> Date: Mon, 2 Apr 2007 21:09:24 -0500 (CDT)
> From: Gadi Evron <[EMAIL PROTECTED]>
> Subject: what registrars need to do with no incentive [was: Re: On-going ..]
>
> On Mon, 2 Apr 2007, Robert Bonomi wrote:
> >
> >
> > > From: David Conrad <[EMAIL PROTECTED]>
> > > Subject: Re: On-going Intern
On 2 Apr 2007, at 21:21, Lasher, Donn wrote:
Rather, I thought a lot more providers would actually be blocking
outbound
25 except to their SMTP servers. Just brought up a new mail server
for a
friend; moved an old (14+ year) domain.. I was amazed at the number of
connections from rr.com, c
On 3 Apr 2007, at 03:02, Gadi Evron wrote:
What are your thoughts on basic suggestions such as:
1. Allowing registrars to terminate domains based on abuse, rather
than just fake contact details.
I don't like this because its impossible to define abuse clearly
enough in this context.
If
Gadi Evron wrote:
What are your thoughts on basic suggestions such as:
1. Allowing registrars to terminate domains based on abuse, rather than
just fake contact details.
Are you crazy or what? Ever heard of due process? What is abuse? Who
decides that? Office of pre-crime?
In the end the
On Tue, 3 Apr 2007, Adrian Chadd wrote:
>
> On Tue, Apr 03, 2007, Tony Finch wrote:
> >
> > On Mon, 2 Apr 2007, David Conrad wrote:
> > >
> > > Even if a delay were imposed, I'm not sure I see how this would actually
> > > help
> > > as I would assume it would require folks to actually look at
On Tue, 3 Apr 2007, Andy Davidson wrote:
>
>
> On 3 Apr 2007, at 03:02, Gadi Evron wrote:
>
> > What are your thoughts on basic suggestions such as:
> > 1. Allowing registrars to terminate domains based on abuse, rather
> > than just fake contact details.
>
> I don't like this because its im
On Tue, 3 Apr 2007, Andre Oppermann wrote:
>
> Gadi Evron wrote:
> > What are your thoughts on basic suggestions such as:
> > 1. Allowing registrars to terminate domains based on abuse, rather than
> > just fake contact details.
>
> Are you crazy or what? Ever heard of due process? What is abu
> >> I think this might be a bit in conflict with efforts
> registries have
> >> to reduce the turnaround in zone modification to the order
> of tens of
> >> minutes.
> >
> > Why is this necessary? Other than the cool factor.
>
> I think the question is "why should the Internet be constrained
What are your thoughts on basic suggestions such as:
1. Allowing registrars to terminate domains based on abuse, rather than
just fake contact details.
I don't like this because its impossible to define abuse clearly enough in
this context.
If a fictitious web-shop 'nice-but-dim.com' get a
> You cannot mandate how hard somebody must work. It doesn't work. Make
it
> 'expensive enough' to be wrong, and *then* they will make the
necessary effort
> to be 'right'.
Some people block mail from bad places in an attempt to hurt the bad
place, i.e. in an etempt to make it expensive for t
> In the end the cure is worse than the disease (by abusing the
> anti-abuse
> system. DMCA abuse anyone? Or the stupid bogons list so many people
> forget to update every friggin time IANA allocated a new /8 to one of
> the RIRs?)
It's interesting to see how bandaid solutions increase the pro
> > The one concrete suggestion I've seen is to induce a delay in zone
> > creation and publish a list of newly created names within the zone.
> > The problem with this is that is sort of assumes:
>
> What are your thoughts on basic suggestions such as:
> 1. Allowing registrars to terminate
On Tue, 2007-04-03 at 12:43 +0100, [EMAIL PROTECTED] wrote:
> Well, I think the question is, why to new domain additions have to be
> lumped in with all other zone changes and updated within minutes? Why
> can't new domain additions be treated specially and be held back for a
> day or two in order
>> created domains and discriminate between the ones that were created for good
>> and the ones created for ill. How would one do this?
>
>A good start would be to forbid the delegation of newly-registered
>domains that have not yet been paid for.
I am not aware of any registrars that extend cre
On Tue, Apr 03, 2007, Joe Greco wrote:
> Is there a difference between a decade-old domain with contact information
> where a web server got hacked, and a 1-day old domain with garbage for
> contact information that was set up explicitly for Bad Stuff? How do you
> tell?
Yup! One was registered
>I think the shutdown of seclists.org by GoDaddy is a perfect example of
>exactly why the registrars should NOT be making these decisions.
I know the head abuse guy at Godaddy. He is a reasonable person. He
turns off large numbers of domains but he is human and makes the
occasional mistake. T
I know the head abuse guy at Godaddy. He is a reasonable person. He
turns off large numbers of domains but he is human and makes the
occasional mistake. The fact that everyone cites the same mistake
tells me that he doesn't make very many of them.
We cite this one because it was such an unbel
>We cite this one because it was such an unbelievable cock-up it wasn't
>funny. Fyodor a blackhat? Seclists.org a malicious site? Honest to god did
>the guy do even the teensiest little bit of due diligence before shutting
>the site down?
He screwed up, we all know that. My point is that huma
> On Tue, Apr 03, 2007, Joe Greco wrote:
>
> > Is there a difference between a decade-old domain with contact information
> > where a web server got hacked, and a 1-day old domain with garbage for
> > contact information that was set up explicitly for Bad Stuff? How do you
> > tell?
>
> Yup! On
Seriously though- why do we keep blaming the infrastructure for the
mind boggling stupidity of users?
There will always be users that don't understand technology. You
call them stupid, I call them mom & dad, brother & sister. If you
maintain the attitude that it is the 'stupid' users f
> I know the head abuse guy at Godaddy. He is a reasonable person. He
> turns off large numbers of domains but he is human and makes the
> occasional mistake. The fact that everyone cites the same mistake
> tells me that he doesn't make very many of them.
Hm, okay, which one was that.
Was it
>This is the costly bit that a domain registrar isn't going to be
>likely to do.
Well, you're not likely to get it for the $8.95 that Godaddy charges.
Their abuse department does a remarkably good job, considering their
volume and margins.
Perhaps the message here is that you get what you pay fo
I was wondering if a few folks on this list could look at a problem I'm
seeing.
I've poked around most of yesterday and this morning and initially I thought
it was a dns problem but it appears to me that www.airfrance.com is blocking
a whole lot of the IP space in the US from accessing their webs
As far as I remember there was a DC in New York (for some reason
Globix springs to mind) that did this... It was really cool, apart
from when it messed up and sent you to the wrong cabinet
W
On Apr 2, 2007, at 5:09 PM, Gregori Parker wrote:
I've been in there many times over the las
> >This is the costly bit that a domain registrar isn't going to be
> >likely to do.
>
> Well, you're not likely to get it for the $8.95 that Godaddy charges.
> Their abuse department does a remarkably good job, considering their
> volume and margins.
Most places are selling domains for around t
On 4/3/07, Geo. <[EMAIL PROTECTED]> wrote:
I've poked around most of yesterday and this morning and initially I thought
it was a dns problem but it appears to me that www.airfrance.com is blocking
a whole lot of the IP space in the US from accessing their website. Using
proxy servers I find tha
> AF has country-specific front pages. Airfrance.com, the generic
> corporate site, is OK from here; Airfrance.us is reachable from London
> (if you lie:-)) but extremely slow loading. Airfrance.fr is OK.
> Airfrance.co.uk is slow but OK.
So far everyone who responded has managed to get the site
On 4/3/07, Geo. <[EMAIL PROTECTED]> wrote:
So far everyone who responded has managed to get the site to come up. When I
go to www.airfrance.com from anywhere in my network 216.144.0.0/18 I simply
get a timeout using anything including telnet to port 80, see below
15 297ms 299ms 299ms pos9-0
> Perhaps the message here is that you get what you pay for. For a rock
> bottom price, You get rock bottom service. There are registrars that
> charge considerably more and provide considerably more service.
There just isn't enough hierarchy in the DNS. Back when I was running my
own ISP, I ga
On Tuesday 03 April 2007 15:59, Geo. wrote:
>
> initially I thought it was a dns problem
Irrelevant lame DNS server issue reported to SOA email address.
The only practical way to handle the volume of spam email that was
hitting my servers was to implement very very aggressive filtering at
the server accept level (requiring valid HELO commands that match to an
existing host, among other things - amazing how many servers from major
sites that i
Well, you're not likely to get it for the $8.95 that Godaddy charges.
Their abuse department does a remarkably good job, considering their
volume and margins.
Perhaps the message here is that you get what you pay for. For a rock
bottom price, You get rock bottom service. There are registrars
> The alternative is the absurdity that a local ISP has: a 14 way cluster
> for mail acceptance, and another 20 way cluster for mail storage and
> retrieval with terabytes of storage space, 90% of the resources (or
> more) of which are taken up accepting and storing as much spam as
> possible.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Apr 3, 2007, at 12:19 PM, Thomas Leavitt wrote:
The current situation with email is flat out insane. There is no
other way to describe it.
I'd agree that the situation is bad but certainly not
uncontrollable. We've had very good success ke
On Tuesday 03 April 2007 18:35, Donald Stahl wrote:
>
> The problem here is that the community gets screwed not the guy paying
> $8.95. If he was getting what he paid for- well who cares. The problem is
> everyone else.
At the risk of prolonging a thread that should die
Gadi forwarded a pos
I think there is definitely an adaptive factor... initially, vast
quantities of spam disappeared (we have greylisting in as well), and my
personal mailbox went from 100:1 spam to legit to 1:3 spam to legit...
but over time, it has moved up to about a 1:1 spam to legit factor (and
I get about
On Mon, Apr 02, 2007 at 10:56:00PM -0500, Gadi Evron wrote:
...
> I just posted this, and I believe it makes sense:
>
> Title: Put Security Alongside .XXX
>
> Isn't security as important to discuss as .XSS?
>
> The DNS has become an abuse infrastructure, it is no longer just a
> functional infr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- Joseph S D Yao <[EMAIL PROTECTED]> wrote:
>Again - DNS is the infrastructure for EVERYTHING. It facilitates
>EVERYTHING. If you threw it out and put something else in that was not
>as clunky as editing hosts.txt files 'scp'ed from DARPA daily,
--- [EMAIL PROTECTED] wrote:
: Soon Internet email will be like IRC, a quaint
: service for Internet enthusiasts and oldtimers,
: but not a useful tool for businesses or ordinary
: individuals.
Hey, you've just described the FUSSP! :-(
scott
--- [EMAIL PROTECTED] wrote:
From: <[EMA
> Again - DNS is the infrastructure for EVERYTHING. It facilitates
> EVERYTHING.
Not so. On the public Internet applications like Edonkey and Emule work
fine without it. We run a global IP network that is not connected to the
public Internet and over 90% of our customers' applications don't use
> : Soon Internet email will be like IRC, a quaint
> : service for Internet enthusiasts and oldtimers,
> : but not a useful tool for businesses or ordinary
> : individuals.
>
>
> Hey, you've just described the FUSSP! :-(
Solution!?
Since when is a description of one aspect of the problem,
On Tue, Apr 03, 2007 at 09:16:47PM +0100, [EMAIL PROTECTED] wrote:
>
> > Again - DNS is the infrastructure for EVERYTHING. It facilitates
> > EVERYTHING.
>
> Not so. On the public Internet applications like Edonkey and Emule work
> fine without it. We run a global IP network that is not connect
--- [EMAIL PROTECTED] wrote:
> Hey, you've just described the FUSSP! :-(
Solution!?
Since when is a description of one aspect of the problem, considered to
be the solution. In a nutshell I said that the email SPAM problem is
getting worse, not just measured by SPAM volumes or
Joseph S D Yao wrote:
On Mon, Apr 02, 2007 at 10:56:00PM -0500, Gadi Evron wrote:
...
I just posted this, and I believe it makes sense:
Title: Put Security Alongside .XXX
Isn't security as important to discuss as .XSS?
The DNS has become an abuse infrastructure, it is no longer just a
fun
On Tue, Apr 03, 2007 at 11:29:27PM +0100, Sam Stickland wrote:
...
> Maybe it would make sense for someone to reiterate what types of abuse
> DNS is facilitating? I believe what Gadi was getting at was mainly the
> ability to use fake details to register a domain, and then very rapidly
> cyclin
On Tue, 03 Apr 2007 15:18:36 PDT, Scott Weeks said:
> What I meant was: when only a few folks use email, the spammers will go away.
They won't go away, they'll just go infest whatever the people are using.
We're already seeing significant amounts of blog-comment spam, and as soon
as the spammers f
I can personally testify that, as a proportion of the "mail" I get
through it, there's quite a bit of spam on MySpace - phishing scams
(Adult MySpace Viewer), fake profiles designed to draw you to adult
dating / webcam / porn sites, etc. Lots of attractive women claiming to
want you to be the
On Apr 3, 2007, at 3:29 PM, Sam Stickland wrote:
Maybe it would make sense for someone to reiterate what types of
abuse DNS is facilitating? I believe what Gadi was getting at was
mainly the ability to use fake details to register a domain, and
then very rapidly cycling the A records thr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -- Douglas Otis <[EMAIL PROTECTED]> wrote:
>[...]Just because this information can be published within a
few milliseconds, does not make doing so a good idea.[...]
Very well said.
- - ferg
-BEGIN PGP SIGNATURE-
Version: PGP Desktop 9.6
> No one wants to wait for security checks while browsing. This
> information must be preprocess and "at the ready", or the Internet
> starts to feel rather slow and broken. By slowing down registry
> updates and even providing a preview of upcoming changes will allow
> security to becom
At 09:41 PM 4/3/2007, you wrote:
> No one wants to wait for security checks while browsing. This
> information must be preprocess and "at the ready", or the Internet
> starts to feel rather slow and broken. By slowing down registry
> updates and even providing a preview of upcoming changes
> So, an "oops, I screwed up, and am in a panic" fee, of, say $100 and
> a quick but accurate identity check combined would take care of such
> an emergency. The fee would pay for the expense of the identity
> check, and perhaps provide a bit of profit for the registrar. This
> seems reasonabl
Gadi,
4 days and 56 messages later... no pieces of the sky have hit me on the head
yet. Trolling NANOG-L is as productive as ever. How long until you troll us
again? Will it be another "INTERNET EMERGENCY" or just a provocative
statement that starts a 50-message OT argument about botnets?
On Wed, 4 Apr 2007, Albert Meyer wrote:
> Gadi,
>
> 4 days and 56 messages later... no pieces of the sky have hit me on the head
> yet. Trolling NANOG-L is as productive as ever. How long until you troll us
> again? Will it be another "INTERNET EMERGENCY" or just a provocative
> statement
54 matches
Mail list logo
