On Fri, 25 Feb 2005, just me wrote:
> What I disagree with is the constant disingenuous suggestion made
> here that AUTH by itself has any impact on unwanted email. When the
> lights are on, but nobody is home, it doesnt matter how detailed the
> accounting is. And it seems that theres plenty of l
On Fri, 25 Feb 2005, J.D. Falk wrote:
On 02/25/05, just me <[EMAIL PROTECTED]> wrote:
> Increasing the detail of an audit trail doesnt mean anyone will
> automatically use the information in an effective manner.
>
> Without auth, most ISPs could correlate abuse behavior between MTA
On Fri, 25 Feb 2005 [EMAIL PROTECTED] wrote:
> Sorry, I misread that. But I still fail to see how 587 changes that.
> Trojans, viruses, etc. etc. etc. can still exploit the authentication
> system regardless of what port it operates on. Different port, same old
> problems.
Sigh, if even the net
And what's an even stranger secret is that MAAWG members get to pay
double the registration fee of non maawg members :) Now that's
openness for you ...
Come on in .. it is the nearest thing to nanog that I've seen for mail
ops people in the NA region (+ quite a lot of the world).
--srs (I like
In light of the recent discussions about the future direction of NANOG,
the program committee would like your input on the area we can affect
the most: the content of NANOG meetings.
We have created a short survey, and would like to invite all NANOG
list subscribers to participate. We're interes
On 02/25/05, just me <[EMAIL PROTECTED]> wrote:
> On Fri, 25 Feb 2005, Edward B. Dreger wrote:
>
> Internal users: With AUTH - correlate message with authenticated user,
> then forbid mail transmission for them only. I'd rather do that than
> slog through RADIUS logs. But, hey, maybe i
On 02/25/05, [EMAIL PROTECTED] wrote:
> > You might want to check out http://www.maawg.org - at least stateside,
>
> I'm uncomfortable with two aspects of this group.
> First is it's anti-abuse stance. I would prefer to
> see a group that was focussed on services, i.e.
> providing the best emai
* [EMAIL PROTECTED] ([EMAIL PROTECTED]) [Fri 25 Feb 2005, 18:13 CET]:
> Unfortunately, providers seem to prefer unilateral heavy-handed
> behavior rather than acting professional. They prefer working out
> solutions in isolation or in small closed cabals working in secret in
> backrooms rather tha
On Fri, 25 Feb 2005, just me wrote:
> Most ISPs don't watch logs for the signs of abuse now, why would
> they magically change their behavior and monitor logs if they
> required auth? Just because there is more of an audit trail doesn't
> mean that it will be used.
Because now the server send
On Fri, 25 Feb 2005, Edward B. Dreger wrote:
Internal users: With AUTH - correlate message with authenticated user,
then forbid mail transmission for them only. I'd rather do that than
slog through RADIUS logs. But, hey, maybe if I had more free time...
Increasing the detail of an audit
On Fri, 25 Feb 2005, Christopher X. Candreva wrote:
On Fri, 25 Feb 2005, just me wrote:
> What are you, stupid? The spammers have drone armies of machines
> with completely compromised operating systems. What makes you think
> that their mail credentials will be hard to obtain?
jm> Date: Fri, 25 Feb 2005 14:25:48 -0800 (PST)
jm> From: just me
jm> What are you, stupid? The spammers have drone armies of machines
jm> with completely compromised operating systems. What makes you think
jm> that their mail credentials will be hard to obtain?
Internal users: With AUTH - corr
On Fri, 25 Feb 2005, just me wrote:
> What are you, stupid? The spammers have drone armies of machines
> with completely compromised operating systems. What makes you think
> that their mail credentials will be hard to obtain?
What are you, stupid ? Run a virus scanner on your mail relay so
On Fri, 25 Feb 2005, Frank Louwers wrote:
The trick is to config port 587 in such a way that it ONLY accepts
smtp-auth mail, not regular smtp.
That way, virii/spam junk won't be able to use that port.
What are you, stupid? The spammers have drone armies of machines
with completely comp
> You might want to check out http://www.maawg.org - at least stateside,
I'm uncomfortable with two aspects of this group.
First is it's anti-abuse stance. I would prefer to
see a group that was focussed on services, i.e.
providing the best email service possible to end-users.
The second thing is
On Fri, 25 Feb 2005 [EMAIL PROTECTED] wrote:
> being used on port 25 already. You can do SMTP AUTH just as easily on
> port 25 without having to re-educate your users and still net the same
> simplified tracking procedures that you mention. It sounds to me like
> what we should really be talkin
On Thu, 24 Feb 2005 17:02:23 -0500, Vinny Abello <[EMAIL PROTECTED]> wrote:
> Forwarded mail shouldn't be rejected as a result of SPF if your mail server
> is using SRS to rewrite the from addresses in the "mail from" part of the
> SMTP transaction of the forwarded emails... as long as your SPF re
On Fri, 25 Feb 2005 16:51:31 +, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
>
> > I'll agree with you on one thing, though -- the whole
> > business of port 587 is a bit silly overall...why can't the same
> > authentication schemes being bandied about for 587 be applied to 25,
> > thus nega
[EMAIL PROTECTED] wrote:
> On Fri, 25 Feb 2005 12:56:50 EST, [EMAIL PROTECTED] said:
>
>> Sorry, I misread that. But I still fail to see how 587 changes that.
>> Trojans, viruses, etc. etc. etc. can still exploit the authentication
>> system regardless of what port it operates on. Different por
On Fri, 25 Feb 2005 12:56:50 EST, [EMAIL PROTECTED] said:
> Sorry, I misread that. But I still fail to see how 587 changes that.
> Trojans, viruses, etc. etc. etc. can still exploit the authentication
> system regardless of what port it operates on. Different port, same old
> problems.
It chang
This is an automated weekly mailing describing the state of the Internet
Routing Table as seen from APNIC's router in Japan.
Daily listings are sent to [EMAIL PROTECTED]
If you have any comments please contact Philip Smith <[EMAIL PROTECTED]>.
Routing Table Report 04:00 +10GMT Sat 26 Feb, 2005
On Fri, 25 Feb 2005 02:30:01 EST, Jim Popovitch said:
> Why not a VPN solution. If you have mail servers that your users need,
> chances are that you also have file servers, internal web servers.
> calender servers, etc.
We're talking ISPs and other "mostly open" providers, not corporate nets.
[EMAIL PROTECTED] wrote:
> Joe Maimon wrote:
>
>> We need 587 because trusted authentication in SMTP does not transit
>> with the message. So there is no way to require authenticated email
>> only from all systems that would be worth a damn.
>
> Local delivery only unless authenticated isn't wor
Joe Maimon wrote:
> We need 587 because trusted authentication in SMTP does not
> transit with the message. So there is no way to require
> authenticated email only from all systems that would be worth
> a damn.
Local delivery only unless authenticated isn't worth a damn? Is this
really that d
I can assure you, this Brazilian ISP is not "small"... :-)
I have visited with them (as well as a couple of other
ISP's in Brazil), and communicating with them has never
been a problem, at least for the ones that I have previously
met with.
As an aside (and not intentionally meaning to sound
li
On Fri, 25 Feb 2005, Sam Stickland wrote:
> Quick question: If I have two E1 ports (RJ45), then will running a
> straight ethernet cable between the two ports have the same affect as
> plugging a ballan into each port and using a pair of coax (over a v.
> short distance).
Not straight, you need
On 2/25/2005 11:17 AM, [EMAIL PROTECTED] wrote:
> department. I'll agree with you on one thing, though -- the whole
> business of port 587 is a bit silly overall...why can't the same
> authentication schemes being bandied about for 587 be applied to 25,
> thus negating the need for another port
> I'll agree with you on one thing, though -- the whole
> business of port 587 is a bit silly overall...why can't the same
> authentication schemes being bandied about for 587 be applied to 25,
> thus negating the need for another port just for mail injection?
Because that would require provider
> http://lacnic.net/cgi-bin/lacnic/whois?lg=EN
>
> ...you can find that:
>
> #These addresses have been further assigned to Brazilian users.
> #Contact information can be found at the WHOIS server located
> #at whois.registro.br and at http://whois.nic.br
Well, if you could speak Portuguese you
On 2/25/2005 10:51 AM, Nils Ketelsen wrote:
> On Thu, Feb 24, 2005 at 11:36:40PM -0500, [EMAIL PROTECTED] wrote:
> I force anyone, who wants to relay to use SMTP-AUTH on port 25. Only mails
> for local delivery are accepted without AUTH. Whats point
> in opening another port?
There are lots of
I need help from Cox.net and Bellsouth.net abuse team.
Netflix is having issues sending emails to the above ISPs.
We are getting the following error messages.
(Deferred: Connection reset by mx.east.cox.net.)
(Deferred: Connection reset by mx00.mail.bellsouth.net.)
Same message from all mx s
>
> Not that I know of, but I've never attempted what you
> describe. Putting the baluns in the loop will destroy the
> framing i.e. it's going to try and convert b8zs/ami to 802.x.
A Balun (BALanced to UNbalanced) is simply an impledence matching mechanism.
Crossover is still required.
--
On Fri, 25 Feb 2005, Per Gregers Bilse wrote:
> You generally need a router or something else acting as store-and-forward.
> E1/T1 and other plesiochronous circuits are just that, near synchronous,
> and certainly not asynchronous. Things cannot be transmitted or received
> without clocks on bot
On Fri, Feb 25, 2005, Nils Ketelsen wrote:
> It's so funny. On this list many argued Port 25 outgoing must
> be blocked only to notice, that users actually seem to need it to
> send mail. Now we must configure our mailservers to listen on 587 to
> circumvent these filters, that were stupid in the
On Fri, Feb 25, 2005 at 10:47:59AM -0500, Nils Ketelsen wrote:
>
> Now to my prophecy mode: Spammers will start using 587 to spam, which we
> then also all block outgoing, notice again that customers still want to
The trick is to config port 587 in such a way that it ONLY accepts
smtp-auth mai
On Fri, 25 Feb 2005 11:17:35 -0500, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> That's being a bit disingenuous. The discussion here hasn't been to
> open up port 587 to relay for all comers, but rather to open it up for
> authenticated use only. If spammers start using it, then it's a result
[EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] wrote:
On Thu, Feb 24, 2005 at 04:02:20PM -0700, Smoot Carl-Mitchell wrote:
On Thu, 2005-02-24 at 17:14 -0500, Jim Popovitch wrote:
If supporting one port is y hours of time and headache, then two
ports is closer to y*2 than y (some might a
Nils Ketelsen wrote:
On Thu, Feb 24, 2005 at 11:36:40PM -0500, [EMAIL PROTECTED] wrote:
Well, OK. If you know for a *fact* that your users *never* roam, and you
have sufficiently good control of your IP addresses that you can always safely
decide if a given connection is "inside" or "outside"
[EMAIL PROTECTED] wrote:
> On Thu, Feb 24, 2005 at 04:02:20PM -0700, Smoot Carl-Mitchell wrote:
>
>> On Thu, 2005-02-24 at 17:14 -0500, Jim Popovitch wrote:
>>> If supporting one port is y hours of time and headache, then two
>>> ports is closer to y*2 than y (some might argue y-squared). 587 ha
On Thu, Feb 24, 2005 at 11:36:40PM -0500, [EMAIL PROTECTED] wrote:
> Well, OK. If you know for a *fact* that your users *never* roam, and you
> have sufficiently good control of your IP addresses that you can always safely
> decide if a given connection is "inside" or "outside" and allow them to
On Thu, Feb 24, 2005 at 04:02:20PM -0700, Smoot Carl-Mitchell wrote:
> On Thu, 2005-02-24 at 17:14 -0500, Jim Popovitch wrote:
> > If supporting one port is y hours of time and headache, then two ports
> > is closer to y*2 than y (some might argue y-squared). 587 has some
> > validity for provid
--On 25 February 2005 09:43 -0500 "Hannigan, Martin"
<[EMAIL PROTECTED]> wrote:
Not that I know of, but I've never attempted what you
describe. Putting the baluns in the loop will destroy the
framing i.e. it's going to try and convert b8zs/ami to 802.x.
How does a balun destroy the framing (or r
> -Original Message-
> From: Alex Bligh [mailto:[EMAIL PROTECTED]
> Sent: Friday, February 25, 2005 10:32 AM
> To: Hannigan, Martin; Sam Stickland; [EMAIL PROTECTED]
> Cc: Alex Bligh
> Subject: RE: E1 - RJ45 pinout with ethernet crossover cable
>
>
>
>
> --On 25 February 2005 09:43
On 2/25/2005 3:16 AM, Adrian Chadd wrote:
>
> [reposting this to nanog, as my answer might be reasonably ontopic]
>
> On Fri, Feb 25, 2005, Brad Knowles wrote:
>
>>At 8:05 AM + 2005-02-25, Adrian Chadd wrote:
>>
Because your MUA doesn't support SSL on what it considers to be
no
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
> Sam Stickland
> Sent: Friday, February 25, 2005 6:26 AM
> To: [EMAIL PROTECTED]
> Subject: E1 - RJ45 pinout with ethernet crossover cable
>
>
>
> Hi,
>
> Quick question: If I have two E1 ports (RJ45),
Invented is irrelevant. Effective mgmt is what counts. Having said
that, things seem to work fine as is, and in the end if we ask large
(aka fortune 100) multi-internationals if the ITU (UN) should try and
manage, and glean off another nickel or two, the inet...hmmm...answer?
No way, money talks
[EMAIL PROTECTED] wrote:
> On Thu, 24 Feb 2005 16:51:50 EST, [EMAIL PROTECTED] said:
>
>> There seem to be many who feel there is no overwhelming reason to
>> support 587. I can certainly see that point of view, but I guess my
>> question is what reasons do those of you with that viewpoint have
In article <[EMAIL PROTECTED]>,
Sam Stickland <[EMAIL PROTECTED]> wrote:
>Quick question: If I have two E1 ports (RJ45), then will running a
>straight ethernet cable between the two ports have the same affect as
>plugging a ballan into each port and using a pair of coax (over a v.
>short dista
On Thu, Feb 24, 2005 at 05:00:22PM -0500,
William Warren <[EMAIL PROTECTED]> wrote
a message of 45 lines which said:
> If the UN wants control of the INET WE invented.
Who is WE? ICANN? The US governement?
On Feb 25, 12:03pm, Alex Bligh <[EMAIL PROTECTED]> wrote:
> One circumstance where this does work is connecting (for instance) an E1
> trunk connection between (say) two FR switches in the same room, provided
> you remember to set exactly one end to originate, and one end to receive
> clock (i.e.
--On 25 February 2005 11:57 + Per Gregers Bilse
<[EMAIL PROTECTED]> wrote:
Quick question: If I have two E1 ports (RJ45), then will running a
straight ethernet cable between the two ports have the same affect as
plugging a ballan into each port and using a pair of coax (over a v.
short dista
On Feb 25, 11:25am, Sam Stickland <[EMAIL PROTECTED]> wrote:
> Quick question: If I have two E1 ports (RJ45), then will running a
> straight ethernet cable between the two ports have the same affect as
> plugging a ballan into each port and using a pair of coax (over a v.
> short distance).
Yo
Robert Bonomi wrote:
In actuality, *I* am not QUITE as draconian as suggested a couple of
paragraphs previously. If I forward somebody's mail and get a complaint
from the reciveing system about spam to that user, "originating" from my
system, that user *permanently* loses any forwarding privil
Nils Ketelsen wrote:
On Tue, Feb 15, 2005 at 09:00:11PM -0500, Sean Donelan wrote:
What can be done to encourage universities and other mail providers
with large roaming user populations to support RFC2476/Port 587?
Give a good reason. That is still the missing part.
For the above popu
This report has been generated at Fri Feb 25 21:44:34 2005 AEST.
The report analyses the BGP Routing Table of an AS4637 (Reach) router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org/as4637 for a current version of this report.
Recent Table Hist
Hi,
Quick question: If I have two E1 ports (RJ45), then will running a
straight ethernet cable between the two ports have the same affect as
plugging a ballan into each port and using a pair of coax (over a v.
short distance).
Likewise would using an ethernet crossover cable have the same affec
On Fri, Feb 25, 2005 at 02:30:01AM -0500, Jim Popovitch wrote:
>
> On Thu, 2005-02-24 at 23:36 -0500, [EMAIL PROTECTED] wrote:
> >
> > The rest of us run mail services in the real world, where lots of users buy
> > laptops, and then actually *use* the portability and thus
> > often
> > end up b
[reposting this to nanog, as my answer might be reasonably ontopic]
On Fri, Feb 25, 2005, Brad Knowles wrote:
> At 8:05 AM + 2005-02-25, Adrian Chadd wrote:
>
> >>Because your MUA doesn't support SSL on what it considers to be
> >> non-standard ports? Because your ISP won't let you set
Maybe off topic, but is anyone having any success contesting paying
Verio prices for Cogent's network? When the Cogent tech called to move
our BGP sessions and ports over to Cogent gear, we refused until we get
this resolved.
I know Verio was no Cadillac, but I considered them a Chevy, and I sur
59 matches
Mail list logo