On Fri, 24 Jun 2005 01:20:27 +0200, Gadi Evron said:
> Thing is, user-trust or no user-trust, they click by the masses.
One wonders how many people would click on a phish from the First
National Bank of Dancing Hamsters, just because
pgpa4XUbqVkbA.pgp
Description: PGP signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 24 Jun 2005, Gadi Evron wrote:
Joel Jaeggli wrote:
The bigger issue is that users simply don't trust any kind of "official
communication" anymore and I don't see anything other than pki that
could actually restore that.
PKI alone won'
Joel Jaeggli wrote:
> The bigger issue is that users simply don't trust any kind of "official
> communication" anymore and I don't see anything other than pki that
> could actually restore that.
PKI alone won't solve it, but we are not trying to "fix" phishing here
(good thought though!). I ag
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 23 Jun 2005, Gadi Evron wrote:
Due to the huge number of variants in the wild, our AV software can't
keep up (probably nobody's can). Instead, we enabled a global rule which
blocks any email from accounts such as billing, root, postmaster,
Measuring a customer service rep's time on a daily basis is a pretty easy
and straightforward task. You can get down to the minute by minute level of
how a CSR spends their time each day. You can also easily relate that back
to customer growth which gives you how many CSR's you need for your n
On 2005-06-23, at 10:57, Suresh Ramasubramanian wrote:
Wild idea and there's just too much good german beer here at MAAWG
(www.maawg.org) in Dusseldorf, but .. anybody tried anycasting a
mailserver?
Operationally that is ...
I know of people who have anycasted the address used by their clie
On Thu, Jun 23, 2005 at 05:57:05AM -0400, Todd Underwood wrote:
>
> my understanding is that md5 is still checked before the ttl-hack
> check takes place on cisco (and perhaps most router platforms). new
> attack vector for less security than you had before. oh well. ras:
> can you confirm tha
At 12:04 PM -0400 2005-06-23, Derek Diget wrote:
I replied privately to the original poster since I was not on NANOG-post,
but this would be interesting if the anycasting was tied into some load
balancers doing geographical balancing.
GSLB only works if each and every server can supply in
Stepping out of the lurker's doorway for the first time.
On Jun 23, 2005 at 20:27 +0530, Suresh Ramasubramanian wrote:
=>Wild idea and there's just too much good german beer here at MAAWG
=>(www.maawg.org) in Dusseldorf, but .. anybody tried anycasting a
=>mailserver?
=>
=>Operationally tha
Eric Gauthier <[EMAIL PROTECTED]> writes:
> Honestly, I completely agree with you that MD5'ing our OSPF
> adjacencies isn't a great idea (I've so far stalled its roll-out).
> I strongly argued against it internally. There were, however, those
> in both the networking and security groups that we
On Thu, Jun 23, 2005 at 05:57:05AM -0400, Todd Underwood wrote:
>
> ras, all,
>
> On Thu, Jun 23, 2005 at 12:14:12AM -0400, Richard A Steenbergen wrote:
> > On Wed, Jun 22, 2005 at 10:04:09PM -0400, Todd Underwood wrote:
>
> > > a) many (all?) implementations of md5 protection of tcp expose
>
On Thu, Jun 23, 2005 at 10:27:49AM -0400, Todd Underwood wrote:
>
> marty,
>
> On Thu, Jun 23, 2005 at 10:22:07AM -0400, Hannigan, Martin wrote:
> > > rolling out magic code because your
> > > vendor tells you to is a bad idea;
> >
> > That's mostly the result of the calamitous failure in vul
Wild idea and there's just too much good german beer here at MAAWG
(www.maawg.org) in Dusseldorf, but .. anybody tried anycasting a
mailserver?
Operationally that is ...
On 23/06/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> > You don't need a central MX if each site MTA knows which user
On 2005-06-23, at 09:57, Eric Gauthier wrote:
likely need to make modifications to our IGP/EGP setup. Though
we filter
OSPF multicast traffic, we wanted to add in MD5 passwords to our
neighbors.
just a quick comment here. i would encourage you not to do that.
Honestly, I completely agr
Good morning..
Have any noted significant performance issues (routing loops etc.) in
interconnects with Level3 infrastructure - particularly in Chicago, New
York or Seattle within the last 4 days?
Any feedback offline would be great.
Thank you.
Robert Boyle wrote:
>
> At 05:37 AM 6/23/2005, you wrote:
>
>> Hi guys. I notice a large increase in recent weeks of ISP directed
>> phishing - largely because of worms moving backward to using the user's
>> own domain for the spam, but not just in the from: address.
>>
>> I believe this started
marty,
On Thu, Jun 23, 2005 at 10:22:07AM -0400, Hannigan, Martin wrote:
> > rolling out magic code because your
> > vendor tells you to is a bad idea;
>
> That's mostly the result of the calamitous failure in vulnerability
> release methodology, not Operator stupidity.
totally agreed. ven
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
> Todd Underwood
> Sent: Thursday, June 23, 2005 5:57 AM
> To: Richard A Steenbergen
> Cc: nanog@merit.edu
> Subject: Re: md5 for bgp tcp sessions
>
>
>
> ras, all,
>
> On Thu, Jun 23, 2005 at 12:14:12AM
how many different bandaids are applied. It is time
to re-engineer with the benefit of hindsight.
However desirable this may be, don't you agree that no matter what
mechanism comes along, there's a huge inertia to overcome.
We can debate the correct way to handle email forever. But of gre
> my understanding is that md5 is still checked before the
> ttl-hack check takes place on cisco (and perhaps most router
> platforms). new attack vector for less security than you had
> before. oh well. ras:
> can you confirm that it is possible to implement ttl-hack and
> have it check
On Thu, 23 Jun 2005 [EMAIL PROTECTED] wrote:
>
> Perhaps this is the time to find a new general solution rather than
> continuing to tack extensions on the existing email service?
None of the email replacement proposals I have seen are likely to get any
significant deployment because none of them
Todd,
> eric, all, not to pick on eric at all, but since he raised the issue...
I always assume and, frankly hope, that when I post something someone will
pipe up and point out anything thats inaccurate, needs clarification,
is a bad idea, etc.
> > likely need to make modifications to our IGP/E
At 05:37 AM 6/23/2005, you wrote:
Hi guys. I notice a large increase in recent weeks of ISP directed
phishing - largely because of worms moving backward to using the user's
own domain for the spam, but not just in the from: address.
I believe this started out as a "let's feel this out" or "wow,
I don't have the answers but I think the 10 years of
failure to put a dent in spam have shown beyond the
shadow of a doubt that Internet email is broken by
design and bandaids are not going to fix this, no matter
how many different bandaids are applied. It is time
to re-engineer with the benefi
On Wed, Jun 22, 2005 at 06:39:07PM -0700, william(at)elan.net wrote:
> P.S. It would really be great if IETF remained true to its origin
> and goals did did technical reviews and selected proposals based on
> the technical capabilities and not on what large company is exerting
> pressure on them
> In the case where XREDIRECT cannot be negotiated, the server will just
> have to accept and forward the message itself.
>
> There's obviously a lot of work involved in deciding the exact
> mechanism. Is gb.example.net looked up via MX, SRV, or something else?
> Can clients cache the name, and f
> Many mail servers don't know
a user's forwarding address at SMTP time;
ahh, right.
something about email being s/f, and therefore not direct.
requiring 'the next hop' to have complete knowledge doesn't work. requiring a
particular hop to the 'the last hop' also causes problems.
hmm. i
On Thu, 23 Jun 2005 [EMAIL PROTECTED] wrote:
You don't need a central MX if each site MTA knows which users are at
which sites. Incoming email may have to take an extra hop if it comes in
to the wrong site, but that's a consequence of the specification that no
implementation can fix.
In othe
morning all , experts
i am proud to announce a european cuseeme test reflector
cuseeme was a free available peer 2 peer multiconferencing
videoconferencing application for mac and pc
more info about installation and history:
http://www.cuseeme.de/
its open now
cuseeme.dyndns.tv CID 0 64/150
On Thu, 23 Jun 2005, Dave Crocker wrote:
>
> i seem to recall a similar redirect mechanism in SMTP some time ago. not
> worth the effort; broken; or somesuch.
The 251 and 551 forwarding address responses. Many mail servers don't know
a user's forwarding address at SMTP time; most mail servers tr
In his case, it sounds like he actually has a business case
for solution 3 above.
I think there is *always* a business case for making infrastructure
communications services work efficiently and reliably.
However the world is pretty consistent about efforts to fix long-standing
human proble
In other words, SMTP does not have the equivalent of an
HTTP redirect which is what he wants here. Maybe SMTP
really is broken? ;-)
hmm.
i seem to recall a similar redirect mechanism in SMTP some time ago. not
worth the effort; broken; or somesuch.
anyhow, once you've hit a server, the b
Not wanting to throw gasoline on an already raging e-mail
authentication fire, but it _does_ look like a fight is
gearing up between Domainkeys Identified Mail (DKIM),
The real fight is to find ANY techniques that have long-term, global benefit
in reducing spam.
Yes, advocates for particula
Thanks to everyone who offered advice and links to resources. The
information I've gathered with your help will greatly assist me moving
forward, regardless of our decision on which protocol to use.
Regards,
Daniel
<[EMAIL PROTECTED]> wrote:
[...]
> In other words, SMTP does not have the equivalent of an HTTP
> redirect which is what he wants here. Maybe SMTP really is broken?
> ;-)
If you don't mind dirty, unreliable kludges, you could hack the server
to give a 4xx and hope the client will try a different
Andrew Staples <[EMAIL PROTECTED]> wrote:
> [...] the group wants to consolidate email addresses across the
> group, i.e.. [EMAIL PROTECTED], regardless of where the mail
> account lives, yet still give local control over the email server.
Due to the potential for namespace clashes, you *must* ha
ras, all,
On Thu, Jun 23, 2005 at 12:14:12AM -0400, Richard A Steenbergen wrote:
> On Wed, Jun 22, 2005 at 10:04:09PM -0400, Todd Underwood wrote:
> > a) many (all?) implementations of md5 protection of tcp expose
> > new, easy-to-exploit vulnerabilities in host OSes. md5 verification
> > i
Hi guys. I notice a large increase in recent weeks of ISP directed
phishing - largely because of worms moving backward to using the user's
own domain for the spam, but not just in the from: address.
I believe this started out as a "let's feel this out" or "wow, that
worked, let's phish ISP's dir
> > 3. Change company policy to reflect names like
[EMAIL PROTECTED],
> > [EMAIL PROTECTED], etc, where DNS would resolve to the correct
server.
> > Doesn't give corporate the "email image" they are after.
> unfortunately, all public routing to email servers is based only on
domain
> names, s
> You don't need a central MX if each site MTA knows which users are at
> which sites. Incoming email may have to take an extra hop if it comes in
> to the wrong site, but that's a consequence of the specification that no
> implementation can fix.
In other words, SMTP does not have the equivalent
40 matches
Mail list logo