EveryWare AG Marc Lüthi [1] I just came to understand that there’s a Mailing List, Slack and Matrix channel at/by https://scion-architecture.net/ <https://scion-architecture.net/> - but I take it that this is more for the development side of things. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] on-topic-ness of SCION ?
Dear all A quick straw poll to the community: SCION on this list, [yes/no]? I could think of topics like * finding peer persons involved in operating SCION Equipment (COREs, GATEs EDGEs) among the Swiss ISP community [1] * finding/requesting/discussing peering/interconnecting options with other CORE or EDGE operators * ... and a few things more. If not on topic for swinog - might this be a use case for a hypothetical swinog-scion mailing list? Thanks for your thoughts and ideas. And of course, if such a thing as a "Swiss SCION Operators Community" (Web Forum, Discord, Slack, IRC channel, Mailing List) is already established somewhere else - I'll happily take any pointers. EveryWare AG Marc Lüthi [1] I just came to understand that there's a Mailing List, Slack and Matrix channel at/by https://scion-architecture.net/ - but I take it that this is more for the development side of things. smime.p7s Description: S/MIME cryptographic signature _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: AS6830 decoupling
I suppose this would be interesting to many of us. @AS6730: Please don't respond off-list. On 24.04.24 13:20, Martin Schenkel via swinog wrote: Hi there Is there a Sunrise/UPC core network engineer on this list who can enlighten me about the recent AS6830/AS6730 network changes. If yes, please contact me off-list. Thanks, Martin ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch -- Fredy Künzler Init7 (Switzerland) Ltd. Technoparkstrasse 5 CH-8406 Winterthur https://www.init7.net/ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] AS6830 decoupling
Hi there Is there a Sunrise/UPC core network engineer on this list who can enlighten me about the recent AS6830/AS6730 network changes. If yes, please contact me off-list. Thanks, Martin ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
I could hack your computer and spy on you. Even it it's not permitted by laws, what stops me from doing it? Von: Samuel B. via swinog Gesendet: Dienstag, 23. April 2024 12:43 An: swinog@lists.swinog.ch Betreff: [swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks Public DNS Providers could possibly abuse their position and see what users of it are doing on the internet. It‘s different though, because a public dns provider cannot see who the user is exactly, they could take a good guess at it, but it‘s not always certain. ISPs (atleast swiss providers) have logs of IPs to Customer. This would allow the ISP to see exactly what customer XYZ is doing on the internet. Even if it‘s not permitted by privacy laws, what stops the provider from accessing it? Public Providers could do the same, but they most definitely do not know the exact name, address and other details about the customer, as the ISP can. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
Public DNS Providers could possibly abuse their position and see what users of it are doing on the internet. It‘s different though, because a public dns provider cannot see who the user is exactly, they could take a good guess at it, but it‘s not always certain. ISPs (atleast swiss providers) have logs of IPs to Customer. This would allow the ISP to see exactly what customer XYZ is doing on the internet. Even if it‘s not permitted by privacy laws, what stops the provider from accessing it? Public Providers could do the same, but they most definitely do not know the exact name, address and other details about the customer, as the ISP can. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
Hi Samuel > That still does not answer why you as an ISP try to convince your > customers to not use Public DNS Servers, or „not seeing a reason“ in > them doing so. Let's see... why would those companies operate those public DNS Servers 'for free'? Nothing's free, right? Probably they get some benefit of it... Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
That‘s the legal aspect of things. That is of course totally normal. Every ISP has to follow that. Blocking other sites at your own will, just like swisscom is doing here, is not. Having users that simply do not wish to be blocked by your blocking service for „gambling”, or those that simply do not trust your DNS servers should still be free to use public DNS servers. That still does not answer why you as an ISP try to convince your customers to not use Public DNS Servers, or „not seeing a reason“ in them doing so. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
Hi Samuel > Matter of fact! That‘s what it looks like IMP is also (atleast attempting to > be) doing. (blocklist.imp.ch) I don't know this host. https://refused.breitband.ch/ here you go, not a secret. Legal background explained. > This is the exact same behaviour as Swisscom in this case. As required by law, implemented as (broken as) requested. Not a secret, all Swiss ISP are affected. Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
I find your last statement very ironic. There are valid reasons for using a different server than the ISP provided ones. Whether it‘s latency, as mentioned before deciding who gets to have access to the „valuable personal information“ or simply distrusting the ISP, as any ISP could „unintentionally“ or intentionally do the same as Swisscom has done here. That wouldn‘t colide with privacy laws in any way. ISP XYZ could say; Well that Website is „dangerous for our users“, let‘s send it to our blackhole / blocking „service“! -> And then the ISP wonders why users are switching DNS Servers? Matter of fact! That‘s what it looks like IMP is also (atleast attempting to be) doing. (blocklist.imp.ch) This is the exact same behaviour as Swisscom in this case. Getting back on topic, there are many valid reasons. The provider in this case shouldn‘t judge upon this user behaviour. Users are totally free to use their own or public large DNS servers to avoid ISP blocking. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
Hi > So you are saying that relying on the provider dns and having to use > it instead of other public (non-modifying) DNS Servers will not feed > the internet provider with this „valuable personal data“? There are privacy laws in place. I would not consider this good practice. I don't think (maybe I'm mistaking) that an ISP would have any benefit of collecting, analyzing such data. Selling / using such data for marketing would probably cash with privacy laws. Disclaimer: IANAL. > Also are you saying that the user shouldn‘t use any public, > non-modified DNS Servers, just for that fact? Are you implementing the > same measures as Swisscom? There are legal requirements regarding DNS which OFCOM registered TSP have to follow. So, yes, I understand every nerd who operates their own DNS server to avoid his personal data being used by the 'big ones' and to get 'free' access to the whole internet, but I don't understand why customers would want to use 8.8.8.8 or 1.1.1.1 instead of their providers DNS for those reasons. Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
So you are saying that relying on the provider dns and having to use it instead of other public (non-modifying) DNS Servers will not feed the internet provider with this „valuable personal data“? Also are you saying that the user shouldn‘t use any public, non-modified DNS Servers, just for that fact? Are you implementing the same measures as Swisscom? ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
it would only be fair if swisscom declare their offer not to be "internet" but some "protected network connectivity including part of the internet". At least then the end user can decide. I don't think their concept is compatible with net neutrality otherwise. And you can not opt-in or opt-out if you are not aware. > On 23 Apr 2024, at 12:30, Marc SCHAEFER via swinog > wrote: > > Hello, > > On Tue, Apr 23, 2024 at 10:04:14AM +0200, Stefan via swinog wrote: >> But you know that it is already daily business that Swiss ISP's are blocking >> websites? > > One of the example you give was voted by the Swiss people (Casino blocking). > ISP have no say in that matter. Some countries go way further in blocking > "content" (as was mentionned on the list earlier). > > But here, we are discussing additional security measures that some ISPs, > including Swisscom, are taking: Swiss people did not vote yet about blocking > malware. > > And Swisscom also blocks / intercepts / redirects SMTP for quite a few years > now, for end users. On port 25 (not on 587 nor 465 AFAIK). I think they are > pretty unique in that aspect (other ISPs usually simply block incoming > port 25, they don't AFAIK filter out outgoing). > >> Use other DNS-Servers if you want to be "free", but accept the risk. > > That could be a solution: an opt-out. It *seems* to me that Sunrise, e.g., > actually even offers an opt-in, as their firewalling service is usually > valued at 5 CHF/month but in essence free to the end user (not sure what it > really does) and can be refused when ordering. > > In my opinion, the most important thing is that the blocking be documented to > the end-user, even on every month's invoice, and that opt-out (or opt-in) be > offered for everything that is not compulsory by law. > > Have a nice day. > ___ > swinog mailing list -- swinog@lists.swinog.ch > To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
Hello, On Tue, Apr 23, 2024 at 10:04:14AM +0200, Stefan via swinog wrote: > But you know that it is already daily business that Swiss ISP's are blocking > websites? One of the example you give was voted by the Swiss people (Casino blocking). ISP have no say in that matter. Some countries go way further in blocking "content" (as was mentionned on the list earlier). But here, we are discussing additional security measures that some ISPs, including Swisscom, are taking: Swiss people did not vote yet about blocking malware. And Swisscom also blocks / intercepts / redirects SMTP for quite a few years now, for end users. On port 25 (not on 587 nor 465 AFAIK). I think they are pretty unique in that aspect (other ISPs usually simply block incoming port 25, they don't AFAIK filter out outgoing). > Use other DNS-Servers if you want to be "free", but accept the risk. That could be a solution: an opt-out. It *seems* to me that Sunrise, e.g., actually even offers an opt-in, as their firewalling service is usually valued at 5 CHF/month but in essence free to the end user (not sure what it really does) and can be refused when ordering. In my opinion, the most important thing is that the blocking be documented to the end-user, even on every month's invoice, and that opt-out (or opt-in) be offered for everything that is not compulsory by law. Have a nice day. _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
But you know that it is already daily business that Swiss ISP's are blocking websites? Just an example: https://www.esbk.admin.ch/esbk/de/home/illegalesspiel/zugangssperren.html https://abuse.ch/ I had already requests from customers to grant them access to phishing sites, only that they can enter their usernames and passwords (facepalm)... Then phishing and malware is one thing, but there are also connections to botnets which are used for DDoS etc., so it is also a precaution for ISP's to protect themselves (Infrastructure, IP-Reputation and so on). Use other DNS-Servers if you want to be "free", but accept the risk. Am 23.04.2024 um 09:45 schrieb Andreas Fink via swinog: I disagree. Its not swisscoms role to censorship the internet. Even if the idea might be honorable, to keep the bad guys out, the machinery put in place is resulting in something which will be abused for political agendas. Given swisscom is state owned, the risk is even higher. Its a risk to democracy you should not under estimate. Maybe you are too young but you should read George Orwells 1984 to see where this is going. I have been an indirect victim of a blocking which costed me 10 years in court case and legal fees of half a million stacking up. You can not imagine what political blocking can do to your business. And here we have swisscom put a machinery in place that politicians can just ask for it by the clock of a button. Now dont tell me they will not use this powerful weapon one day agains someone they dont like their political views of. Totalitarian states do it already up to certain extent (Russia, Turkmenistan, US, Iran, middle east, Turkey...) Am 23.04.2024 um 11:34 schrieb Daniel Stirnimann via swinog : Yes, I understand the technical issues. And yes it's ugly. But do you have a better solution? Swisscom should stop tampering with DNS, as it does not work, and is no solution to the problem. I disagree, Swisscom still misses a lot of phishing and malware websites. I would like them to be way more aggressive. Their support staff has to deal with calls from infected customers. They might as well try as good a possible to prevent it from happening in the first place. If you belong to the <0.1% of people who want unfiltered DNS, just run your recursive resolver. Part of the problem is that the user doesn’t get an error message at all, and then mails us „hey, your website is down“. Eventually, web browser will show better responses for none resolvable domain names e.g. by utilizing Extended DNS Errors (RFC 8914). EDE has code points for filtered or blocked DNS responses. Until web browser care more about DNS, I advice to be as verbose as possible when you block something. For example, make the DNS output more verbose so that at least administrators realize why a domain name is blocked. Swisscom could have used a CNAME in the answer section to blocked.swisscom.com and they could also add an additional section with a SOA indicating the origin of the blocking. The RNAME field could be their report false positive email address and so on. Daniel _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
I disagree. Its not swisscoms role to censorship the internet. Even if the idea might be honorable, to keep the bad guys out, the machinery put in place is resulting in something which will be abused for political agendas. Given swisscom is state owned, the risk is even higher. Its a risk to democracy you should not under estimate. Maybe you are too young but you should read George Orwells 1984 to see where this is going. I have been an indirect victim of a blocking which costed me 10 years in court case and legal fees of half a million stacking up. You can not imagine what political blocking can do to your business. And here we have swisscom put a machinery in place that politicians can just ask for it by the clock of a button. Now dont tell me they will not use this powerful weapon one day agains someone they dont like their political views of. Totalitarian states do it already up to certain extent (Russia, Turkmenistan, US, Iran, middle east, Turkey...) > Am 23.04.2024 um 11:34 schrieb Daniel Stirnimann via swinog > : > > >> >>> Yes, I understand the technical issues. And yes it's ugly. But do you have >>> a better solution? >> Swisscom should stop tampering with DNS, as it does not work, and is no >> solution to the problem. > > I disagree, Swisscom still misses a lot of phishing and malware websites. I > would like them to be way more aggressive. Their support staff has to deal > with calls from infected customers. They might as well try as good a possible > to prevent it from happening in the first place. If you belong to the <0.1% > of people who want unfiltered DNS, just run your recursive resolver. > >> Part of the problem is that the user doesn’t get an error message at all, >> and then mails us „hey, your website is down“. > > Eventually, web browser will show better responses for none resolvable domain > names e.g. by utilizing Extended DNS Errors (RFC 8914). > > EDE has code points for filtered or blocked DNS responses. Until web browser > care more about DNS, I advice to be as verbose as possible when you block > something. > > For example, make the DNS output more verbose so that at least administrators > realize why a domain name is blocked. Swisscom could have used a CNAME in the > answer section to blocked.swisscom.com and they could also add an additional > section with a SOA indicating the origin of the blocking. The RNAME field > could be their report false positive email address and so on. > > Daniel > > ___ > swinog mailing list -- swinog@lists.swinog.ch > To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
> Part of the problem is that the user doesn’t get an error message at all, and > then mails us „hey, your website is down“. Also throwing in my 2 rappen: User notices: Provider DNS is misbehaving, blames Provider, and uses DNS of Google / Cloudflare feeding them valuable personal data. But no, I have no solution either. Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
As a former malware researcher: no, this is not an ideal solution. Yes, we don't have anything better (well, there is the Google Safe Browsing list which most of the major browsers use). And, yes, it is a widely used method and it's effective. Attila On Tue, Apr 23, 2024 at 9:34 AM Daniel Stirnimann via swinog - swinog at lists.swinog.ch wrote: > >> Yes, I understand the technical issues. And yes it's ugly. But do you > have a better solution? > > > > Swisscom should stop tampering with DNS, as it does not work, and is no > solution to the problem. > > I disagree, Swisscom still misses a lot of phishing and malware > websites. I would like them to be way more aggressive. Their support > staff has to deal with calls from infected customers. They might as well > try as good a possible to prevent it from happening in the first place. > If you belong to the <0.1% of people who want unfiltered DNS, just run > your recursive resolver. > > > Part of the problem is that the user doesn’t get an error message at > all, and then mails us „hey, your website is down“. > > Eventually, web browser will show better responses for none resolvable > domain names e.g. by utilizing Extended DNS Errors (RFC 8914). > > EDE has code points for filtered or blocked DNS responses. Until web > browser care more about DNS, I advice to be as verbose as possible when > you block something. > > For example, make the DNS output more verbose so that at least > administrators realize why a domain name is blocked. Swisscom could have > used a CNAME in the answer section to blocked.swisscom.com and they > could also add an additional section with a SOA indicating the origin of > the blocking. The RNAME field could be their report false positive email > address and so on. > > Daniel > > ___ > swinog mailing list -- swinog@lists.swinog.ch > To unsubscribe send an email to swinog-le...@lists.swinog.ch > ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
Yes, I understand the technical issues. And yes it's ugly. But do you have a better solution? Swisscom should stop tampering with DNS, as it does not work, and is no solution to the problem. I disagree, Swisscom still misses a lot of phishing and malware websites. I would like them to be way more aggressive. Their support staff has to deal with calls from infected customers. They might as well try as good a possible to prevent it from happening in the first place. If you belong to the <0.1% of people who want unfiltered DNS, just run your recursive resolver. Part of the problem is that the user doesn’t get an error message at all, and then mails us „hey, your website is down“. Eventually, web browser will show better responses for none resolvable domain names e.g. by utilizing Extended DNS Errors (RFC 8914). EDE has code points for filtered or blocked DNS responses. Until web browser care more about DNS, I advice to be as verbose as possible when you block something. For example, make the DNS output more verbose so that at least administrators realize why a domain name is blocked. Swisscom could have used a CNAME in the answer section to blocked.swisscom.com and they could also add an additional section with a SOA indicating the origin of the blocking. The RNAME field could be their report false positive email address and so on. Daniel ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
On Tue, 23 Apr 2024 08:59:07 +0200 Gert Doering via swinog wrote: > On Tue, Apr 23, 2024 at 08:55:49AM +0200, Serge Droz via swinog wrote: > > Yes, I understand the technical issues. And yes it's ugly. > > But do you have a better solution? > > Since this is not a "solution", just a new sort of problem, it doesn't > even qualify for a comparison. Even IF it would have a relevant impact on the spread of malware (and I agree with you that it definitely CAN'T), triggering actions that you CAN'T know the further consequences of is not a good idea. And furthermore, breaking protocols is usually an approach to do as much damage as you want. It is not technically intended for providers to do this. There is no interface to indicate that you are bending DNS for security reasons. In the end, this is just another approach to justify interfering with the network. Once the lever has been successfully applied because of cybercrime or malware, this will be extended more and more politically. All experience to date simply shows that. The Russians are evil? So block the network. The Chinese are evil? So network blocking. Wikileaks is evil? Network blocking. Because the users are poor sheep that we have to protect from evil information. And it's not the users who decide what information is evil. Best Regards Oli -- Automatic-Server AG • Oliver Schad Geschäftsführer Hardstr. 46 9434 Au | Schweiz www.automatic-server.com | oliver.sc...@automatic-server.com Tel: +41 71 511 31 11 | Mobile: +41 76 330 03 47 pgpijCkOaZy5M.pgp Description: OpenPGP digital signature _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
On Tue, 23 Apr 2024 08:51:41 +0200 Serge Droz via swinog wrote: > It's actually a pretty smart and light way of protection the majority > of users from malware. And yes, there will always be false positives. Do you plan to compensate financial losses through that behaviour, i.e. you block a webshop, a bank, an insurance? Do you plan to compensate health issues through that behaviour, i.e. you block an important health service? Do you plan to compensate social issues through that behaviour, i.e. you block an important social service, maybe a forum for unstable personalities, who rely on that platform? Maybe to avoid suicide? Are you sure, that this mechanism is "smart"? Maybe protection against malware is less important, than you think when you don't know the consequences of your actions. Best Regards Oli -- Automatic-Server AG • Oliver Schad Geschäftsführer Hardstr. 46 9434 Au | Schweiz www.automatic-server.com | oliver.sc...@automatic-server.com Tel: +41 71 511 31 11 | Mobile: +41 76 330 03 47 pgpA_fGXM9M7j.pgp Description: OpenPGP digital signature ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
> Am 23.04.2024 um 08:55 schrieb Serge Droz via swinog : > > Yes, I understand the technical issues. And yes it's ugly. But do you have a > better solution? Swisscom should stop tampering with DNS, as it does not work, and is no solution to the problem. Part of the problem is that the user doesn’t get an error message at all, and then mails us „hey, your website is down“. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
Hi, On Tue, Apr 23, 2024 at 08:55:49AM +0200, Serge Droz via swinog wrote: > Yes, I understand the technical issues. And yes it's ugly. It's not "ugly", it's outright failing to achieve anything, except signal "things are not working". Why have a report form at all if it can not be loaded due to certificate mismatch? The world is no longer HTTP-only... > But do you have a better solution? Since this is not a "solution", just a new sort of problem, it doesn't even qualify for a comparison. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Ingo Lalla, Karin Schuler Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
Yes, I understand the technical issues. And yes it's ugly. But do you have a better solution? On 23.04.24 08:53, Marc Balmer wrote: Am 23.04.2024 um 08:51 schrieb Serge Droz via swinog : It's actually a pretty smart and light way of protection the majority of users from malware. And yes, there will always be false positives. And yes, it's sad we have to do this, but that's mostly because our industry, despite promising the contrary for years, doesn't seem to be able to offer secure services and products. The fact is, that states are getting feed up with this and will start legislating because we keep making empty promises and tell them they are stupid. You don't have to believe me, but maybe you listen to John Curran: https://www.youtube.com/watch?v=U1Ip39Qv-Zk Sorry for the rant, but I feel your reply is condescending and uninformed. Just throwing around words like "internet police" etc doesn't solve anything. Did you understand the technical issue this approach has? Certificates don’t match, that is the issue. -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
> Am 23.04.2024 um 08:51 schrieb Serge Droz via swinog : > > It's actually a pretty smart and light way of protection the majority of > users from malware. And yes, there will always be false positives. > > And yes, it's sad we have to do this, but that's mostly because our industry, > despite promising the contrary for years, doesn't seem to be able to offer > secure services and products. > > The fact is, that states are getting feed up with this and will start > legislating because we keep making empty promises and tell them they are > stupid. > > You don't have to believe me, but maybe you listen to John Curran: > https://www.youtube.com/watch?v=U1Ip39Qv-Zk > > Sorry for the rant, but I feel your reply is condescending and uninformed. > Just throwing around words like "internet police" etc doesn't solve anything. Did you understand the technical issue this approach has? Certificates don’t match, that is the issue. _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
It's actually a pretty smart and light way of protection the majority of users from malware. And yes, there will always be false positives. And yes, it's sad we have to do this, but that's mostly because our industry, despite promising the contrary for years, doesn't seem to be able to offer secure services and products. The fact is, that states are getting feed up with this and will start legislating because we keep making empty promises and tell them they are stupid. You don't have to believe me, but maybe you listen to John Curran: https://www.youtube.com/watch?v=U1Ip39Qv-Zk Sorry for the rant, but I feel your reply is condescending and uninformed. Just throwing around words like "internet police" etc doesn't solve anything. Best Serge On 23.04.24 08:38, Marc Balmer via swinog wrote: Swisscom returns this IP address for blocked domain names most likely because it assumes this website is compromised (phishing, malware). If you visit this IP address in a web browser you are redirected to https://www.swisscom.ch/abuse-info That explains. From a technical point of view, that is one of the most stupid things one can possibly do. Whoever invented this, has no clue how the web works: 1) I point my browser to https://spectrum-conference.org <https://spectrum-conference.org> (or any other domain where swisscom acts as the internet police) 2) Swisscom tampers with DNS and returns the address of one of their own servers 3) My browser opens a connection to it *and of course the website's HTTPS certificate does not match* 4) My browser shows an error message that a secure connection can not be made (at least all Apple device do this) 5) Swisscom malware page is not even displayed. This website has a form to report false positive. Daniel Thank you. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
On https://www.swisscom.ch/de/privatkunden/hilfe/internet/url-checker.html you can check if a URL is blocked by Swisscom or not. Seems it‘s blocked because of «Malware Distribution»… ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
> Am 23.04.2024 um 08:42 schrieb Daniel Stirnimann > : > > Try http://195.186.208.193/ Thanks, Daniel, that worked! Reporting it now. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
Try http://195.186.208.193/ Daniel On 23.04.2024 08:40, Marc Balmer wrote: Swisscom returns this IP address for blocked domain names most likely because it assumes this website is compromised (phishing, malware). If you visit this IP address in a web browser you are redirected to https://www.swisscom.ch/abuse-info This website has a form to report false positive. There is no such form. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
> Swisscom returns this IP address for blocked domain names most likely because > it assumes this website is compromised (phishing, malware). > > If you visit this IP address in a web browser you are redirected to > https://www.swisscom.ch/abuse-info > > This website has a form to report false positive. There is no such form. _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
> Swisscom returns this IP address for blocked domain names most likely because > it assumes this website is compromised (phishing, malware). > > If you visit this IP address in a web browser you are redirected to > https://www.swisscom.ch/abuse-info That explains. From a technical point of view, that is one of the most stupid things one can possibly do. Whoever invented this, has no clue how the web works: 1) I point my browser to https://spectrum-conference.org <https://spectrum-conference.org/> (or any other domain where swisscom acts as the internet police) 2) Swisscom tampers with DNS and returns the address of one of their own servers 3) My browser opens a connection to it *and of course the website's HTTPS certificate does not match* 4) My browser shows an error message that a secure connection can not be made (at least all Apple device do this) 5) Swisscom malware page is not even displayed. > > This website has a form to report false positive. > > Daniel > Thank you. _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
Swisscom returns this IP address for blocked domain names most likely because it assumes this website is compromised (phishing, malware). If you visit this IP address in a web browser you are redirected to https://www.swisscom.ch/abuse-info This website has a form to report false positive. Daniel On 22.04.2024 23:51, Marc Balmer via swinog wrote: The domain name spectrum-conference.org <http://spectrum-conference.org/> wrongfully resolves to 195.186.208.193 when queried from bluewin/swisscom mobile networks. It is registered to 46.175.8.9, which is the correct address. Please fix the swisscom/bluewin.ch <http://bluewin.ch/> DNS resolvers. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Swisscom DNS issue: spectrum-conference.org wrongfully resolves to a bluewin address in swisscom mobile networks
The domain name spectrum-conference.org <http://spectrum-conference.org/> wrongfully resolves to 195.186.208.193 when queried from bluewin/swisscom mobile networks. It is registered to 46.175.8.9, which is the correct address. Please fix the swisscom/bluewin.ch <http://bluewin.ch/> DNS resolvers. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] IANA AS Numbers Registry Update
Hi, The IANA AS Numbers registry has been updated to reflect the allocation of the following block to ARIN: 401309-402332 Assigned by ARIN 2024-04-10 You can find the registry at: https://www.iana.org/assignments/as-numbers/ The allocation was made in accordance with the Policy for Allocation of ASN Blocks to Regional Internet Registries: https://www.icann.org/resources/pages/global-policy-asn-blocks-2010-09-21-en Best regards, David Dong IANA Services Sr. Specialist ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Anyone else troubles with abusix.com swisscom 'false positives'?
Hi all Our ISP Email IP Adresses and Domains are, once more, being blacklisted @ Abusix because of, I guess, emails sent to Bluewin Spamtraps. As far as I have figured out, in contact with our customers allegedly sending spam in past cases, those are almost always false positives. There was exactly one case of a business customer indeed sending multiple emails to one or several such bluewin email addresses and did not correctly process the bounces, but then only his dedicated IP was listed, not our customer email domains. But also then, the bluewin addresses he send his newsletters to, he could prove, belonged to his customers. In all other cases, customers sent emails to @bluewin.ch email addresses they knew the owner of. There was even one case where the @bluewin.ch email address in question that was a 'spamtrap' belonged to our customer and he just forwarded his email account with us to his own @bluewin account. It looks like after some 'short' time of inactivity, Swisscom automatically repurposed the bluewin email address of it's customer as 'spamtrap' which of course cause all those issues. Unfortunately I have not yet found anyone @swisscom able to further dig into why this so often causes our email services to get blacklisted or how to avoid this. Abusix.com basically refers to Swisscom as they may not disclose any of those spamtraps and have no information how those bluewin addresses became spamtraps. Can anyone help or knows who @ Swisscom to contact regarding those abusix spamtrap issues? Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Any users of SCION here?
Hi Rainer We offer SCION Services and have therefor also some knowledge about the hardware which is used by SCION. Contact my off-list with your questions, I'm available next week. Frohe Ostern Matthias From: Rainer Duffner via swinog Sent: Thursday, March 28, 2024 12:08 To: swinog@lists.swinog.ch Subject: [swinog] Any users of SCION here? Hi, and specifically the hardware the company behind it (anapaya) sells. Best Regards Rainer ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Any users of SCION here?
> On 28 Mar 2024, at 12:08, Rainer Duffner via swinog > wrote: > > Hi, > > and specifically the hardware the company behind it (anapaya) sells. Before looking at technologies, one should always first define what one's current situation is, what one's problems with that are and then what the state of the art is for those problems to be resolved. When one has that overview, one can actually say if something is adequate for solving the problem at hand. Some companies seem to think SCION solves something: https://www.swisscom.ch/en/business/enterprise/themen/security/resilienz-cyberattacken-scion.html https://www.six-group.com/de/products-services/banking-services/ssfn.html A choice quote from that: "The network made available by the SCION provider cannot be blocked by DDoS attacks from the global internet" Which makes sense, as it is not the Internet ;) As DDoS seems to be the primary problem, do you have those issues? Any private network link, something disconnected from the Internet would already address most of those concerns... Greets, Jeroen ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Any users of SCION here?
Don’t know the details nor are we using it. But I heard that some guys at dnip.ch could perhaps know more about? Maybe you or others know some of these guys? https://scion-architecture.net/pages/scion_day_2022/ Regards, Urs SBB AG Cyber Security Poststrasse 6, 3072 Ostermundigen urs.bf.muel...@sbb.ch<mailto:urs.bf.muel...@sbb.ch> / www.sbb.ch<http://www.sbb.ch> Von: Rainer Duffner via swinog Datum: Donnerstag, 28. März 2024 um 12:09 An: swinog@lists.swinog.ch Betreff: [swinog] Any users of SCION here? Hi, and specifically the hardware the company behind it (anapaya) sells. Best Regards Rainer ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Any users of SCION here?
Hi, and specifically the hardware the company behind it (anapaya) sells. Best Regards Rainer ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] IANA AS Numbers Registry Update
Hi, The IANA AS Numbers registry has been updated to reflect the allocation of the following block to LACNIC: 273821-274844 Assigned by LACNIC 2024-03-22 You can find the registry at: https://www.iana.org/assignments/as-numbers/ The allocation was made in accordance with the Policy for Allocation of ASN Blocks to Regional Internet Registries: https://www.icann.org/resources/pages/global-policy-asn-blocks-2010-09-21-en Best Regards, Selina Harrington IANA Operations Manager ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Historical FTTH availability data: Ready4Order
I'm looking for historical Ready4Order data of to visualize the FTTH rollout in Switzerland on a timeline from a scientific perspective. It could become something like this https://ftth.init7.net/ but for example with a time slider. These files are called 99_35_MMDD_FTTH_Ready_for_Order_Information.zip and are available for download from the WSG portal to anyone with a BBCS contract of Swisscom. (After login go to Services ==> WSG Information Services ==> FTTx Coverage). However the WSG portal offers only the last five daily snapshots. The file sizes varies from 22Mbyte (2024) to 13Mbyte (2019) and it contains a single .csv file. If you happen to download the file in the recent years, even only occasionally, please let me know off list. Collection of 2023 is almost complete, the one of 2022 mostly ==> the older the better. You may want to ask the person in your company responsible for broadband product management, too. DISCLAIMER: The files must not be made public. They are under NDA which is signed with the BBCS contract. Please don't put it onto a web server w/o .htaccess. Any help would be appreciated. PS. I already asked Swisscom, apparently those files didn't got stored on a regular basis. -- Fredy Künzler Init7 (Switzerland) Ltd. Technoparkstrasse 5 CH-8406 Winterthur https://www.init7.net/ _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Contact to Ricardo Abuse Desk or Email Admin?
Hi Team Thank you all. I got the hint with the well-known URI :-) Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Contact to Ricardo Abuse Desk or Email Admin?
Hello Benoît IMHO Ricardo is part of the Empire of Supino (TaMedia). Sent a question to a friend working there. Regards, Urs Von: Benoit Panizzon via swinog Datum: Dienstag, 30. Januar 2024 um 11:58 An: swinog@lists.swinog.ch Betreff: [swinog] Contact to Ricardo Abuse Desk or Email Admin? Hi Team Does anyone have means to contact the Ricardo Abuse Desk or Email Admin? There is a possible issue with phishing regarding the CDN provider they use. Ricardo Customer and myself have attempted to bring the issue to their attention, but cases get repeatedly closed with statements like "Ricardo customer service is not in charge of 'technical' issues" Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.imp.ch%2F=05%7C02%7Curs.bf.mueller%40sbb.ch%7C06367b4b31334ff7387308dc21824bca%7C2cda5d11f0ac46b3967daf1b2e1bd01a%7C0%7C0%7C638422090826064704%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C6%7C%7C%7C=EsPxN5DNUm0m5%2BD75BOwgRp%2FwJGX3Nu0yNXk1g9LuY4%3D=0<http://www.imp.ch/> __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Contact to Ricardo Abuse Desk or Email Admin?
Hi Team Does anyone have means to contact the Ricardo Abuse Desk or Email Admin? There is a possible issue with phishing regarding the CDN provider they use. Ricardo Customer and myself have attempted to bring the issue to their attention, but cases get repeatedly closed with statements like "Ricardo customer service is not in charge of 'technical' issues" Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Microsoft massive spam outbreak
Hi All, Honestly... if Microsoft is the Solution I'd rather keep my problem. Jokes aside... They are simply trying to play the "we are bigger than you"-game - which isn't really working. Never has. Tobias -- E = M * C^2 +/- 3db > On 23 Jan 2024, at 10:10, Marc SCHAEFER via swinog > wrote: > > Hello, > > On Mon, Jan 22, 2024 at 04:07:26PM +0100, Benoit Panizzon via swinog wrote: >> I am aware, Microsoft Office365 customer service blames this on us >> 'falsely and for no reason' blocking email from those ip addresses, and >> when presented with Evidence of what happened, they close the case with >> 'issue solved' which was never the case. > > I see, here you can see a more detailed feedback (mostly from users though): > > > https://answers.microsoft.com/en-us/outlook_com/forum/all/microsoft-outlook-365-server-blacklisted-by-spam/851d8fc4-11b9-445a-860b-1704897a02b2 > > A customer of mine was hit with his problem, and I suggested work-arounds and > to > show the customer customer's the extent of the problem. > > The obvious solution would be that everyone gets a Microsoft hosted mail > service and drops independant service providers :) > > NB: apart from the joke, it gets every day more complicated to manage an >independant SMTP provider, notably due to a very feelable concentration >of individuals, but also enterprises within one or two GAFAMs: > unfortunately >we no longer live in an Internet world where we can say "Microsoft is > irrelevant": >most universities and enterprises seem to have been lurred there. > ___ > swinog mailing list -- swinog@lists.swinog.ch > To unsubscribe send an email to swinog-le...@lists.swinog.ch > signature.asc Description: Message signed with OpenPGP ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Microsoft massive spam outbreak
Hello, On Mon, Jan 22, 2024 at 04:07:26PM +0100, Benoit Panizzon via swinog wrote: > I am aware, Microsoft Office365 customer service blames this on us > 'falsely and for no reason' blocking email from those ip addresses, and > when presented with Evidence of what happened, they close the case with > 'issue solved' which was never the case. I see, here you can see a more detailed feedback (mostly from users though): https://answers.microsoft.com/en-us/outlook_com/forum/all/microsoft-outlook-365-server-blacklisted-by-spam/851d8fc4-11b9-445a-860b-1704897a02b2 A customer of mine was hit with his problem, and I suggested work-arounds and to show the customer customer's the extent of the problem. The obvious solution would be that everyone gets a Microsoft hosted mail service and drops independant service providers :) NB: apart from the joke, it gets every day more complicated to manage an independant SMTP provider, notably due to a very feelable concentration of individuals, but also enterprises within one or two GAFAMs: unfortunately we no longer live in an Internet world where we can say "Microsoft is irrelevant": most universities and enterprises seem to have been lurred there. _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Microsoft massive spam outbreak
Hi Users of the SWINOG anti-spam blocklists. At the moment, various Microsoft IP addresses are in a similar state as this one: https://blacklist.imp.ch/entry.php?id=1.0.8.0.0.0.0.0.0.0.0.0.0.0.0.0.2.1.e.2.3.0.4.f.1.1.1.0.1.0.a.2 Unfortunately, Microsoft has confirmed to me, they use the same bunch of SMTP 'outbound' ip address for customer in similar regions. This is now affecting MSN customer and businesses using Office365. ab...@microsoft.com is /dev/null (or mailbox full, depending on their mood) as usual. I'm trying to persuade affected business Office365 customer to escalate this issue within Microsoft Switzerland Management. I also have a contact there to which I repeatedly feed those complaints, without success so far. I am aware, Microsoft Office365 customer service blames this on us 'falsely and for no reason' blocking email from those ip addresses, and when presented with Evidence of what happened, they close the case with 'issue solved' which was never the case. Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Any contact to sunrise / chello.at / libertyglobal Postmaster
Hi Benôit Please send me all the information off list and I will handle it BR Charis Charis Papadellis Head of Escalation Management Sunrise GmbH Thurgauerstrasse 101B, 8152 Glattpark (Opfikon) T: +41 58 777 55 11 | M: +41 76 777 55 11 charis.papadel...@sunrise.net www.sunrise.ch -Original Message- From: Benoît Panizzon via swinog Sent: Friday, January 12, 2024 9:06 AM To: swinog@lists.swinog.ch Subject: [swinog] Any contact to sunrise / chello.at / libertyglobal Postmaster Hi We have a case of emails reproducible disappearing to one specific sunrise recipient. The recipient is quite sure, he has not activated any filtering rule in his sunrise webmail. He requests us as the ISP of the sender, to investigate the issue 'from the source'. We see in our logs: mx0.sunrise.ch has address 213.46.255.61 is happily accepting the email with 200 OK. No late bounce can be found. Does anyone know, how to contact chello.at for such issue? I have tried the contacts registered @ RIPE for this range. They are either 'not in charge and don't know who is' or do not respond. Sunrise seems not to know how to open a case with chello for such an issue (as last time we faced such an issue). -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Any contact to sunrise / chello.at / libertyglobal Postmaster
Hi We have a case of emails reproducible disappearing to one specific sunrise recipient. The recipient is quite sure, he has not activated any filtering rule in his sunrise webmail. He requests us as the ISP of the sender, to investigate the issue 'from the source'. We see in our logs: mx0.sunrise.ch has address 213.46.255.61 is happily accepting the email with 200 OK. No late bounce can be found. Does anyone know, how to contact chello.at for such issue? I have tried the contacts registered @ RIPE for this range. They are either 'not in charge and don't know who is' or do not respond. Sunrise seems not to know how to open a case with chello for such an issue (as last time we faced such an issue). -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: BGP4nerds
Hoi, Super cool news, Fredy. Thanks for bringing it at Christmas time, and happy holidays to you and the crew of 13030! :) groet, Pim On Mon, Dec 25, 2023 at 11:39 AM Fredy Künzler via swinog < swinog@lists.swinog.ch> wrote: > While I do know that this mailing list is not intended for product > announcements, I allow myself to make an exception. > > In the past years we have been asked so many times "can you do a BGP4 > feed via Fiber7, I have my own ASN and IP space" and my answer was > always "technically we can but we need to setup a product in our ERP > system first and define the implementation process. This will take a > while...". To be honest it wasn't our highest priority, though. > > Of course we forgot meanwhile to whom we were talking and so we are > unable to contact people individually. Most people are certainly from > this community. > > Now your prayers have been answered :-) > > I'm happy to announce that we have now "BGP4nerds" available. > Requirement is a new or existing Fiber7 connection - no BBCS (Copper7) > or BBCS-F (Hybrid7) based service. > > We charge CHF 30 per month extra for the BGP service along with a one > time fee. This offering is of course strictly limited to non-commercial > use and only available to private customers. > > If you are interested please send a note to sales at init7 dot net with > the subject "BGP4nerds" and we'll send you a spec sheet with all the > details. > > Happy Christmas to everyone! > > -- > Fredy Künzler > > Init7 (Switzerland) Ltd. > Technoparkstrasse 5 > CH-8406 Winterthur > https://www.init7.net/ > https://ftth.init7.net/ > ___ > swinog mailing list -- swinog@lists.swinog.ch > To unsubscribe send an email to swinog-le...@lists.swinog.ch > -- Pim van Pelt PBVP1-RIPE - http://www.ipng.nl/ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] BGP4nerds
While I do know that this mailing list is not intended for product announcements, I allow myself to make an exception. In the past years we have been asked so many times "can you do a BGP4 feed via Fiber7, I have my own ASN and IP space" and my answer was always "technically we can but we need to setup a product in our ERP system first and define the implementation process. This will take a while...". To be honest it wasn't our highest priority, though. Of course we forgot meanwhile to whom we were talking and so we are unable to contact people individually. Most people are certainly from this community. Now your prayers have been answered :-) I'm happy to announce that we have now "BGP4nerds" available. Requirement is a new or existing Fiber7 connection - no BBCS (Copper7) or BBCS-F (Hybrid7) based service. We charge CHF 30 per month extra for the BGP service along with a one time fee. This offering is of course strictly limited to non-commercial use and only available to private customers. If you are interested please send a note to sales at init7 dot net with the subject "BGP4nerds" and we'll send you a spec sheet with all the details. Happy Christmas to everyone! -- Fredy Künzler Init7 (Switzerland) Ltd. Technoparkstrasse 5 CH-8406 Winterthur https://www.init7.net/ https://ftth.init7.net/ _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Debugging bluewin.ch emails not going through
Thanks all. Someone from Bluewin pointed this out as well. This should all be fixed soon. I appreciate the help. best, Maxim On 12/8/23 12:55, Daniel Stirnimann wrote: at least one delegation is broken: ns1.init7.net: 200-30.135.144.213.in-addr.arpa. 86400 IN NS dns.nazgul.ch. 200-30.135.144.213.in-addr.arpa. 86400 IN NS dns.swill.org. dig dns.swill.org ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16024 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 Daniel On 08.12.23 11:49, Maxim Samo via swinog wrote: Hi, I'm getting "421 EHLO temporary error - PTR lookup failed" when trying to send any email to @bluewin.ch recipients. My mailserver is mail.swill.org with proper PTR records configured though: $ dig +short -t ptr 203.200-30.135.144.213.in-addr.arpa @8.8.8.8 mail.swill.org. $ telnet 195.186.120.50 25 Trying 195.186.120.50... Connected to 195.186.120.50. Escape character is '^]'. 220 mxbw.bluewin.ch vimdzmsp-mxin03.bluewin.ch Swisscom AG ESMTP server ready ehlo mail.swill.org 421 EHLO temporary error - PTR lookup failed Is there someone from bluewin.ch here that can help me work through this? best, Maxim _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Debugging bluewin.ch emails not going through
at least one delegation is broken: ns1.init7.net: 200-30.135.144.213.in-addr.arpa. 86400 IN NSdns.nazgul.ch. 200-30.135.144.213.in-addr.arpa. 86400 IN NSdns.swill.org. dig dns.swill.org ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 16024 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 Daniel On 08.12.23 11:49, Maxim Samo via swinog wrote: Hi, I'm getting "421 EHLO temporary error - PTR lookup failed" when trying to send any email to @bluewin.ch recipients. My mailserver is mail.swill.org with proper PTR records configured though: $ dig +short -t ptr 203.200-30.135.144.213.in-addr.arpa @8.8.8.8 mail.swill.org. $ telnet 195.186.120.50 25 Trying 195.186.120.50... Connected to 195.186.120.50. Escape character is '^]'. 220 mxbw.bluewin.ch vimdzmsp-mxin03.bluewin.ch Swisscom AG ESMTP server ready ehlo mail.swill.org 421 EHLO temporary error - PTR lookup failed Is there someone from bluewin.ch here that can help me work through this? best, Maxim _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Debugging bluewin.ch emails not going through
Hi, I'm getting "421 EHLO temporary error - PTR lookup failed" when trying to send any email to @bluewin.ch recipients. My mailserver is mail.swill.org with proper PTR records configured though: $ dig +short -t ptr 203.200-30.135.144.213.in-addr.arpa @8.8.8.8 mail.swill.org. $ telnet 195.186.120.50 25 Trying 195.186.120.50... Connected to 195.186.120.50. Escape character is '^]'. 220 mxbw.bluewin.ch vimdzmsp-mxin03.bluewin.ch Swisscom AG ESMTP server ready ehlo mail.swill.org 421 EHLO temporary error - PTR lookup failed Is there someone from bluewin.ch here that can help me work through this? best, Maxim _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Contacts and Experts for Security Incidents
Hi Michael I think before you choose an external partner you have to figure out what you want and need. Typically this done by 1. Identify your prime assets 2. Identify the risks 3. Build up a plan for proactive measures: Try to build resilient systems, not "unhackable" ones 4. Create visibility: Most breaches are not discovered by the organization, but by external enteties. 5. Have people ready that can react. A CSIRT (computer Security Incident response team) does not need to be huge. It can even be virtual, i.e. comprised of people that have other regular jobs, but can dedicate time during a crisis. 6. The look for external resources: You need more than a name, you need a relationship. This means talking to people and see if it is a fit. As was mentioned there are several commercial providers in Switzerland, but you need one that shares your vision. Consider running your own team with a backup plan, and have a look at www.first.org. Best Serge On 23.11.23 13:19, Michael Righter via swinog wrote: Hi We are creating an emergency handbook if we would have a critical security incident. Is there someone who can suggest a company which can help to find how the guys hacked the infrastructure and how to fix it? I hope we never have to use it, but be prepared is better Thanks Michael _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Contacts and Experts for Security Incidents
Hello Michael It also depends on the size of your infrastructure and wallet. Infoguard comes in to my mind. Regards, Urs Von: Michael Righter via swinog Datum: Donnerstag, 23. November 2023 um 13:20 An: swinog@lists.swinog.ch Betreff: [swinog] Contacts and Experts for Security Incidents Hi We are creating an emergency handbook if we would have a critical security incident. Is there someone who can suggest a company which can help to find how the guys hacked the infrastructure and how to fix it? I hope we never have to use it, but be prepared is better Thanks Michael ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Contacts and Experts for Security Incidents
Hi Michael There are a few, one that comes to mind right now is Compass Security. Stefan Am 23.11.2023 um 13:19 schrieb Michael Righter via swinog: Hi We are creating an emergency handbook if we would have a critical security incident. Is there someone who can suggest a company which can help to find how the guys hacked the infrastructure and how to fix it? I hope we never have to use it, but be prepared is better Thanks Michael ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Contacts and Experts for Security Incidents
Hi We are creating an emergency handbook if we would have a critical security incident. Is there someone who can suggest a company which can help to find how the guys hacked the infrastructure and how to fix it? I hope we never have to use it, but be prepared is better Thanks Michael___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Mails from Proton to Outlook land in spam
Hi Mat Probably top-level .xyz is a bad choice. At least in the past, those domains was source of only spam, so we decided at some point to block all of .xyz domains (sure not best practice, but since we only filter for ourself and know our customers, we never had any customer using .xyz domain). So, probably Microsoft give .xyz pre-score which is bad and if something else is bad, then your mail will end up in spam filter as well. Just an idea. Kind Regards Patrick Studer > Am 06.11.2023 um 10:15 schrieb sygon--- via swinog : > > You could try some of the options listed here for troubleshooting: > https://learn.microsoft.com/en-us/exchange/troubleshoot/email-delivery/email-delivery-issues > > <https://learn.microsoft.com/en-us/exchange/troubleshoot/email-delivery/email-delivery-issues> > > Best, > Attila > > On Thu, Nov 2, 2023 at 4:37 PM Mat Kowalski via swinog - swinog at > lists.swinog.ch <http://lists.swinog.ch/> > <mailto:swinog_at_lists_swinog_ch_tpveug...@simplelogin.co>> wrote: > And I realized it's silly to hide domains, so here it goes > > * sender domain - kowalski.xyz <http://kowalski.xyz/> > * recipient domain where the problem was first observed - amag.ch > <http://amag.ch/> > * my 2nd domain which reproduces the problem - microsoft365.kowalski.xyz > <http://microsoft365.kowalski.xyz/> > > Cheers! > > On 02/11/2023 16:17, Mat Kowalski wrote: > > Hi all, > > > > I wonder if someone could point me in a correct direction for debugging > > mails between Proton and Outlook landing in spam... What happens is > > > > * my domain XXX plugged to mail.protonmail.ch <http://mail.protonmail.ch/>. > > * my 2nd domain YYY plugged to mail.protection.outlook.com > > <http://mail.protection.outlook.com/>. > > * every mail sent from Proton to Outlook lands in spam > > * headers as seen by Outlook indicate SCL score 5 > > > > The content I use for the test is not anything synthetic but a real > > message. In the headers I can also see that the "basic configuration" is > > correct, i.e. > > > > * SPF passed > > * DKIM passed > > * DMARC passed > > > > so this gives no useful information sadly. Maybe someone here has > > experience with debugging Microsoft? The issue is that this makes my > > private mailbox unusable as whoever out there uses Outlook as their mail > > service is not getting my emails. Quite sick... > > > > Thanks a lot for any help, > > Mateusz > > _______ > swinog mailing list -- swinog@lists.swinog.ch <mailto:swinog@lists.swinog.ch> > To unsubscribe send an email to swinog-le...@lists.swinog.ch > <mailto:swinog-le...@lists.swinog.ch> > > ___ > swinog mailing list -- swinog@lists.swinog.ch > To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Mails from Proton to Outlook land in spam
You could try some of the options listed here for troubleshooting: https://learn.microsoft.com/en-us/exchange/troubleshoot/email-delivery/email-delivery-issues Best, Attila On Thu, Nov 2, 2023 at 4:37 PM Mat Kowalski via swinog - swinog at lists.swinog.ch wrote: > And I realized it's silly to hide domains, so here it goes > > * sender domain - kowalski.xyz > * recipient domain where the problem was first observed - amag.ch > * my 2nd domain which reproduces the problem - microsoft365.kowalski.xyz > > Cheers! > > On 02/11/2023 16:17, Mat Kowalski wrote: > > Hi all, > > > > I wonder if someone could point me in a correct direction for debugging > mails between Proton and Outlook landing in spam... What happens is > > > > * my domain XXX plugged to mail.protonmail.ch. > > * my 2nd domain YYY plugged to mail.protection.outlook.com. > > * every mail sent from Proton to Outlook lands in spam > > * headers as seen by Outlook indicate SCL score 5 > > > > The content I use for the test is not anything synthetic but a real > message. In the headers I can also see that the "basic configuration" is > correct, i.e. > > > > * SPF passed > > * DKIM passed > > * DMARC passed > > > > so this gives no useful information sadly. Maybe someone here has > experience with debugging Microsoft? The issue is that this makes my > private mailbox unusable as whoever out there uses Outlook as their mail > service is not getting my emails. Quite sick... > > > > Thanks a lot for any help, > > Mateusz > > ___ > swinog mailing list -- swinog@lists.swinog.ch > To unsubscribe send an email to swinog-le...@lists.swinog.ch > > ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Mails from Proton to Outlook land in spam
And I realized it's silly to hide domains, so here it goes * sender domain - kowalski.xyz * recipient domain where the problem was first observed - amag.ch * my 2nd domain which reproduces the problem - microsoft365.kowalski.xyz Cheers! On 02/11/2023 16:17, Mat Kowalski wrote: > Hi all, > > I wonder if someone could point me in a correct direction for debugging mails > between Proton and Outlook landing in spam... What happens is > > * my domain XXX plugged to mail.protonmail.ch. > * my 2nd domain YYY plugged to mail.protection.outlook.com. > * every mail sent from Proton to Outlook lands in spam > * headers as seen by Outlook indicate SCL score 5 > > The content I use for the test is not anything synthetic but a real message. > In the headers I can also see that the "basic configuration" is correct, i.e. > > * SPF passed > * DKIM passed > * DMARC passed > > so this gives no useful information sadly. Maybe someone here has experience > with debugging Microsoft? The issue is that this makes my private mailbox > unusable as whoever out there uses Outlook as their mail service is not > getting my emails. Quite sick... > > Thanks a lot for any help, > Mateusz ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Mails from Proton to Outlook land in spam
Have you tired talking to supp...@proton.me? They are usually quite responsive. If that doesn't work DM me. Best Serge On 02.11.23 16:17, Mat Kowalski via swinog wrote: Hi all, I wonder if someone could point me in a correct direction for debugging mails between Proton and Outlook landing in spam... What happens is * my domain XXX plugged to mail.protonmail.ch. * my 2nd domain YYY plugged to mail.protection.outlook.com. * every mail sent from Proton to Outlook lands in spam * headers as seen by Outlook indicate SCL score 5 The content I use for the test is not anything synthetic but a real message. In the headers I can also see that the "basic configuration" is correct, i.e. * SPF passed * DKIM passed * DMARC passed so this gives no useful information sadly. Maybe someone here has experience with debugging Microsoft? The issue is that this makes my private mailbox unusable as whoever out there uses Outlook as their mail service is not getting my emails. Quite sick... Thanks a lot for any help, Mateusz _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch -- Dr. Serge Droz Member, FIRST Board of Directors https://www.first.org _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Mails from Proton to Outlook land in spam
Hi all, I wonder if someone could point me in a correct direction for debugging mails between Proton and Outlook landing in spam... What happens is * my domain XXX plugged to mail.protonmail.ch. * my 2nd domain YYY plugged to mail.protection.outlook.com. * every mail sent from Proton to Outlook lands in spam * headers as seen by Outlook indicate SCL score 5 The content I use for the test is not anything synthetic but a real message. In the headers I can also see that the "basic configuration" is correct, i.e. * SPF passed * DKIM passed * DMARC passed so this gives no useful information sadly. Maybe someone here has experience with debugging Microsoft? The issue is that this makes my private mailbox unusable as whoever out there uses Outlook as their mail service is not getting my emails. Quite sick... Thanks a lot for any help, Mateusz _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] ip-plus.net SPF Policy invalid
Hoi zäme One of our customers includes the SPF-Policy of ip-plus.net in his domain. Through this (and our monitoring of it), we noticed a problem that popped up this morning. If someone at ip-plus.net / Swisscom could have a look into it, that would be great. ➜ ~ dig +short TXT ip-plus.net | grep spf "v=spf1 ip4:193.222.75.178 ip4:212.243.7.144/29 ip4:194.209.127.144/29 ip4:212.243.190.136/29 ip4:164.128.36.0/24 ip4:164.128.36.32 ip4:195.65.89.0/24 ip4:164.128.223.0/24 ip4:217.192.233.192/29 " "a:mailout.ip-plus.net ip4:138.190.0.0/16 ip4:193.222.81.96/27 ip4:212.243.177.176/29 ip4:138.188.166.0/24 ip4:138.188.176.0/24 ip4:212.243.37.66" "ip4:212.243.96.74 ip4:164.128.243.19 mx -all" The problematic part is the missing space before the second-last "ip4:" block (after 212.243.37.66). Error message the SPF validator throws is: SPF Permanent Error: Invalid IP4 address: ip4:212.243.37.66ip4:212.243.96.74 Best wishes, Mario_______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Operational announcement: transition from NSEC3 to NSEC in the CH/LI zone
Hi list, We plan a DNSSEC signing change for the ch. and li. zone files. Introduction: Both NSEC and NSEC3 are mechanisms that provide signed DNS records as proof of non-existence for a given name or associated Resource Record Type in a DNSSEC signed zone. While they serve the same primary purpose, NSEC3 offers added features, such as not directly disclosing bounding domain name pairs and providing "opt-out support." This latter feature allows large registries to cover blocks of unsigned delegations with a single NSEC3 record, thereby only signing as many NSEC3 records as there are signed DS or other RRsets in the zone. Recent trends and developments: Since 2021, there's been a notable increase in the percentage of domain names with DNSSEC for .ch, jumping from 6% to 49% [1]. Additionally, the TLD zone files for both .ch and .li have been made publicly accessible for download in recent years [2]. These developments have rendered the argument for using NSEC3 with opt-out less compelling. Our action plan: SWITCH is set to transition from NSEC3 (utilizing opt-out) to NSEC for both the .ch and .li TLD zones. Given the high percentage of domain names already employing DNSSEC, this shift will result in only a modest increase in the size of the zone files. Importantly, transitioning to NSEC offers several benefits [3]: * Enhanced performance and reduced latency * Decreased resource utilization on both authoritative and recursive servers * Potential bolstering of resilience against specific types of DoS attacks Scheduled transition dates: .li: 10th November 2023, 8 am CET .ch: 10th November 2023, 10 am CET Impact assessment: We expect no operational impacts for end users. However, we value feedback and observations. If you have concerns or notice any anomalies related to this transition, please don't hesitate to contact us. [1] https://www.nic.ch/statistics/dnssec/ [2] https://zonedata.switch.ch/ [3] https://datatracker.ietf.org/doc/html/rfc8198 -- Daniel Stirnimann, SWITCH-CERT Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 15, direct +41 44 268 16 24 https://switch.ch https://swit.ch/linkedin https://swit.ch/twitter _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Rack Cooling getting trashed?
Hi There I’m looking for a ventilator / aka rack cooler. If someone is about to trash it, please let me know :) I’m willing to compensate in Beer, etc. :) [cid:f10ef73e-36c2-417c-bc2f-9aae0fcfc9d3@eurprd03.prod.outlook.com] greetings -steven ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] attn: ip-plus postmaster regarding issue on: mail.swisscom.com
Hi List Trying that way. Could the ip-plus postmaster contact me off-list please: Regarding emails to Swisscom employees reproducible disappearing after being successfully received on: mail.swisscom.com. [138.188.176.225] Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] DENOG15 in Berlin (Workshop registration open)
Hallo SWINOG! = Deutsch Das jährliche DENOG Event (DENOG15) wird dieses Jahr im Estrel Congress Center (Sonnenallee 225, 12057 Berlin) stattfinden.Wie jedes Jahr möchten wir selbstverständlich auch alle Freunde, Bekannten und Kollegen aus der SWINOG Region dazu einladen! Wer an den Workshops teilnehmen möchte, sollte jetzt die Möglichkeit benutzen und den Ticketkauf mit entsprechenden Reservierungen verbinden. Die Workshops sind immer recht schnell ausgebucht und der reguläre Ticketverkauf endet in weniger als 2 Wochen, am 28. Oktober 2023. https://www.denog.de/de/meetings/denog15/workshop_registration.html https://www.denog.de/de/meetings/denog15/tickets.html Wir freuen uns euch in Berlin! = English DENOG15 (19.-21.11.2023) in Berlin will be held in the Estrel Congress Center (Sonnenallee 225, 12057 Berlin). We are excited about DENOG15 in November and look forward to seeing you all again. The agenda is fixed now, and we already opened workshop registrations. Since there is limited space for all workshops, please register now to have a spot! https://www.denog.de/de/meetings/denog15/workshop_registration.html Ticket sales end on October 28th. If you haven't ordered your ticket until now, please do so at: https://www.denog.de/de/meetings/denog15/tickets.html Für die DENOG Event Orga, Stefan ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Free places in DNSSEC/DANE training 19./20. October in Zurich and 30./31. October in Lausanne
Dear Swinog We are pleased to invite you to join the DNSSEC/DANE training organised by SWITCH. We offer two options: Training in Zürich 19 Oct 2023 - 20 Oct 2023 Training in Lausanne 30 Oct 2023 - 31 Oct 2023 The DNSSEC/DANE training is targeted at registrars, hosters and email providers, but might be also valuable for those who want to improve their DNS and email security. The participation is free for Swinog members. More information and registration can be found at: https://www.switch.ch/security/DNSSEC_2023/ In case of question, do not hesitate to contact petra.raszk...@switch.ch. Best regards Michael Michael Hausding, Competence Lead DNS & Domain Abuse SWITCH-CERT Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 77, incident phone +41 44 268 15 40 michael.hausd...@switch.ch http://securityblog.switch.ch signature.asc Description: Message signed with OpenPGP ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Invitation for the Swiss Web Security Day on 17 October in Bern
Dear Swinog list As every year, SWITCH, SISA - the Swiss Internet Security Alliance and SWICO have teamed up for the Swiss Web Security Day in Bern. We bring you inspiring insights, best practices, and meaningful discussions on current issues on security, technical, legal and regulatory issues. Be part of it and meet your peers in Bern! More information and registration: https://swsd2023.events.switch.ch/ <https://swsd2023.events.switch.ch/> Hope to see some of you in Bern Best regards Michael Michael Hausding, Competence Lead DNS & Domain Abuse SWITCH-CERT Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 77, incident phone +41 44 268 15 40 michael.hausd...@switch.ch <mailto:michael.hausd...@switch.ch> http://securityblog.switch.ch <http://securityblog.switch.ch/> signature.asc Description: Message signed with OpenPGP _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Email Outage @ NZZ?
Hi List *sigh*... May I ask for help again? 13.111.14.63 not in iptables, so it looks like Fail2Ban is not the culprit this time. Since 24.9.2023 23:00 no connections in our log nor hostname mta.email.nzz.ch connecting. Two Customer complaining that NZZ has sent a newsletter this morning which they did not get. Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: sg.ch down?
Sofern ich sehe, funktioniert es jetzt. LG, Attila On Thu, Sep 7, 2023 at 9:30 AM manfred.flueck--- via swinog - swinog at lists.swinog.ch wrote: > Hello all > > sg.ch is down since yesterday afternoon. Any information on this? > > regards > Manfred > > _______ > swinog mailing list -- swinog@lists.swinog.ch > To unsubscribe send an email to swinog-le...@lists.swinog.ch > ___________ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] sg.ch down?
Hello all sg.ch is down since yesterday afternoon. Any information on this? regards Manfred ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Email Outage @ NZZ?
Hi Thanks for the help. Issue found. I hate Fail2ban! -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Email Outage @ NZZ?
Hi Benoît, All I see from @bounce.email.nzz.ch comes from mta.email.nzz.ch [13.111.14.63]. Interestingly, I see a lot of temp rejects in our logs on 17. August (between 16:40 and 19:26) from that domain and IP because we were not able to resolve the domain. Mails are still coming up to today at the same rate as earlier. Hope this helps. Best regards, Laurent On 01.09.23 10:30, Benoît Panizzon via swinog wrote: > Hi > > According to NZZ we are rejecting all emails with sender domain > @bounce.email.nzz.ch with "Receiving email server is temporarily > overwhelmed with delivery attempts, from you and other > senders". Unfortunately their feedback is very vague, no logs or > exact times of issue from their side. > > I can't find any such emails in our log, but I see some are SRS > forwarded from bluewin, VTX, Hostpoint etc. and do reach us. > Unfortunately I have no access (without customer permission) to the > content and therefore can not glimpse at the email headers to find the > true origin. > > Could somebody do me a favour: From which IP Address do you see emails > with envelope domain @bounce.email.nzz.ch being delivered? > > It used to be salesforce: 13.111.14.63 until 17. August, but I fear > this changed, which causes the issue, as I have seen at least one email > delivered with this domain, failing SPF from an IP belonging to Liberty > Global Austria if this was not some broken forwarding attempt. > > -- > Mit freundlichen Grüssen > > -Benoît Panizzon- @ HomeOffice und normal erreichbar > -- > I m p r o W a r e A G-Leiter Commerce Kunden > __ > > Zurlindenstrasse 29 Tel +41 61 826 93 00 > CH-4133 PrattelnFax +41 61 826 93 01 > Schweiz Web http://www.imp.ch > ______ > _______ > swinog mailing list -- swinog@lists.swinog.ch > To unsubscribe send an email to swinog-le...@lists.swinog.ch ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Email Outage @ NZZ?
Hi Benoît We still get lots of mail via 13.111.14.63 from this domain. Did not see any other IP in the last days. Regaards Matthias On 01/09/2023 10:30, Benoît Panizzon via swinog wrote: Hi According to NZZ we are rejecting all emails with sender domain @bounce.email.nzz.ch with "Receiving email server is temporarily overwhelmed with delivery attempts, from you and other senders". Unfortunately their feedback is very vague, no logs or exact times of issue from their side. I can't find any such emails in our log, but I see some are SRS forwarded from bluewin, VTX, Hostpoint etc. and do reach us. Unfortunately I have no access (without customer permission) to the content and therefore can not glimpse at the email headers to find the true origin. Could somebody do me a favour: From which IP Address do you see emails with envelope domain @bounce.email.nzz.ch being delivered? It used to be salesforce: 13.111.14.63 until 17. August, but I fear this changed, which causes the issue, as I have seen at least one email delivered with this domain, failing SPF from an IP belonging to Liberty Global Austria if this was not some broken forwarding attempt. -- Matthias Cramer / mc322-ripe Senior Network & Security Engineer iway AGPhone +41 43 500 Badenerstrasse 569 Fax +41 44 271 3535 CH-8048 Zurichhttp://www.iway.ch/ GnuPG 1024D/2D208250 = DBC6 65B6 7083 1029 781E 3959 B62F DF1C 2D20 8250 _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Email Outage @ NZZ?
Hi According to NZZ we are rejecting all emails with sender domain @bounce.email.nzz.ch with "Receiving email server is temporarily overwhelmed with delivery attempts, from you and other senders". Unfortunately their feedback is very vague, no logs or exact times of issue from their side. I can't find any such emails in our log, but I see some are SRS forwarded from bluewin, VTX, Hostpoint etc. and do reach us. Unfortunately I have no access (without customer permission) to the content and therefore can not glimpse at the email headers to find the true origin. Could somebody do me a favour: From which IP Address do you see emails with envelope domain @bounce.email.nzz.ch being delivered? It used to be salesforce: 13.111.14.63 until 17. August, but I fear this changed, which causes the issue, as I have seen at least one email delivered with this domain, failing SPF from an IP belonging to Liberty Global Austria if this was not some broken forwarding attempt. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Email Outage @ NZZ?
Hi List Anyone from NZZ on this list? It looks like we have a couple of customers complaining not receiving emails from NZZ since almost 14 days and sender not getting any bounces. What I suspect when looking at the logs is an outage at SalesForce aka mta.email.nzz.ch[13.111.14.63] from which I don't see any connections anymore in the last couple of days. Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] srf.ch IPv6 Geo Location issue
Anyone around from srf.ch who could help to debug a GeoIP issue? https://www.srf.ch/play/tv/hilfe/geoblock says "please contact your internet provider". Well, yes, done that ;-) - it was not a customer complaint. I observed it myself. Quick analysis shows that GeoIP information database of SRF has an issue with at least one IPv6 allocation of Init7. -- Fredy Künzler Init7 (Switzerland) Ltd. Technoparkstrasse 5 CH-8406 Winterthur https://www.init7.net/ _______ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] IANA AS Numbers Registry Update
Hi, The IANA AS Numbers registry has been updated to reflect the allocation of the following blocks to the RIPE NCC: 213404-214427 Assigned by RIPE NCC 2023-08-10 214428-215451 Assigned by RIPE NCC 2023-08-10 215452-216475 Assigned by RIPE NCC 2023-08-10 You can find the registry at: https://www.iana.org/assignments/as-numbers/ The allocation was made in accordance with the Policy for Allocation of ASN Blocks to Regional Internet Registries: https://www.icann.org/resources/pages/global-policy-asn-blocks-2010-09-21-en Best regards, David Dong IANA Services Sr. Specialist ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Fwd: [nog-org] Events galore : Climate/Sustainability, FLOSS, IoT/Security, protests & rebellions...
fyi other NOG events in europe gruss -steven Anfang der weitergeleiteten Nachricht: Von: Vesna Manojlovic Datum: 8. August 2023 um 10:05:20 MESZ An: nog-...@ripe.net Betreff: [nog-org] Events galore : Climate/Sustainability, FLOSS, IoT/Security, protests & rebellions... Hi, since you guys are events organisers, maybe you are interested in the events from other communities, so you can share them with your local groups... Some of these are more relevant to your (tech) interests than others, but you might be surpised with what your community is looking for.. Share & Enjoy, Vesna == “Internet Without Borders” conference & hackathon August 11-13th, 2023, Amsterdam https://internetborders.net === RIPE87 in Rome: 27.11 - 1.12. https://ripe87.ripe.net/ Submit a talk: https://ripe87.ripe.net/cfp/ Get a travel grant: https://www.ripe.net/fellowship Academic cooperation: https://www.ripe.net/raci *The application deadline is Tuesday, 11 September 2023.* === Global Climate Strike 15-17. September https://fridaysforfutureusa.org/sept-15/ === "All Systems Go" (foundational user-space Linux technologies) 13-14th September, Berlin https://all-systems-go.io === Open Source Summit Europe 19-21 September 2023, Bilbao, Spain https://events.linuxfoundation.org/open-source-summit-europe/ === Next Generation Internet (NGI) Forum: Unlocking the power of Digital Commons 15-16 November, Brussels (Belgium) https://www.ngi.eu/event/ngi-forum-2023/ === OpenForum Academy Symposium 2023, 28 November in Berlin. https://symposium.openforumeurope.org The OpenForum Academy, Carnegie Mellon University, FGV Direito Rio, Keio University, TU Berlin and the United Nations University Centre for Policy Research are proud to announce the programme for the OpenForum.. ... insight into the state of art of Open Source today: Open Source Communities and Cooperatives Legal implications from Open Source Open Source and AI Measuring Open Source ... & not limited to the academic public. === Chaos Communication Camp 15.-19.08.2023, Ziegeleipark Mildenberg, Zehdenick, Germany https://events.ccc.de/camp/2023/infos/ === BalCCon2k23 - Balkan Computer Congress 08-10 September in Novi Sad, Serbia https://2k23.balccon.org/ === The Things Conference 21-22 September 2023, Amsterdam https://www.thethingsconference.com "event about LoRaWAN® and Low Power Internet of Things. Join 1500+ top IoT professionals, 70+ leading industry players, learn from 90+ curated keynotes and 20+ workshops, learn about the latest developments in the LPWAN market and become a LoRaWAN expert. " === The 9th IEEE World Forum on Internet of Things 12-27 OCTOBER 2023, Aveiro, Portugal THE BLUE PLANET: A MARRIAGE OF SEA AND SPACE https://www.ngi.eu/event/the-9th-ieee-world-forum-on-the-internet-of-things-iot-october-12-27-2023/ === IETF 118, 4-10 November, Prague https://www.ietf.org/how/meetings/118/ === September 1-4, 2023, Freedom Not Fear, Brussels, https://freedomnotfear.org 14-16 Sep 2023 - 6th Foundational Economy Conference in Vienna: https://www.tuwien.at/ar/ifip/fec23 14-16 September, Portugal https://www.digitalrights.community/blog/announcing-team-communitys-global-gathering 14 September 2023: 10th World Sustainability Forum (WSF2023) https://wsf-10.sciforum.net/?utm_source=sustainability_foundation_medium=email_campaign=emerging_leader === 12-15 October 2023, Milano: World Congress for Climate Justice (the call drafted by Belgian, Italian and German activists this summer in Berlin https://ilmanifesto.it/lettere/per-il-congresso-mondiale-per-la-giustizia-climatica-milano-ottobre-2023 // http://www.wccj.online/en/call/ === 16-18. October --> Rome -> https://climateweek.thepeopleevents.com/ === 23-28. October in Graz (Austria) at esc medien kunst labor: Techno-disobedience : i...@esc.mur.at + "first-aid kit", = "care repair kits" ; deadline Thursday 31st of August 2023. https://constantvzw.org/wefts/orientationspourcollaboration.en.html === Climate Garden / Philosophical Café: Meaning and purpose in a post-materialist society? Sunday, August 13, 2023 at 1:00 PM CET Amsterdam, De KasKantine, Handbalstraat 1 == 5 September: Reading Group: https://www.criticalinfralab.net/2023/06/05/environment-reading-group/ === XR, A12 Blockade, The Hague 9 September, https://a12blokkade.nl === For more events, follow: - https://wiki.techinc.nl/User:Becha/events2023 - https://www.ripe.net/participate/meetings/calendar) - https://nsrc.net/calendar - https://pch.net/calendar - https://foss.events/ - https://radar.squat.net - https://events.rebellion.global -- Senior Community Builder, RIPE NCC https://labs.ripe.net/author/becha/ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Call for Presentations EPF 2023, Prage, Czech Republic // SwiNOG
Dear all, Since we strive to get the best program for every EPF, we have decided to extend the submission deadline to 2023-08-13. On behalf of the EPF Program Committee Warm Regards, AMS-IX, DE-CIX, LINX and NETNOD On 23.04.2023 17:20, Arnold Nipper wrote: Dear all, this is the Call for Presentations for the European Peering Forum 2023. AMS-IX, DE-CIX, LINX, NETNOD and guest IXP NIX.CZ, are happy to host the European Peering Forum (EPF) 2023 from Sunday the 10th to Wednesday 13th September 2023 in Prague, Czech Republic. The event will welcome peering managers and coordinators from networks connected to the host and guest Internet exchanges. Besides some interesting topical agenda, the three-day event accommodates room for attendees to meet on a one-to-one basis to discuss bilateral peering business opportunities. The programme committee will be looking for presentations and related to peering and technical topics of interconnection. Your presentation should address: * Interconnection Automation * Regional Peering * Interconnection / Peering Internet Governance and Regulatory Topics * Economic and Product Trends * Peering / Interconnection strategies * Interesting findings about Peering / Interconnection * 400GE and beyond * Any other hot topic related to Interconnection / Peering Submissions === Presentations must be of a non-commercial nature. Product or marketing heavy talks are strongly discouraged. Submissions of presentations should be made to the programme committee . Please include: * Author's name and e-mail address * Presentation title * Abstract * Slides (if available) * Time requested (max. 30 minutes incl. Q) Deadlines = Please send in your presentation asap. We decide on a first come first serve basis. The latest date for submission is July 30th, 2023. More information about the event and other activities around EPF16 may be found at * https://peering-forum.eu/2023/ * https://www.facebook.com/groups/1486607564933665/ On behalf of EPF, Best regards, AMS-IX, DE-CIX, LINX and NETNOD -- Keep calm, keep distance, keep connected! Arnold Nipper email: arn...@nipper.de mobile: +49 172 2650958 OpenPGP_signature Description: OpenPGP digital signature ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Spamfilter Solution
Hi Can anyone recommend a spamfilter solution: - Cloud hosted (multihomed and HA) - multiple domains - user can release their spam mails - Advanced threat protection - API for different taks - Good Web UI for Logs and configuration We already have one, but the support is not that good anymore, and their blacklisting score is a blackbox... Thanks and cheers Michael___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Switzerlandwide Internet problem
Die Suche nach talentierten Programmierern kann eine Herausforderung sein. Erfahren Sie, wie Sie qualifizierte Programmierer finden und einstellen können, die perfekt zu Ihren Anforderungen passen. Entdecken Sie bewährte Methoden, um Ihre Rekrutierungsstrategie zu verbessern und Kandidaten effektiv zu bewerten. Gehen Sie auf die wichtigsten Faktoren ein, die bei der Programmierer-Suche zu berücksichtigen sind, und erfahren Sie, wie Sie Ihr Team mit den besten Talenten auf dem Markt stärken können. https://mobilunity.ch/blog/programmierer-finden/ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: IPv6, Gateway settings in datacenter/server
Trust Cybersecurity Dubai to provide reliable and effective online security services that keep your business safe from any threats. https://cybersecuritydubai.ae/ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: SwiNOG#38 > All presentations and Videos are online!
Hallo zusammen, Lass mich euch bitte für den absolut grossartigen Anlass gratulieren. Die Vorträge waren interessant und unterhaltsam und als kleines Zückerchen nun auch auf Youtube. Besten dank und ich freue mich auf unser nächsten Event im November. Gruss und Danke Miguel ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] SwiNOG#38 > All presentations and Videos are online!
Hi everyone We've worked night and day to bring you this: All SwiNOG #38 Videos and presentations are online! Either on the website: https://www.swinog.ch/meetings/swinog38/ Or just watch the youtube playlist: https://www.youtube.com/playlist?list=PLMP2Spqss4IoHeTwSBLwdVpvkDe1bgg2V [https://i.ytimg.com/vi/YxVfTn7hCVM/hqdefault.jpg?sqp=-oaymwEWCKgBEF5IWvKriqkDCQgBFQAAiEIYAQ===AOn4CLCV7fBgFWbZ5PK7NQOhWfNXa05EGA_since_epoch=19531]<https://www.youtube.com/playlist?list=PLMP2Spqss4IoHeTwSBLwdVpvkDe1bgg2V> SwiNOG #38<https://www.youtube.com/playlist?list=PLMP2Spqss4IoHeTwSBLwdVpvkDe1bgg2V> All published videos from SwiNOG#38 Meeting 21.06.2023 in Berne www.youtube.com greetings -steven ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] A simple BGP community setup for blackholing
The DDoS 'o the day reminded to put this setup in a blog post, anyone not having a BGP community processing for blackholing is welcome to read it: https://straussaudio.ch/ Regards. ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] swisscom network issue
Hello, someone from swisscom may contact me offlist please ? many of our customers are unable to reach the swisscom network, and most of our customers using swisscom are unable to reach their infrastructure this issue started yesterday . thanks in advance Philippe from SwissCenter ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Fwd: [PDB Announce] Your input sought on PeeringDB's Network Type field
Please have your say ... it only takes five minutes TIA and see you next week Arnold Weitergeleitete Nachricht Betreff:[PDB Announce] Your input sought on PeeringDB's Network Type field Datum: Wed, 14 Jun 2023 09:08:43 -0700 Von:Leo Vegoda An: pdb-annou...@lists.peeringdb.com Hi, PeeringDB's Product Committee wants your input on whether the Network Type field is useful. Should it go? Should it change? We have published a very short blog post describing the options and linking to the survey. https://docs.peeringdb.com/blog/network_type_your_input_sought/ <https://docs.peeringdb.com/blog/network_type_your_input_sought/> Your input will influence our decision. Thanks, Leo Vegoda PeeringDB Product Manager -- Keep calm, keep distance, keep connected! Arnold Nipper email: arn...@nipper.de mobile: +49 172 2650958 ___ Pdb-announce mailing list pdb-annou...@lists.peeringdb.com https://lists.peeringdb.com/cgi-bin/mailman/listinfo/pdb-announce OpenPGP_signature Description: OpenPGP digital signature ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Sicherheit von SS7 - mit Schweiz-Bezug
Inside-IT did an interview with Andreas Fink (German). He considers himself as the scapegoat for the large security issue SS7 has, and that many mobile operators don't give enough attention to necessary security measures.https://www.inside-it.ch/der-basler-mit-dem-globalen-spionageservice-20230609--Fredy KünzlerInit7 (Switzerland) Ltd.Technoparkstrasse 5CH-8406 Winterthurhttps://www.init7.net/Am 11.05.2023 um 10:18 schrieb Fredy Kuenzler :A similar article has been published by several newspapers of the TX group (german, paywall).Please note that Andreas Fink is a long term and valued member of our SwiNOG community and probably the person with the most SS7 knowledge. I suppose he is subscribed to this mailing list.Weltweite Angriffe auf Telecominfrastruktur – Schweizer ETH-Ingenieur beliefert die Spionage-Industrietagesanzeiger.ch--Fredy KünzlerInit7 (Switzerland) Ltd.Technoparkstrasse 5CH-8406 Winterthurhttps://www.init7.net/Am 11.05.2023 um 09:56 schrieb Matthias Leisi via swinog : (Resend von der richtigen Absender-Adresse)https://www.haaretz.com/israel-news/security-aviation/2023-05-10/ty-article-magazine/.premium/global-surveillance-the-secretive-swiss-dealer-enabling-israeli-spy-firms/0188-0005-dc7e-a3fe-22cdf290The Secretive Swiss Dealer Enabling Israeli Spy Firms(…)It leads from the Americas to Africa to South-East Asia, but also to Basel, a mediaeval town on the banks of the Rhine and the unassuming home of Andreas Fink, a Swiss telecom expert whose unusual skills have placed him at the centre of this industry.(…)reveal how Fink's systems have served as a conduit for probing and attacking phone networks across the globe(…)When contacted by this investigation, Fink admitted to working with companies and “legally entitled government agencies” as a provider of surveillance services.(…)Fink's request to Robert was for "SS7 access" and "a bunch of global titles". In other words, he wanted a list of phone numbers, belonging to Robert's phone company, which could be used to send queries to other networks in other countries. (…)-- Matthias LeisiKatzenrütistrasse 68, 8153 RümlangMobile +41 79 377 04 43matth...@leisi.net___swinog mailing list -- swinog@lists.swinog.chTo unsubscribe send an email to swinog-le...@lists.swinog.ch___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swiss Domain Security Report Q3 2022
On 08 Jun 2023 Jonas Meier via swinog wrote: > maybe there is an option to remove the signature. If anyone has > experience with mailman3 and dkim, please write to me directly. You can set `remove_dkim_headers: yes` in mailman.cfg [1] (Sending this to the list, as this may be relevant for more people on here). Regards Sebastian [1]: https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/config/docs/config.html#remove-dkim-headers ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Swiss Domain Security Report Q3 2022
Noting you do part of this already. But. note this nasty effect: --- From: Jonas Meier via swinog Reply-To: Jonas Meier --- Now add that to people having "automatically add recipient to addressbook" and when one wants to send an email to Jonas... it autocompletes to the public list ;) Mailman3 does not do the @via trick yet unfortunately; hence why folks use custom remailers quite often :) Greets, Jeroen > On 8 Jun 2023, at 12:06, Jeroen Massar wrote: > > > >> On 8 Jun 2023, at 11:47, Jonas Meier via swinog >> wrote: >> >> Hi Franco, Dear List >> >> Thank you for your feedback. >> >> 1) I configured mailman3 [1] dmarc_mitigate_action to "munge_from" (to >> replace the from header) and dmarc_mitigate_unconditionally to true. My >> thought was that this would mean that there can no longer be a dmarc policy >> which sets dkim to strict. This way, an invalid dkim signature would no >> longer be such a big problem. But I was probably wrong. I don't want to set >> up the mails to be re-signed overnight, maybe there is an option to remove >> the signature. If anyone has experience with mailman3 and dkim, please write >> to me directly. > > The only real solution is effectively to do SRS aka "From Rewriting" to be > able to decently send emails through a mailinglist and have them not land up > in spam/junk... > > The list has to remove the Original "From" and replace it with eg > jeroen+massar.ch@via.lists.swinog > <mailto:jeroen+massar.ch@via.lists.swinog>.ch > Then you sign that From with your DKIM key. > > To make the receiver happy that there is the 'old' DKIM header you then need > to do ARC signingt: http://arc-spec.org/ > That way, a receiver knows "oh the rewrote something and they are taking > responsibility for this mail" > > > > For Mailman there is some info here: https://wiki.list.org/DEV/DMARC > > Thus the option you need to do is: > > "Munge the From: header" > some other details: > https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/handlers/docs/dmarc-mitigations.html > > For ARC: > https://docs.mailman3.org/projects/mailman/en/latest/src/mailman/handlers/docs/arc_sign.html > > Greets, > Jeroen > > ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch