On Feb 20, 2010, at 8:45 PM, Randy Bush wrote:
>> At least the US has a written constitution and the concept of the
>> people being sovereign.
>
> and a room im sf where at&t hands all their internet and voice to the
> nsa. right. and the list is long. internet and voie traffic are no
> longe
>Maybe I'm mistaken, but it appears each end user has to buy the
>service for their own mail servers, and the ISP isn't allowed to
>bypass that. For the purpose of the agreements with spamhaus, an ISP
>customer is probably considered a third party, and making a rbldns
>server available to them is
not care? if you honestly think you'd garner knowledge you didn't
already have from a CNN special...well, I don't know what to say.
On Sat, Feb 20, 2010 at 4:50 PM, andrew.wallace
wrote:
> I am from the UK and don't know how to watch CNN Cyber Shockwave via an
> internet live stream.
>
> The pro
>For the purpose of the following two paragraphs, pretend for the moment
>that you operate a business selling stuff via an email address
>sa...@example.com. For dramatic effect, assume your children will
>starve if you are not able to sell anything.
>
>Further, pretend that you have really annoyed
> At least the US has a written constitution and the concept of the
> people being sovereign.
and a room im sf where at&t hands all their internet and voice to the
nsa. right. and the list is long. internet and voie traffic are no
longer private in the least sense. and cisco builds taps into a
On Sat, 20 Feb 2010, valdis.kletni...@vt.edu wrote:
(WTF quote that just went by - "Hospitals have backup diesel generators, but
only 6-12 hours of fuel". I certainly hope that number is suffering from
pulled-from-orifice syndrome. Heck - *our* day tank has 36 hours of diesel in
it because "power
On Sat, 20 Feb 2010 19:49:25 -0800
"Tomas L. Byrnes" wrote:
> Right, because GCHQ doesn't/hasn't/never would do such a thing...
>
plonk - moron
--
John
Alright can someone moderate this thread and shut it down please?
--Original Message--
From: Tomas L. Byrnes
To: andrew.wallace
To: Randy Bush
Cc: nanog@nanog.org
Subject: RE: "Cyber Shockwave" on CNN
Sent: Feb 20, 2010 7:49 PM
Right, because GCHQ doesn't/hasn't/never would do such a th
Right, because GCHQ doesn't/hasn't/never would do such a thing...
At least the US has a written constitution and the concept of the people being
sovereign.
I'll take that over trusting "Her Majesty's..." whatever.
But then again, I'm Irish, so I have a bit more direct personal and familial
exp
On Sat, Feb 20, 2010 at 11:56:19AM -0800, Mike Lyon wrote:
> Howdy Folks,
>
> What are people using these days to suck down an IMAP account, search it and
> then export the search results? Any suggestions.
>
> Cheers,
> Mike
Check out mairix: http://www.rpcurnow.force9.co.uk/mairix/
"""
mairix
andrew.wallace wrote:
--- On Sun, 21/2/10, Larry Brower wrote:
From: Larry Brower
Subject: Re: CNN Cyber Shockwave only available in US
To: "andrew.wallace"
Cc: nanog@nanog.org
Date: Sunday, 21 February, 2010, 1:29
andrew.wallace wrote:
Funsec perhaps, but not here
You *don't* expe
> My favorite: "What was most troubling to the participants was their
> inability to find a guilty party."
Wasn't Jeff Williams and his army of 100+ thousand trolls ?
On Sat, 20 Feb 2010 16:50:06 PST, "andrew.wallace" said:
> I am from the UK and don't know how to watch CNN Cyber Shockwave via an
> internet live stream.
Quick summary an hour in: "Heck of a cyber-job, Brownie".
Nothing surprising here. If they wanted to be more realistic, they'd include
some
On 2/20/2010 6:10 PM, Joel Jaeggli wrote:
> Larry Sheldon wrote:
>> There is no way in the current universe to know where the item came from
>> by inspecting it. You can only tell where you got it from...and if you
>> can't reject it while you know that, you must discard it.
>
> s/mime detached
haha that was pretty damn funny!!!
> From: b...@world.std.com
> Date: Sat, 20 Feb 2010 21:00:06 -0500
> To: ra...@psg.com
> Subject: Re: "Cyber Shockwave" on CNN
> CC: nanog@nanog.org
>
>
> It's "Night of the Living Fed!", ex-bureaucrats brought back to life!
>
> They just don't know what to
On 2/20/2010 4:57 PM, James Hess wrote:
For the purpose of the following two paragraphs, pretend for the moment
that you operate a business selling stuff via an email address
sa...@example.com. For dramatic effect, assume your children will
starve if you are not able to sell anything.
Further, p
--- On Sun, 21/2/10, Larry Brower wrote:
> From: Larry Brower
> Subject: Re: CNN Cyber Shockwave only available in US
> To: "andrew.wallace"
> Cc: nanog@nanog.org
> Date: Sunday, 21 February, 2010, 1:29
> andrew.wallace wrote:
> Funsec perhaps, but not here
You *don't* expect The British to po
It's "Night of the Living Fed!", ex-bureaucrats brought back to life!
They just don't know what to do, they don't know what to focus on,
they're obsessed with whether or not they can manage to Mirandize
whoever is responsible for the attack and similar legal authorities.
Those who can't see this
> It's obvious though, they don't know who the enemy would be.
i suspect the old walt kelly saying may fit well here.
http://en.wikipedia.org/wiki/Pogo_%28comics%29#.22We_have_met_the_enemy22
randy
andrew.wallace wrote:
It is not being broadcast world wide...
Provide links.
Andrew
This does not appear to be something which belongs on NANOG. Funsec
perhaps, but not here
It is not being broadcast world wide...
Provide links.
Andrew
On Sat, Feb 20, 2010 at 6:25 PM, Jon Lewis wrote:
> it off to jail. The questions of when/whether/and to who bounces should be
> sent is a debate for spam-l or nanae.
I don't know about that. Bounce handling is not a question of spam filtering.
Spam or not is orthogonal to the issue of forged r
I am from the UK and don't know how to watch CNN Cyber Shockwave via an
internet live stream.
The programme starts 8PM ET, 1AM UK.
What do I do?
Andrew
I'm really amazed the thread police haven't pulled this one over and
hauled it off to jail. The questions of when/whether/and to who bounces
should be sent is a debate for spam-l or nanae.
IMO, the original question in this thread was on-topic, but unfortunately
it got very little discussion
Larry Sheldon wrote:
> On 2/20/2010 11:53 AM, valdis.kletni...@vt.edu wrote:
>
>> So we've looked at it from 2 different aspects, and in both cases, the
>> RFC says you shouldn't be bouncing spam to where it came from.
>
> Small nit, which is germane to the whole discussion; "...the RFC says
>
>I don't know what your spam intake looks like but in mine, 5% to 10%
>can't be ranked "high confidence" until checked by an eyeball mark 1.
>In my system, that fraction is a candidate for a bounce...
In mine, it's a candidate for a rejection at SMTP time.
I now do nearly all of my spam filtering
You didn't specify what OS'es you deploy, but for Linux/Red Hat-like
systems: PXE boot, Kickstart [1], Puppet [2], Bacula [3].
PXE/Kickstart/Puppet can be managed with Cobbler [4]. Foreman [5]
is an alternative for managing Puppet hosts.
Any options that also handle Windows Server?
--
Matt
>> > Does the RFC say what to do if the reverse-path has been
>> > damaged and now points to somebody who had nothing
>> > what ever to do with the email?
Do the TCP RFCs say what to do in response to a SYN packet, if the
source IP address has been damaged, and now points to some source IP
that has
Sorry for top post, posting from bb.
Spacewalk is the open source upstream of redhat satellite. Can be used
for installation/provisioning and config management. Ties in well with
puppet and func.
On 2/20/10, Chuck Anderson wrote:
> On Sat, Feb 20, 2010 at 01:29:38PM -0600, Mehmet Akcin wrote:
>>
--- On Sat, 20/2/10, Michael Painter wrote:
> From: Michael Painter
> Subject: Re: "Cyber Shockwave" on CNN
> To: nanog@nanog.org
> Date: Saturday, 20 February, 2010, 22:18
> andrew.wallace wrote:
> > It looks like this demo is pressing ahead for the
> intro of allowing the US Government to take
Enough hype. This was an exercise in self promotion by retired
beaurocrats posturing for private gigs. The US gov publicly
disassociated themselves from this.
Move along. Nothing to see here.
On Feb 20, 2010, at 3:13 PM, "andrew.wallace" > wrote:
--- On Sat, 20/2/10, Randy Bush wrote:
andrew.wallace wrote:
It looks like this demo is pressing ahead for the intro of allowing the US Government to take control of private sector
networks
"in an emergency"... and wants to include smart phones into the bargin.
Or at least that is my interpretation of what the demo is trying to conv
--- On Sat, 20/2/10, Randy Bush wrote:
> From: Randy Bush
> Subject: Re: "Cyber Shockwave" on CNN
> To: "andrew.wallace"
> Cc: nanog@nanog.org
> Date: Saturday, 20 February, 2010, 21:58
> > It looks like this demo is
>
> a bunch of sick press and sick ex-gov wishtheycouldbeagains
> trying to
>
Actually thanks, I just realized that after I hit send...
It's for CentOS
Mehmet
On Feb 20, 2010, at 3:47 PM, nanog-requ...@nanog.org wrote:
> Message: 8
> Date: Sat, 20 Feb 2010 16:35:41 -0500
> From: Chuck Anderson
> Subject: Re: centeralized server management solutions
> To: nanog@nanog.org
> It looks like this demo is
a bunch of sick press and sick ex-gov wishtheycouldbeagains trying to
get as much mindshare as they can. and you're helping them.
randy
--- On Sat, 20/2/10, Randy Bush wrote:
> From: Randy Bush
> Subject: Re: "Cyber Shockwave" on CNN
> To: "andrew.wallace"
> Cc: nanog@nanog.org
> Date: Saturday, 20 February, 2010, 3:10
> the details were in the press days
> ago. 83.2% scare, negligible lessons
> we can actually put in practice
On Sat, Feb 20, 2010 at 04:45:03PM -0500, Rich Kulawiec wrote:
> I use fetchmail and grepmail. Grepmail emits as its output a Unix mbox
> file, so it lends itself quite nicely to going through chunks of saved mail,
> matching grep-ish criteria (including headers) and producing a file full
> of the
On Sat, Feb 20, 2010 at 2:34 PM, Mike Lyon wrote:
hm..If you really want to snarf the imap, think fetchmail for
downloading. hypermail/pipermail for parsing. Get it into a DBM
(such as PgSQL) and perform full-text indexing. Or coax Hypermail into
generating HTML flat files
Then your full-
On Sat, Feb 20, 2010 at 11:56:19AM -0800, Mike Lyon wrote:
> What are people using these days to suck down an IMAP account, search it and
> then export the search results? Any suggestions.
I'd replied off-list, but then realized that perhaps this would be of
more general interest. My apologies to
> From nanog-bounces+bonomi=mail.r-bonomi@nanog.org Fri Feb 19 22:32:48
> 2010
> From: William Herrin
> Date: Fri, 19 Feb 2010 23:32:10 -0500
> Subject: Re: Spamhaus...
> To: Larry Sheldon
> Cc: nanog@nanog.org
>
> On Fri, Feb 19, 2010 at 8:35 PM, Larry Sheldon wrote:
> > On 2/19/2010 7:20
On Sat, Feb 20, 2010 at 01:29:38PM -0600, Mehmet Akcin wrote:
> Centralized solution and server wont be on the same network , but each will
> have internet access
> Drac cards come with Compact Flash cards
> Bandwidth may not be quite fast and latency might be higher when connecting
> to the cent
On Sat, Feb 20, 2010 at 12:53 PM, wrote:
> On Sat, 20 Feb 2010 11:36:37 EST, William Herrin said:
>> They didn't exactly fix it. What they did is reinforce the importance
>> of generating a bounce message by keeping the existing "must" language
>> from 2821 but adding:
>>
>> "A server MAY attempt
On 20/02/10 12:15 -0800, Mike Lyon wrote:
On Sat, Feb 20, 2010 at 12:13 PM, Dan White wrote:
On 20/02/10 11:56 -0800, Mike Lyon wrote:
Howdy Folks,
What are people using these days to suck down an IMAP account, search it
and
then export the search results? Any suggestions.
I don't know yo
Well, I don't have to exactly suck everything down. if I I could use the
imap search function as one post previously mentioned, that would work to.
Just trying to find a good utility to do it...Win/Linux, doesn't matter...
Thanks,
Mike
On Sat, Feb 20, 2010 at 12:27 PM, Christoph wrote:
> * Am
* Am Sat, Feb 20, 2010 at 11:56:19AM -0800 , schrieb Mike Lyon:
> Howdy Folks,
>
> What are people using these days to suck down an IMAP account, search it and
> then export the search results? Any suggestions.
If you really need to suck everything down, i'd suggest
offlineimap+maildir-utils
Che
On 20/02/10 11:56 -0800, Mike Lyon wrote:
Howdy Folks,
What are people using these days to suck down an IMAP account, search it and
then export the search results? Any suggestions.
I don't know your specific need, but it is usually far more efficient (to
what degree depends on the IMAP server)
Howdy Folks,
What are people using these days to suck down an IMAP account, search it and
then export the search results? Any suggestions.
Cheers,
Mike
William Herrin wrote:
Indeed, and the ones who are more than minimally competent have
considered the protocol as a whole and come to understand that at a
technical level the "reject don't bounce" theory has more holes in it
than you can shake a stick at.
No way. You are kidding aren't you Bill
...so few months ago I was wondering which vendor to pick that has the best
global delivery experience and deliver quality product..
after few weeks of research decided to go with Dell.
There are few options for centralized management such as pushing images,
backing up, restoring/re-installing
On 2/20/2010 11:53 AM, valdis.kletni...@vt.edu wrote:
> So we've looked at it from 2 different aspects, and in both cases, the
> RFC says you shouldn't be bouncing spam to where it came from.
Small nit, which is germane to the whole discussion; "...the RFC says
you shouldn't be bouncing spam to
On 2/20/2010 11:41 AM, Michael Dillon wrote:
>> We don't expose our selves with "finger" and .plan and a number of other
>> things that work in a world of friends and neighbors--the world has changed
>
> It's changed all right. Finger is now called IM presence, and .plan is
> called Facebook.
The
On Sat, 20 Feb 2010 11:36:37 EST, William Herrin said:
> They didn't exactly fix it. What they did is reinforce the importance
> of generating a bounce message by keeping the existing "must" language
> from 2821 but adding:
>
> "A server MAY attempt to verify the return path before using its
> ad
> We don't expose our selves with "finger" and .plan and a number of other
> things that work in a world of friends and neighbors--the world has changed
It's changed all right. Finger is now called IM presence, and .plan is
called Facebook.
Given that the world now has dozens of alternate channel
Scott Howard wrote:
> On Fri, Feb 19, 2010 at 5:20 PM, William Herrin wrote:
>
>> On Fri, Feb 19, 2010 at 3:30 PM, Rich Kulawiec wrote:
>>
>>> Barracuda's engineers apparently think
>>> that using SPF stops backscatter -- and it most emphatically does not.
>>>
>>> Reject good, bounce
On 2/20/2010 10:36 AM, William Herrin wrote:
> They didn't exactly fix it. What they did is reinforce the importance
> of generating a bounce message by keeping the existing "must" language
> from 2821 but adding:
>
> "A server MAY attempt to verify the return path before using its
> address for d
On 2/20/2010 9:06 AM, valdis.kletni...@vt.edu wrote:
> On Sat, 20 Feb 2010 09:51:33 EST, Daniel Senie said:
>
>> Instead of saying "well, it's obvious to everyone," do something about it.
>
> *brrring... bring...brrriiing...*
>
> Cluephone. It's for you.
>
> 5321 Simple Mail Transfer Protoc
On Sat, Feb 20, 2010 at 8:08 AM, Rich Kulawiec wrote:
> On Fri, Feb 19, 2010 at 08:20:36PM -0500, William Herrin wrote:
>> Whine all you want about backscatter but until you propose a
>> comprehensive solution that's still reasonably compatible with RFC
>> 2821's section 3.7 you're just talking tr
They also can use SMTP AUTH for what they call Recipient Verification.
Barracuda has done some work in the past few years to improve its "out of
the box" configuration, but its poor start has permanently tarnished its
reputation in the eyes of some in the mail community, especially those who
are a
On Feb 20, 2010, at 10:01 AM, Marc Powell wrote:
> On Feb 19, 2010, at 12:53 PM, Dean Anderson wrote:
>
>> So you should think that its ok for blacklists to charge money for
>> things they got for free?
>
> In the case of Spamhaus, yes, I find it acceptable to pay them for the
> service they are
On Sat, 20 Feb 2010 09:46:21 EST, Daniel Senie said:
> I don't know when this was that they didn't do validation.
So they validate...
> The Barracuda boxes will accept mail for domains they know about but
> without validating the email address in the event the target mail server
> is down. And y
On Sat, 20 Feb 2010 09:51:33 EST, Daniel Senie said:
> Instead of saying "well, it's obvious to everyone," do something about it.
*brrring... bring...brrriiing...*
Cluephone. It's for you.
5321 Simple Mail Transfer Protocol. J. Klensin. October 2008. (Format:
TXT=225929 bytes) (Obsolet
I don't know WTH is up with your large Cc: list but I've removed it to keep the
conversation here, where it started. More below --
On Feb 19, 2010, at 12:53 PM, Dean Anderson wrote:
> So you should think that its ok for blacklists to charge money for
> things they got for free?
In the case of S
On Feb 20, 2010, at 8:08 AM, Rich Kulawiec wrote:
> On Fri, Feb 19, 2010 at 08:20:36PM -0500, William Herrin wrote:
>> Whine all you want about backscatter but until you propose a
>> comprehensive solution that's still reasonably compatible with RFC
>> 2821's section 3.7 you're just talking trash
On Feb 20, 2010, at 12:28 AM, Scott Howard wrote:
> On Fri, Feb 19, 2010 at 5:20 PM, William Herrin wrote:
>> On Fri, Feb 19, 2010 at 3:30 PM, Rich Kulawiec wrote:
>>> Barracuda's engineers apparently think
>>> that using SPF stops backscatter -- and it most emphatically does not.
>>>
>>> Reje
On Fri, 19 Feb 2010 21:28:41 -0800
Scott Howard wrote:
> On Fri, Feb 19, 2010 at 5:20 PM, William Herrin wrote:
> > On Fri, Feb 19, 2010 at 3:30 PM, Rich Kulawiec wrote:
> >> Barracuda's engineers apparently think
> >> that using SPF stops backscatter -- and it most emphatically does not.
> >>
On Fri, Feb 19, 2010 at 08:20:36PM -0500, William Herrin wrote:
> Whine all you want about backscatter but until you propose a
> comprehensive solution that's still reasonably compatible with RFC
> 2821's section 3.7 you're just talking trash.
We're well past that. Every minimally-competent postm
> US carried out "Cyber Shockwave" - an exercise by non-government actors who
> have close relations to the government past.
s/US/CNN/
s/exercise/show/
s/close relations/been paid by CNN to show off their relations/
> The results will be aired on CNN this weekend.
s/results/show/
We had this once before on an Intel GigE ethernet adapter..
The hacky fix was to leave a ping running continuously (mtr in this case) which
solved the problem.
Sounds like a arp/mac learning issue-- I think it got fixed when we
re-installed ESXi on that machine.
-Shane
On 20/02/2010, at 7:06
Have you applied the ESX patches. I don't run ESX, but ESXi, and there
was a firmware patch that addressed some networking issues on Linux
systems. Might give that a try if you have not already.
On 2/19/10 3:52 PM, LEdouard Louis wrote:
> Has anyone experience problems using Intel 10 Gb NIC on VMw
69 matches
Mail list logo