> > Yes. It completely marginalizes the remaining positive qualities of the
> > Domain Name System as a way to find things, in the name of giving people
> > "more options."
>
> That never existed and never made any sense. DNS is a naming scheme.
> Entities choose names that are expressive, not in
>So should I have bounced all 4,602? Since ninety some percent of them
>came from forged addresses that would not only be pointless but would
>be contributing to the problem (and get us into bl.spamcop.com).
Of course not. You should have rejected them.
Note that rejection doesn't keep you
some folk on this list are network operators. i.e. what you do with
your personal mailbox is not highly interesting. we have this silly
problem called "paying users." the issue is what an mta operator does
for hundreds, thousands, or more of these pesky critters.
at least in my world, they seem
> bbc.co.uk is fine because when you access it, you are aware it is a site
> designed for UK residents so when they tell you you can't access parts
> of their web site, you understand. But they shouldn't have "bbc.com" for
> that web site.
No need to tell us we shouldn't do what we're not doing
b
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Jun 28, 2008, at 4:56 PM, Jean-François Mezei wrote:
The biggest problem however are outfits like microsoft whose hotmail/
msn
properties have undocumented logic which confirm reception of the
message at the SMTP/821 level but then proceed to di
John Levine wrote:
> I own iecc.com. A group of educators in Minnesota own iecc.org. A
> speculator in the UK owns iecc.net. Which, if any, of us gets first
> dibs on iecc.thisisgreatstuff?
Well, that would depend on whatever policies the owner of
"thisisgreatstuff" has.
More importantly, who
re: reverse DNS and emails.
There are well documented and fairly simple tasks to reduce spam.
requiring rdns, using rbls and blocking certain IP blocks goes a long way.
The biggest problem however are outfits like microsoft whose hotmail/msn
properties have undocumented logic which confirm recept
On Sat, Jun 28, 2008 at 01:12:39PM -0700, Matthew Petach wrote:
> Those two statements of yours directly contraindicate each other.
No, they don't. Outbound relays (which are presumably used by client
systems presenting appropriate authentication) know the identity of
user presenting credentials.
In article <[EMAIL PROTECTED]>, John
Levine <[EMAIL PROTECTED]> writes
In any event, ICANN's sunrise rules work adequately well, and they're
not likely to change.
Sunrise rules differ for each tld, it's one of the things that
differentiates them. In Paris this week there was a short talk aimed
That's the phrase I was thinking of -- "sunrise period".
All of you would get first dibs -- I don't have a good idea how it would
actually be doled out or purchased. But at least you three would be first
in the ring, before speculator xyz had a chance.
But in my case, iecc.net already belongs
That's the phrase I was thinking of -- "sunrise period".
All of you would get first dibs -- I don't have a good idea how it would
actually be doled out or purchased. But at least you three would be first
in the ring, before speculator xyz had a chance.
Frank
-Original Message-
From: Joh
In article
[EMAIL PROTECTED]>, Frank Bulk -
iNAME <[EMAIL PROTECTED]> writes
One way to provide protection is too allow those who have the domain portion
of any domain.(com|net|org|...) to have first dibs for the domain of any new
gTLD. i.e. if nanog.org, nanog.com, nanog.net, etc. would have f
On 6/28/08, Rich Kulawiec <[EMAIL PROTECTED]> wrote:
> On Sat, Jun 28, 2008 at 06:18:44PM +0200, Phil Regnauld wrote:
> > Rich Kulawiec (rsk) writes:
...
> And given that any estimate of hijacked systems under 100 million is
> laughably out-of-date, it's a best practice to blacklist ALL such IP
On Sat, Jun 28, 2008 at 11:01:44AM -0500, Laurence F. Sheldon, Jr. wrote:
> Jay R. Ashworth wrote:
> >According to my Blackberry, it expired last night at midnight UTC.
>
> Is this the end of the world, then?
End of the world, no. Important to Nextel and any of their clients who
receive MMS mess
> Yes. It completely marginalizes the remaining positive qualities of the
> Domain Name System as a way to find things, in the name of giving people
> "more options."
That never existed and never made any sense. DNS is a naming scheme.
Entities choose names that are expressive, not informative.
>One way to provide protection is too allow those who have the domain portion
>of any domain.(com|net|org|...) to have first dibs for the domain of any new
>gTLD. i.e. if nanog.org, nanog.com, nanog.net, etc. would have first dibs
>on nanog.thisisgreatstuff.
>
>Or is that too simplistic and fraugh
On Sat, Jun 28, 2008 at 06:18:44PM +0200, Phil Regnauld wrote:
> Rich Kulawiec (rsk) writes:
> >
> > I don't see a problem with not accepting mail from clueless ISPs or their
> > customers. The requirement for rDNS has been around for decades.
> > Anyone who's not aware of it has no business runn
On Sat, Jun 28, 2008 at 2:21 PM, Frank Bulk - iNAME <[EMAIL PROTECTED]> wrote:
> FB> The point is that those are able to create a valid rDNS entry likely
> have more control of their infrastructure than those who don't. You must
> admit, if you can't get a proper rDNS entry created for your domain
Comments in-line.
-Original Message-
From: Phil Regnauld [mailto:[EMAIL PROTECTED]
Sent: Saturday, June 28, 2008 1:02 PM
To: [EMAIL PROTECTED]
Cc: nanog@nanog.org
Subject: Re: Mail Server best practices - was: Pandora's Box of new TLDs
[EMAIL PROTECTED] (michael.dillon) writes:
>
>
> htt
>
> One way to provide protection is too allow those who have the domain portion
> of any domain.(com|net|org|...) to have first dibs for the domain of any new
> gTLD. i.e. if nanog.org, nanog.com, nanog.net, etc. would have first dibs
> on nanog.thisisgreatstuff.
>
> Or is that too simplistic a
[EMAIL PROTECTED] (michael.dillon) writes:
>
>
> http://www.maawg.org/about/MAAWG_Sender_BCP/MAAWG_Senders_BCP_Combine.pdf
Thanks for the pointer. I don't necessarily agree with all of it,
but it's definitely a good reference.
I just get irritated by actions tha
One way to provide protection is too allow those who have the domain portion
of any domain.(com|net|org|...) to have first dibs for the domain of any new
gTLD. i.e. if nanog.org, nanog.com, nanog.net, etc. would have first dibs
on nanog.thisisgreatstuff.
Or is that too simplistic and fraught with
Phil Regnauld wrote:
Requirement ? What requirement ? There's no requirement for
reverse DNS for email in any RFC.
As a practical matter, I've found that sending out email from a
host without rDNS doesn't work: too many sites bounce the mail.
It will not come as news to anyo
> Requirement ? What requirement ? There's no requirement for
> reverse DNS for email in any RFC. Not that RFCs are
> ideal references
> for mail operation in general.
You're right, documents published by an organization whose goal
is to design internetworking protocols are n
ob spam... Spam is viral marketing for CHoRD?
DNS can deal w/ billions of entries... order magnitude IPv4 space,
with relative ease (note well the use of the term "relative")
not at all convinced that unmodified DNS can deal w/ spaces on the
order of magnitude of IPv6 space...
*and yes, there
Rich Kulawiec (rsk) writes:
>
> I don't see a problem with not accepting mail from clueless ISPs or their
> customers. The requirement for rDNS has been around for decades.
> Anyone who's not aware of it has no business running a mail server.
Requirement ? What requirement ? There's no
On Sat, Jun 28, 2008 at 01:56:53PM +0200, Phil Regnauld wrote:
> Rich Kulawiec (rsk) writes:
> >
> > Best practice is refuse all mail that comes from any host lacking rDNS,
> > since that host doesn't meet the minimum requirements for a mail server.
>
> No, that's utterly stupid. You're ex
Jay R. Ashworth wrote:
According to my Blackberry, it expired last night at midnight UTC.
Is this the end of the world, then?
--
Requiescas in pace o email Two identifying characteristics
of System Administrators:
Ex turpi causa non ori
According to my Blackberry, it expired last night at midnight UTC.
RSA/1024, issued by Verisign. Serial number ends in 73aa 0f08
Is anyone at Nextel/Sprint/RIM listening here?
My Blackberry tells me what the problem is, but for everyone on normal
phones, it's probably just an error; calling fir
On Jun 28, 2008, at 6:48 AM, Rich Kulawiec wrote:
On Fri, Jun 27, 2008 at 01:40:03PM -0700, David Conrad wrote:
On Jun 27, 2008, at 5:22 AM, Alexander Harrowell wrote:
Well, at least the new TLDs will promote DNS-based cruft filtration.
You can
already safely ignore anything with a .name, .b
>
> On Thu, Jun 26, 2008 at 9:01 PM, Jean-François Mezei
> <[EMAIL PROTECTED]> wrote:
> [snip conflict examples]
>
> > Finally, will there be any performance impact on DNS servers around the
> > world (thinking of caching issues) ?
>
> more to the point ... what problem is ICANN trying to solve
On Jun 28, 2008, at 4:19 AM, Raoul Bhatia [IPAX] wrote:
Tony Finch wrote:
On Thu, 26 Jun 2008, Jeroen Massar wrote:
thinking of all the nice security issues which come along (home,
mycomputer
and .exe etc anyone ? :)
.exe has the same security properties as .com
not exactly, as a lot of u
On Jun 27, 2008, at 8:59 PM, WWWhatsup wrote:
David Conrad wrote:
With that said, personally, I agree that more attention should be
spent on the welfare of the registrants. Unfortunately, given I work
for ICANN, my providing comments in the RAA public consultation along
those lines would be a b
On Jun 27, 2008, at 6:11 PM, Jean-François Mezei wrote:
But my uneducated opinion is that this current project appears to let
the .TLD loose and this will result in top level domains being
meaningless, without any trust.
Given the complexity of the new gTLD process, I think it safe to say
tha
Roger Marquis (marquis) writes:
> I have to conclude that ICANN has failed, simply failed, and should be
> returned to the US government. Perhaps the DHL would at least solicit for
> RFCs from the security community.
DHS ? Otherwise, yes, you could ship ICANN back to the US gvt. with
DH
Rich Kulawiec (rsk) writes:
>
> Best practice is refuse all mail that comes from any host lacking rDNS,
> since that host doesn't meet the minimum requirements for a mail server.
No, that's utterly stupid. You're excluding countries which have
poor infrastructure or clueless ISPs
Jim Shankland (nanog) writes:
>
> Because it's Friday, I checked the last few weeks or so of logs from
> my personal mail server (located in the US), and broke the list of
> unique IP addresses rejected by zen.spamhaus.org up by registry:
... spam coming from US computers vs. spam coming f
Owen DeLong (owen) writes:
>>
> Whether some choose to do that or not, I believe that the point is that:
>
> 1.Nobody is FORCING them to do so.
Trademark law is forcing you to - you have to make reasonable attempts
to actively defend your trademark. Of course, no-one forces yo
Tony Finch wrote:
> On Thu, 26 Jun 2008, Jeroen Massar wrote:
>> thinking of all the nice security issues which come along (home, mycomputer
>> and .exe etc anyone ? :)
>
> .exe has the same security properties as .com
not exactly, as a lot of users know that there is something like a
.com domain
Randy Bush <[EMAIL PROTECTED]> writes:
> this is analogous to the gossip that most spam comes from china, asia,
> nigeria, or whomever we like to be xenophobic or racist about this week.
> measurement shows the united states to be the largest single source of spam.
The US is also the largest sin
On Fri, Jun 27, 2008 at 10:24:48AM -0700, Scott Francis wrote:
> more to the point ... what problem is ICANN trying to solve with this
> proposal?
Oh, that's quite straightforward: insufficient registrar revenue.
---Rsk
On Sat, Jun 28, 2008 at 08:41:28AM +0900, Randy Bush wrote:
> this is analogous to the gossip that most spam comes from china, asia,
> nigeria, or whomever we like to be xenophobic or racist about this week.
> measurement shows the united states to be the largest single source of spam.
Globally, y
On Fri, Jun 27, 2008 at 01:40:03PM -0700, David Conrad wrote:
>
> On Jun 27, 2008, at 5:22 AM, Alexander Harrowell wrote:
>> Well, at least the new TLDs will promote DNS-based cruft filtration.
>> You can
>> already safely ignore anything with a .name, .biz, .info, .tv suffix,
>> to
>> name just
43 matches
Mail list logo
