Re: cheap SMS, was Email to text -

>Then I went into a t-mobile store and bought a few $25/mo SIM cards, put >credit card on file to auto renew each month, slapped them in, and pointed our >NMS’s at them. Since this comes up from time to time, here's the cheapest US SIM plans I know of. Tracfone BYOD runs on AT or Verizon

Re: Lawsuits for falsyfying DNS responses ?

In article you write: >Canada's Anti-Spam Legislation has specific sections that makes altering >of data illegal under the Act. > >In my non-lawyer opinion, sections 10 (5) (b) and (e) would be violated >by hijacking someone preference to go to

Re: Request for comment -- BCP38

>>> >>> If you have links from both ISP A and ISP B and decide to send traffic >>> out ISP A's link sourced from addresses ISP B allocated to you, ISP A >>> *should* drop that traffic on the floor. > >> This is a legitimate and interesting use case that is broken by BCP38. > >I don't agree that

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

>>That paper is about reflection attacks. From what I've read, this was >>not a reflection attack. The IoT devices are infected with botware >>which sends attack traffic directly. Address spoofing is not particularly >>useful for controlling botnets. > >But that's not only remaining use of

Re: Request for comment -- BCP38

>If you have links from both ISP A and ISP B and decide to send traffic out >ISP A's link sourced from addresses ISP B allocated to you, ISP A *should* >drop that traffic on the floor. There is no automated or scalable way for >ISP A to distinguish this "legitimate" use from spoofing; unless

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

>> Well...by anycast, I meant BGP anycast, spreading the "target" >> geographically to a dozen or more well connected/peered origins. At that >> point, your ~600G DDoS might only be around > >anycast and tcp? the heck you say! :) People who've tried it say it works fine. Routes don't flap that

Re: Domain renawals

>For domain registration I found that joining the GoDaddy Domain Club >( $120/year or less if you pay ahead for multiple years [1] ) ... There's a lot of registrars with prepay discounts. Gandi's domains are cheaper if you prepay $600, a lot cheaper if you prepay $2000. R's, John

Re: Domain renawals

In article

Re: Domain renawals

>In order for clients to find your nameserver to figure out what >NS1.example.com resolves to, >it first needs to be able to find a nameserver for Example.com, >which is NS1.example.com. > >This is what is circular without a Hint in the Additional section of >the DNS reply from the parent

Re: Why the internal network delays, Gmail?

In article you write: >I was working within the limits of what I had available. Here's the subscription page for mailop. It's got about as odd a mix of people as nanog, ranging from people with single user linux machines to

Re: Can someone from Amazon please answer.

>> If you ask for of www.thruway.ny.gov it is a CNAME to = >> www.wip.thruway.ny.gov and that >> breaks a number of DNS servers and load balancers, eg: >Your tax payer dollars at work. Naah. The Thruway is supported by user fees, no taxes involved. I will agree they have a couple of

Re: Why the internal network delays, Gmail?

In article you write: >Help (and hi)! > >I work in higher education and we've been experiencing problems with Google >delaying or queuing email for delivery to our domain. This is a question for Google, not for nanog. Only

Re: Legislative proposal sent to my Congressman

In article you write: >> But that does not remove those devices from the network. > >That ship has sailed. This is where device profiles could help. If enough devices register profiles with the local router, at some point the router's default

Re: Krebs on Security booted off Akamai network after DDoS attack proves pricey

>> Yeh, bcp38 is not a viable solution. Krebs said this DDoS came from insecure IoT devices, of which there are a kazillion, with the numbers growing every day. Why would they need to spoof IPs? How would BCP38 help? R's, John

Re: IoT security, was Krebs on Security booted off Akamai network

>> It helps solve the bad (including manufacturer's default) password >> problem which was one of the attack vectors. That problem has been adddressed pretty well by giving each device a random password and printing the password on the device. Another hack that works pretty well is a button you

Re: Death of the Internet, Film at 11

>Dumb question: > >If some camera, vaccum cleaner, toothbrush or refrigirator is behind >NAT, can it do IP spoofing ? Won't the "from" address be replaced by >the CPE router with the proper IP address assigned to that customer so >that on the Internet itself, that packet will travel with a real

Re: Spitballing IoT Security

>Please don't, bring it to your nearest Apple Store instead where it >will be properly recycled, . My nearest Apple stores are 50 miles away. I'm not sure 100 miles in the car is a good tradeoff for one phone.

Re: Should abuse mailboxes have quotas?

>Are there any ISP's left that read and respond to abuse@ in a timely >fashion? I haven't seen one in at least a decade. Maybe I e-mail the >wrong ones. Or maybe you send reports that they can't act on. Mine are all in ARF format and ISPs reply and tell me they've acted on them all the time.

Avalanche botnet takedown

Avalanche is a large nasty botnet, which was just disabled by a large coordinated action by industry and law enforcement in multiple countries. It was a lot of work, involving among other things disabling or sinkholing 800,000 domain names used to control it. More info here:

Re: South Carolina attempts to repeal Rule 34

In article you write: >Let's call it for what it is. It's a new tax. No, it's just grandstanding. The proposed law egregiously violates the First Amendment and wouldn't last 5 minutes in a court challenge. R's, John

Re: replacing EPP?

In article you write: >Has there been an discussion about replacing EPP with something more modern? No. That was easy. The spec has been updated a few times, most recently by RFC 5730 and 5734 in 2009 but it

Re: loc.gov

In article you write: >http://www.loc.gov/ Works fine for me on Roadrunner in central NY.

Re: Please run windows update now

In article you write: >fyi, current opinion in the security community seems to be that win10 is >better secured than linuxes, bsds, ... see http://cyber-itl.org/; still >pretty sparse, but getting flushed out. Not against Microsoft. R's, John

Re: mailops https breakage

In article you write: >> Fun fact about letsencrypt certs, they expire after a month or so. > >90 days Well, yes. That's why highly skilled and experienced administrators such as yourself set up the automatic renewal scripts at the same time they install the initial

Re: Vendors spamming NANOG attendees

In article <63cd2031-701d-4567-b88a-2986e8b3f...@beckman.org> you write: >But as I said, harvesting emails is not illegal under can spam. This might be a good time to review 15 USC 7704(b)(1), which is titled "Address harvesting and dictionary attacks". >And the requirement to not send you UCE

Re: 4 or smaller digit ASNs

In article <20171012070551.ga52...@spider.typo.org> you write: >> > I'm curious what your client's rationale is for wanting a low ASN. > >Dare I say it? > >Nerds often get overly excited at things that are generally pretty >small... Too bad I can't sell my old NSI handle. R's, JL7

Re: How can I obtain the abuse e-mail address for IPs from Japan?

In article

Re: Incoming SMTP in the year 2017 and absence of DKIM

In article <88a1ae22-a5c1-dc46-caa7-cca813109...@tnetconsulting.net> you write: > - Requiring Reverse DNS > - SPF > >I'm not commenting about the viability of these things, just that they >are fairly well accepted and that they can trivially break mailing lists. A mailing list sending with bad

Re: Incoming SMTP in the year 2017 and absence of DKIM

In article <20171129183535.gb18...@ucsd.edu> you write: >As I see it, the problem isn't with DKIM, it's with the >implementation of DMARC and other such filters. Almost all >of them TEST THE WRONG FROM ADDRESS. They compare the Author's >address (the header From: line) instead of the Sender's

Re: lists and DMARC and ARC, was Incoming SMTP in the year 2017 and absence of DKIM

In article <1d458e76-ab61-db28-79cb-6aabcab4f...@mtcc.com> you write: >I've been saying for years that it should be possible to create the >concept of DKIM-friendly mailing lists. ... I suppose, if your users are OK with no subject tags, message footers, or any of the other cruft that list users

Re: Incoming SMTP in the year 2017 and absence of DKIM

In article <85393a12-a51f-6722-4171-118919fcc...@mtcc.com> you write: >The real problem with large enterprise that we found, however, is that >it was really hard to track down every 25 year >old 386 sitting in dusty corners that was sending mail directly instead >of through corpro servers to

Re: Incoming SMTP in the year 2017 and absence of DKIM

In article you write: >> Without something like VERP to encode the original recipient in the return >> address, the percentage of bounces your list successfully processes each >> month will slowly but steadily decline. > >I think it's

Re: Incoming SMTP in the year 2017 and absence of DKIM

In article you write: >> Or, for a more empirical way to look at it, there's reasonable correlation >> between having missing, generic or incorrect reverse DNS and the host >> being a source of unwanted or malicious email. > >I’m not so sure about

Re: Incoming SMTP in the year 2017 and absence of DKIM

In article <3d84c686-aa5f-8180-8a37-be77fef94...@tnetconsulting.net> you write: >I would also configure MLMs to forward unknown bounces to the -owner. >Hopefully the -owner would then feed (a sanitized copy of) the unknown >bounce type the MLM maintainer(s) to improve said MLM. I suppose that

Re: Incoming SMTP in the year 2017 and absence of DKIM

In article <3677d101-3874-b8e4-87b3-37e4dd870...@tnetconsulting.net> you write: >> Normal lists put their own bounce address in the >> envelope so they can handle the bounces, so their own SPF applies. > >Yep. V.E.R.P. is a very powerful thing. (B.A.T.V. is an interesting >alternative, but I

Re: Incoming SMTP in the year 2017 and absence of DKIM

In article <11e9c18dac053c4bb91b95a4993c1...@mail.dessus.com> you write: > >Not old enough to have had an Executive Secretary processing your incoming >snail-mail before it gets to you? Probably about the same age as you, but I hope that after 50 years of e-mail we have figured out that the

Re: Suggestions for a more privacy conscious email provider

In article <37613d30-ae69-9140-5d88-7596857ce...@wadadli.me> you write: >I am considering purchasing a Raspberry Pi and hosting my own, as it >seems worth the experience. However does it require that I have my own >DNS server and a static IP address in order to connect to the mail >server from

Re: Suggestions for a more privacy conscious email provider

In article <0f7a39b9-efee-54d6-d449-081c7825c...@spamtrap.tnetconsulting.net> you write: >I was meaning to imply that I believe it would be more difficult to >access the server at my house than at a co-lo / hosting facility. Depends on the hosting facility. My server is in a locked room that

Re: Suggestions for a more privacy conscious email provider

In article <e726b3a2-4dbf-9db6-a695-95b483001...@spamtrap.tnetconsulting.net> you write: >On 12/04/2017 02:24 PM, John Levine wrote: >> From your point of view, it's a linux box you can ssh into and manage >> the same way you'd manage linux on a small physical machine. &

Re: Suggestions for a more privacy conscious email provider

In article <20171205105918.ga8...@gsp.org> you write: > "Current Peeve: The mindset that the Internet is some sort of > school for novice sysadmins and that everyone *not* doing stupid > dangerous things should act like patient teachers with the ones > who are." Up to a

Re: Email security: PGP/GPG & S/MIME vulnerability drop imminent

In article <47acebac-7df1-0dbb-9584-27062a945...@netassist.ua> you write: >Really? Use extremely centralized closed source "solution"? You might want to learn a little about Signal. R's, John > >LOL. > >15.05.18 18:47, John Levine пише: >> In

Re: Email security: PGP/GPG & S/MIME vulnerability drop imminent

In article <240538927.8145.1526388210820.JavaMail.mhammett@ThunderFuck> you write: >Encrypted e-mail is so incredibly niche, this won't affect almost everyone. Bruce Schneier's blog entry on this arcane buglet ended by saying that if you care about encryption use Signal or WhatsApp. R's, John

Re: Whois vs GDPR, latest news

>What about the likely truth that if anyone from Europe mails the list, then >every mail server operator with subscribers to the list must follow the >GDPR Article 14 notification requirements, as the few exceptions appear to >not apply (unless you’re just running an archive). Some of us whose

Re: Whois vs GDPR, latest news

No, but in the absence of a law that specifically bars the courts from doing so the will under current reciprocal treaty arrangements. No, really, what treaties? I understand treaties about domesticating a tort judgement but this isn't a tort, this is a regulation. R's, John PS: can

Re: GDPR outside Europe, was Whois vs GDPR, latest news

In article <0bb31bbb-388d-4832-85dd-30c01c187...@jeffmurphy.org> you write: >There’s speculation that enforcement could occur via the FTC Privacy Shield >program. Privacy Shield is entirely optional. Joining it requires a lot of paperwork and a substantial administrative fee. If you don't do

Re: Whois vs GDPR, latest news

In article you write: >I asked one of the EU regulators at RSA how they intended to enforce GDPR >violations on businesses that don't operate in their jurisdiction and >without hesitation he told me they'd use civil courts to

Re: SIP fax sending software?

In article you write: >Have you considered paying the $0.50 per page to have the local copy >shop send the once-a-month faxes? Since the local copy shop is about a half hour drive from here, no. I don't really care if it's flaky. For one fax a month a few retries are not a big deal. But

Re: ICANN GDPR lawsuit

In article you write: >http://www.circleid.com/posts/20180527_icann_files_legal_action_against_domain_registrar_whois_data/ Elliot said that if he had to choose between fighting ICANN and fighting governments, he'd fight ICANN. I can't blame him.

Re: Whois vs GDPR, latest news

In article <230722.1527374...@turing-police.cc.vt.edu> you write: >Now here's the big question - a *lot* of companies are targeting "anybody with >a freemail account like GMail and a valid Visa or Mastercard card" or similar >business models - does that count as "specifically targeting at EU", or

making the queries go away, was Re: Anyone else blacklisted this morning

In article <20180102170409.ga5...@gsp.org> you write: >On Tue, Jan 02, 2018 at 04:46:02PM +, Mel Beckman quoted: >> "rbl.iprange.net will mark every ip address as listed to force removal of >> this server." > >Apparently they didn't read section 3.4 of RFC 6471: I agree that listing the

Re: Anyone else blacklisted this morning by rbl.iprange.net?

In article you write: >If you're going to run a DNSBL to advertise your mail software, >perhaps do so in a way that doesn't flip the bird at everyone using it. On the other hand if you're going to use DNSBLs, you really should

Re: Blockchain and Networking

ntirely trust each other, but there aren't as many of those as you might think. -- Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly

Re: Greenland DSL or Internet service provider?

In article <01b101d3909a$61e7a250$25b6e6f0$@pccwglobal.com> you write: >We are searching for a provider who can deliver MPLS, dedicated circuit, >DSL or Internet by cable access to the following GPS information address: > >Quanaaq Assuming you mean Qaanaaq, the place formerly known as Thule, your

Re: list blockchain

In article you write: >why is no one exploring converting this mailing list to a blockchain? >major missed opportunity. Ssshhh, we're in the quiet period before the IPO.

Re: Geolocation: IPv4 Subnet blocked by HULU, and others

In article

Re: Confirming source-routed multicast is dead on the public Internet

In article you write: >Multicast is being used in various private IP networks. It seems to work >very well for satellite content distribution because multicast doesn't >require ack's. Enterprise networks also use multicast. I would think it'd work fine on private networks, but since there's

Re: Best practices on logical separation of abuse@ vs dmca@ role inboxes

In article you write: >I'm very sorry to read that, as an ISP, you have to comply with a >para-judicial process that puts you in charge of censorship. Dealing with DMCA notices is a matter of statute law in the US, and it is a really, really bad idea to ignore them unread. It doesn't matter

Re: Best practices on logical separation of abuse@ vs dmca@ role inboxes

In article <627928051.4141.1533644391202.JavaMail.mhammett@ThunderFuck> you write: >Unless the e-mail is to the contact on file with the FCC, it isn't an official >DMCA take down request, so the request is garbage. It's not the FCC, it's the copyright office. The law also says that the

Re: unwise filtering policy on abuse mailboxes

In article you write: >I'm saying people who filter their abuse mailboxes need to stop doing so. See Canute, King. R's, John

Re: Anyone from Delta on list?

In article <2d8e2754-662a-4029-b6fa-6714b1b6c...@semperen.com> you write: >-=-=-=-=-=- > >If so, can you contact me off list, please and thank you? Delta the airline? Delta the hotel chain? Delta the plumbing fixture maker? Delta the construction company? Signed, Baffled

Re: Leasing /22

In article you write: >We're on the hunt yet again for an additional /22 to lease, and are >wondering what the best options are out there? It's been a long time since I've seen IP space for lease that wasn't either a scam or

Re: Are any of you starting to get AI robocalls?

In article you write: >> do it, and the spoofing is nearly impossible to trace back to the origin, so >> those who do it can safely ignore other laws because they know they won't be >> caught. > >Forward to an 800, grab it from the ANI versus

Re: Is WHOIS going to go away?

In article <23257.12824.250276.763...@gargle.gargle.howl> you write: >So you think restricting WHOIS access will protect dissidents from >abusive governments? > >Of all the rationalizations that one seems particularly weak. Oh, you're missing the point. This is a meme that's been floating around

Re: Is WHOIS going to go away?

In article you write: >The days when some in the technical community could just discard others >arguments by saying that "[you] have no idea how the >Internet works" have long passed. I will not get intimidated

Re: Cloudflare 1.1.1.1 public DNS broken w/ AT CPE

In article <20180402150821.ga24...@cmadams.net> you write: >Once upon a time, Matt Hoppes said: >> Seeing as how 1.1.1.1 isn’t suppose to be routed > >[citation needed] Look at the WHOIS info -- 1.1.1.0/24 is assigned to APNIC Research, and it says remarks:

Re: Cloudflare 1.1.1.1 public DNS broken w/ AT CPE

In article <7db5fac7-972a-4eb6-89d9-b305a7233...@cloudflare.com> you write: >If you know of others please send them my way so we can investigate. A lot of hotel and coffee shop captive portals use it for the login and logout screens. Don't know what the underlying software is, but wander around

Re: IPv6 Unique Local Addresses (was Re: New Active Exploit: memcached on port 11211 UDP & TCP being exploited for reflection attacks)

In article you write: >What can you do with ULA that GUA isn’t suitable for? I have a home network with two segments, one wired and one wireless. It has IPv6 addresses assigned by my ISP, Spectrum nee TWC, which probably won't change but who

Re: Buying IPv4 blocks

In article you write: > >If is a new US business and you are working internationally why not go >simple and use IPv6 addresses? Just a guess, but it's probably because they would like for the large fraction of the net that is still v4 only to be able to contact them. Even if you do have v6,

Re: v6 DNSSEC fail, was Buying IPv4 blocks

In article <60afb948-5f6d-8ea8-00c9-6d4d92ff0...@forfun.net>, Marco Davids via NANOG wrote: >> Even if you do have v6, some things like DNSSEC don't work very well >> if you can't do them over v4. > >Is that so? Yeah, V6 UDP fragmentation and anycast are bad news. You can sort of fix it by

Re: CloudFlare D.N.S. Resolvers... (1.1.1.1 & 1.0.0.1)

In article <87in2sy5eh@pc8.berlin.quux.de> you write: >quick and dirty: > >jens@screen:~$ dig nanog.org @8.8.8.8 | grep "Query time" >;; Query time: 16 msec >jens@screen:~$ dig nanog.org @1.1.1.1 | grep "Query time" >;; Query time: 3 msec Yeah, that's super reliable: $ drill nanog.org

Re: No IPv6 by design to increase reliability...

t to be able to distinguish among the devices behind a v4 NAT so they can segment and market more precisely. -- Regards, John Levine, jo...@iecc.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly

Re: plaintext email?

In article you write: > >Isn't the underlying assumption with non-plaintext that: "I know what will >work better for you than you do" ... No, it's that every MUA in the world has handled html mail for a decade and it's a waste of time to piss into the wind. I send most of my mail as

Re: plaintext email?

> > Sudden plot-twist! > > > > A small elite group of NANOG participants have been using stenographic > > forms of > > encryption in the messages all along!� > >Did you mean steganographic? No, stenographic, like, you know, double rot13. R's, John

Re: Unsolicited LinkedIn requests

In article you write: >Agreed, and I do get unsolicited Linkedin requests quite often. >Sometimes, this is clearly the result of someone scraping a list like >NANOG in an effort to drum up new business/contacts. Those end up in the >bitbucket. When you turn down a connection there should be

Re: Bulk IP abuse reporting

In article <87in0horr2@riseup.net> you write: >However, I am not finding a simple, or standardized way to look up the >abuse contacts for a specific IP. Does someone have a suggestion? The RIRs all have RDAP servers that will in theory give you the abuse contact for any IP address in an easy

Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

In article you write: >What IETF Mailing list thinks? - "Implicit TLS doesn't offer any additional >security than a downgrade protected STARTTLS. Let's not waste a port." He's forum shopping. He's already take this to two IETF lists and we've explained to him why it's not a good idea. If you

Re: Enough port 26 talk...

In article <871s5gpz1w@miraculix.mork.no> you write: >Yes. What is all the fuzz about? Email will be as dead as USENET in a >couple of years anyway. Funny, people have been saying that pretty much every year since the 1990s. What's different this time?

Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking

In article <24679.1551146...@turing-police.cc.vt.edu> you write: >So what registries/registrars are supporting 2FA that's better than SMS? Opensrs does TOTP. It's certainly not bulletproof, but it's tied to your actual phone rather than the phone number. (We careful folk put our TOTP keys on a

Re: DANE, was A Deep Dive on the Recent Widespread DNS Hijacking

In article you write: >We need to get switched over to DANE as quickly as possible, and stop wasting >effort trying to keep the CA system alive with >ever-hackier band-aids. What's the DANE version of a green-bar cert?

Re: A Deep Dive on the Recent Widespread DNS Hijacking

In article you write: >Swapping the DNS cabal for the CA cabal is not an improvement. Right? They >are really the same arbitraging rent-seekers, just different layers. The models are different. If I want to compromise your DNS I need to attack your specific registrar. If I want a bogus

Re: a detour DANE, was A Deep Dive on the Recent Widespread DNS Hijacking

In article <20190227161327.ga27...@besserwisser.org> you write: >that is RFC 7208.[0] >[0] This document tries to deprecate RRTYPE 99 for SPF. By stating that >only TXT records can be trusted. ... This must be a very different RFC 7208 from the one that the IETF published. The IETF one says

Re: A Deep Dive on the Recent Widespread DNS Hijacking

In article <3fd86d54-7fe4-4e1d-8c8d-a4d79f030...@pch.net> you write: >That’s the main reason for having a brand TLD at this point, from my point of >view. It’s the reason I’d get one in a heartbeat, if I could afford the fees. Well, actually, you can't get one. The 2013 round is still working

Re: A Deep Dive on the Recent Widespread DNS Hijacking

In article you write: >You are right, if you can compromise a registrar that permits DNSSEC to be >disabled (without notification/confirmation to POCs >etc), then you only have a limited period (max of DS TTL) of protection for >those resolvers that have already cached the DS. As far as I can

Re: Packetstream - how does this not violate just about every provider's ToS?

In article <44a32613-a255-44eb-a094-cee68b6d088a@Spark> you write: >-=-=-=-=-=- > >particularly "interesting" when someone downloads CP (or, as it now seems to >be called, CSAM) using their >ipaddr and causes them to become a Person of Interest. I was thinking the same thing, that'll do it. Or

Re: Packetstream - how does this not violate just about every provider's ToS?

In article <003d01d4fc27$ba0bb300$2e231900$@netconsultings.com> you write: >But isn't there a law in US that protects oblivious or outright simple-mined >population from falling for these type of "easy money" schemes by >prohibiting these types of business? If it became popular enough to be

Re: any interesting/useful resources available to IPv6 only?

In article <3ccd8c9a687b1a780c7f2e0f9e89b6d55ccdb2a7.ca...@interlinx.bc.ca> you write: >But the came I am making is to PHBs, not engineers and I am trying to >find a path of least resistance. Oh, then tell them that IPv4 addresses now cost (wave hands) ten bucks each while IPv6 addresses are

Re: We have it here, including the conclusions (was Re: Special Counsel Office report web site)

In article you write: >Oops..the link would be helpful, sorry! > >We have made the full report available here, including conclusions (full >report both embedded by iframe, and linked to the actual report at DOJ). The DOJ web site is hosted on Akamai's CDN. I don't think anyone's had trouble

Re: any interesting/useful resources available to IPv6 only?

In article you write: >Another provider offering discounted IPv6 only VPSes is gandi.net > >https://www.gandi.net/en/cloud -- the two cheapest options "XS-V6" and >"Small - IPv6" are IPv6 only. That's not very persuasive since even their v6 only prices are pretty high. Gandi charges $13.10 for

Re: Packetstream - how does this not violate just about every provider's ToS?

In article you write: >-=-=-=-=-=- > >feeling cranky, are we, job?   (accusing an antispam expert of spamming on a >mailing list by having too long a .sig?) >but it’s true!  anne runs the internet, and the rest of us (except for ICANN >GAC representatives) all accept that. > >to actually try to

Re: DNS Recursive Operators: Please enable QNAME minimization (RFC7816) for the enhanced privacy of your users

.60 IN A 185.199.109.153 use-application-dns.net.60 IN A 185.199.111.153 use-application-dns.net.60 IN A 185.199.110.153 I have this special-cased in my own resolver, of course. -- Regards, John Levine, jo...@taugh.com,

Re: What can ISPs do better? Removing racism out of internet

In article <56cbb25e-9a53-4e5e-b2cb-3e769112f...@truenet.com> you write: >John, > >Seriously, just quote so people don’t have to look it up. Honestly, though >others are probably right in that case law usually will over-ride written law >due >to our legal structure. Well, kind of, but in this

Re: What can ISPs do better? Removing racism out of internet

In article <6956e76b-e6b7-409f-a636-c7607bfd8...@beckman.org> you write: >Mehmet, > >I’m not sure if you understand the terms under which ISPs operate as “common >carriers”, and thus enjoy immunity from lawsuits due to the acts of their >customers. ISPs in the U.S. are not carriers and never

Re: This DNS over HTTP thing

In article <146431.1569964368@turing-police> you write: >-=-=-=-=-=- > >On Tue, 01 Oct 2019 16:24:30 -0400, Warren Kumari said: > >> "More concretely, the experiment in Chrome 78 will **check if the >> user’s current DNS provider** is among a list of DoH-compatible >> providers, and upgrade to the

Re: IPv6 Thought Experiment

In article <5dcae7a8-1d33-4ea2-bbb1-7a3e8132d...@gmail.com> you write: >What do you think would happen? Would it be the only way to reach 100% IPv6 >deployment, or even that wouldn’t be sufficient? If you have to impose an artificial tax to force people to use IPv6, you've clearly admitted that

Re: IPv6 Pain Experiment

In article you write: >For a small organization with limited staff and small margins, I'm curious >where the actual burden in supporting IPv6 lies. In my experience, it's not >any more costly than deploying IPv4 is ... Right, but that means it doubles your deployment costs since IPv4 isn't

Re: This DNS over HTTP thing

In article <804699748.1254612.1570037049931.javamail.zim...@baylink.com> you write: >Tools. Are. Neutral. > >Any solution to a problem that involves outlawing or breaking tools will. >Not. Solve. Your. Problem. I think in the outside world you'll find very little support for an argument that

Re: This DNS over HTTP thing

In article <20191001074011.n4xjouqg6lhsv...@nic.fr> you write: >Note that the UK is probably the country in Europe with the biggest >use of lying DNS resolvers for censorship. No wonder that the people >who censor don't like anti-censorship techniques. Most UK ISPs use the Internet Watch

Re: Gmail email blocking is off the rails (again)

egards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly

Re: worse than IPv6 Pain Experiment

In article <23963.65395.763065.591...@gargle.gargle.howl> you write: >So I proposed we dump numeric addresses entirely and use basically >URLs in IP packets and elsewhere. > >I really meant something like 'IP://www.TheWorld.com' in the >source/dest addr, possibly more specific for multiple

Re: IPv6 Pain Experiment

In article you write: >that gets me on to my small annoyance... /64 bit subnet masks for >local networks. really? Yup. > ALL of that address space and then throw such >a large range away on subnets commonly populated >with no more than a couple of hundred clients...maybe a few thousand >at

<    1   2   3   4   5   6   7   >