Paging AS13335/Cloudflare to the courtesy phone

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Why are you sending me this crap...please stop. I've reached out to your NOC to no avail. Sep 7 19:11:19 web4.domainmail.net nginx: 172.68.1.193 - _ "POST /dms2/services2/ServerMMS2 HTTP/2.0" 400 150 "-" "Agent-Probe" Sep 7 19:11:19 web4.doma

Re: it's mailman time again

On Sat, 2023-09-02 at 13:10 -0400, John Levine wrote: > > It's like changing your password, it sort of made sense in the 1980s > when networks meant coax Ethernets and bored students could sniff > passwords, and now it's cargo cult security. These days the only > sniffable shared media left is pas

Re: it's mailman time again

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Fri, 2023-09-01 at 10:16 -0700, Randy Bush wrote: > and i just have to wonder about sending passords over the net in > cleartext in 2023.  really? > > randy For those that wish to do something about it... $ ~/mailman/debian/patches$ cat 21-mas

Re: NANOG List posts and DMARC

On Tue, 2022-08-02 at 11:24 -0700, Michael Thomas via NANOG wrote: > On 8/2/22 11:18 AM, Chris Adams via NANOG wrote: > > Once upon a time, Chris Adams said: > > > Once upon a time, Jared Mauch said: > > > > Can someone flip the option in Mailman for DMARC please, it’s > > > > problematic as if

Re: FYI - 2FA to be come mandatory for ARIN Online? (was: Fwd: [arin-announce] Consultation on Requiring Two-Factor Authentication (2FA) for ARIN Online Accounts

On Sat, 2022-05-28 at 11:36 -0700, Randy Bush wrote: > >   I am not in the ARIN region but I have attended few Arin meetings. > >   As a comment, I live a country were mobile roaming does not > > exists, > > therefore, when 2FA only works with SMS I can not use the service. > > Having > > said that

Re: Court orders for blocking of streaming services

On Sun, 2022-05-08 at 12:01 +, Mel Beckman wrote: > The plaintiff’s won a default judgement, because the defendants didn’t show > up in court. But they could not have shown up in court, because they were > only listed as “John Does” in the lawsuit. Thus no defendant could have > “actual kno

Re: Xfi Advances Security (comcast)

On Fri, 2021-09-10 at 10:31 -0400, Jason Kuehl wrote: > For whatever reason Comcast Xfinity is blocking my VPN URL. Not certain that this applies, but Concast Advanced Security (setup in your Comcast gateway) only allows outbound VPN connections to UDP ports 500, 4500, and 62515 and TCP port 1723

Re: EMail server gets blocked by Microsoft

On Wed, 2021-04-28 at 09:30 +0200, Markus wrote: > Am 27.04.2021 um 16:46 schrieb Brian Turnbow via NANOG: > > Hi Dominque, > > > > And sign up for snds > > > > https://sendersupport.olc.protection.outlook.com/snds/index.aspx > >

Re: Perhaps it's time to think about enhancements to the NANOG list...?

On Mon, 2021-03-22 at 16:24 -0700, Edward McNair wrote: > I don’t understand the impact. Those who are comfortable with using > the mailing list via email would just keep doing what they are doing > now. With the exact same email address. There should be no procedural > changes. In theory, we could

Re: APOLOGIES: QB server hiccups

On Thu, 2020-10-22 at 18:04 +, Paul Nash wrote: > Autocorrect changed a misspelled recipient to “nanog”. > Not quite. What happened was sometime in the past Brian sent an email to NANOG from a domain publishing a DMARC record. Mailman on nanog@ wraps such an email and (like it or not) sets

Re: AWS issues with 172.0.0.0/12

On October 1, 2019 9:39:03 PM UTC, Matt Palmer wrote: >On Tue, Oct 01, 2019 at 04:50:33AM -0400, Jim Popovitch via NANOG >wrote: >> On 10/1/2019 4:09 AM, Christopher Morrow wrote: >> > possible that this is various AWS customers making >iptables/firewall mistakes? &

Re: AWS issues with 172.0.0.0/12

On 10/1/2019 4:09 AM, Christopher Morrow wrote: possible that this is various AWS customers making iptables/firewall mistakes? "block that pesky rfc1918 172/12 space!!" AWS also uses some 172/12 space on their internal network (e.g. the network that sits between EC2 instances and the AWS ex

Re: DNS Flag Day, Friday, Feb 1st, 2019

On January 31, 2019 1:55:26 AM UTC, Christopher Morrow wrote: >On Wed, Jan 30, 2019 at 5:41 PM Jim Popovitch via NANOG > >wrote: > >> On Wed, 2019-01-30 at 17:22 -0800, Matthew Petach wrote: >> > Any chance this could wait until say the Tuesday >> > *after* t

Re: DNS Flag Day, Friday, Feb 1st, 2019

On Wed, 2019-01-30 at 17:22 -0800, Matthew Petach wrote: > Any chance this could wait until say the Tuesday  > *after* the Superbowl, when we aren't cutting an  > entire religion's worth of potential workers out of  > the workforce available to fix issues in case it  > turns out to be a bigger prob

Re: DNS Hijacking? - FiOS Northeast

On Wed, 2019-01-09 at 18:30 +, Phil Lavin wrote: > > We are seeing DNS requests for A and to 8.8.8.8 come back with > > erroneous replies resolving to 146.112.61.106 when sent via FiOS > > circuits in the northeast. Anyone else seeing issues with DNS on > > FiOS in Northeast? Issue started

Re: [NANOG] Re: unwise filtering policy on abuse mailboxes

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Wed, 2018-08-01 at 11:19 -0400, Rich Kulawiec wrote: > 1. They needed to stop doing so a few decades ago.  Anybody still > doing it today is doing it on purpose, which of course leads directly > to the question: why? One reason as to "why" is tha

Re: AW: Uptick in spam

On Wed, Oct 28, 2015 at 3:44 AM, Octavio Alvarez wrote: > > > On 10/27/2015 05:09 AM, Ian Smith wrote: >> >> On Mon, Oct 26, 2015 at 9:40 PM, Octavio Alvarez >> mailto:octalna...@alvarezp.org>> wrote: >> >> On 26/10/15 11:38, Jürgen Jaritsch wrote: >> >> >> But it is originating all f

Re: Is anyone tracking the "Fw: New Message" joe-job spammer?

On Mon, Oct 26, 2015 at 1:27 PM, Patrick W. Gilmore wrote: > I have 521 messages that match: > To: nanog* > Subject:new message > > In the last week. Obviously that includes things like Jay’s message below, > but still a lot more than 100. > > It also hit outag

Re: All in favor or.....

On Mon, Oct 26, 2015 at 1:22 PM, Larry Sheldon wrote: > On 10/25/2015 10:35, Jim Popovitch wrote: >> >> All in favor of 9x5 network operations say aye. > > > "9x5"? Well who really works 8 hours a day? -Jim P.

Re: All in favor or.....

On Mon, Oct 26, 2015 at 2:12 PM, Matthew Kaufman wrote: > If all the complaining waits until Monday morning, why fix it over the > weekend? If people only looked at received headers.. -Jim P.

Re: *tap tap* is this thing on?

On Mon, Oct 26, 2015 at 12:53 PM, Josh Luthman wrote: > It isn't a quick flip of a switch would be my guess. > It is indeed much simpler and can even be done via a mobile device from anywhere in the world. The magic sauce: Moderate the user account being abused to post to this list. -Jim P.

Re: spam smackdown?

On Sat, Oct 24, 2015 at 10:39 PM, Scott Weeks wrote: > > > It looks like someone's trying to make a point. The takeaway is: 1) NANOG doesn't seem to do simple inbound spam filtering :-) -Jim P.

All in favor or.....

All in favor of 9x5 network operations say aye. Geeze. -Jim P.

Re: WiFI on utility poles

On Thu, Sep 10, 2015 at 4:53 PM, Hunter Fuller wrote: > Ehh... All that content is going over Internet2 for us anyway. I'm genuinely curious, is that is optimized for HD delivery from TW and C, or such services as Netflix/YouTube, etc. -Jim P.

Re: WiFI on utility poles

On Thu, Sep 10, 2015 at 4:22 PM, Mike Lyon wrote: > And it's not free, unless you are a Comcast or TW customer :( But it is free to the children of C&TW customers who then can watch HD content while away at Uni without sapping the EDU bandwidth. -Jim P.

Re: Data Center operations mail list?

On Wed, Aug 12, 2015 at 8:36 PM, Phill Twiss wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > De-lurking > > Hi Rafael and everyone else :}( sorry the cross-post ) > > You should really have captcha's configured for your mailman lists > > Some shady actors out there a

Re: Exploits start against flaw that could hamstring huge swaths of

On Tue, Aug 4, 2015 at 11:06 AM, Leonardo Oliveira Ortiz wrote: > So, you guys recommend replace Bind for another option ? The humorous thing is that the security researcher who showed the recent bind9 error (note: it isn't a vulnerability or a hack, it's just a way to remotely crash named), well

Re: M$ no v6 or just me?

On Tue, Jul 14, 2015 at 5:42 PM, Jared Mauch wrote: > >> On Jul 14, 2015, at 5:26 PM, Jim Popovitch wrote: >> >> On Tue, Jul 14, 2015 at 5:22 PM, wrote: >>> Hi, >>> >>>> No. My DNS (using the roots) gets it right. ;-) >>> >>&g

Re: M$ no v6 or just me?

On Tue, Jul 14, 2015 at 5:22 PM, wrote: > Hi, > >> No. My DNS (using the roots) gets it right. ;-) > > so if you choose google DNS you dont see the right stuff..in which case its > your DNS > and not microsoft or Akamai not doing IPv6 ;-)same true for OpenDNS? > likely... Dude, it was a

Re: M$ no v6 or just me?

On Tue, Jul 14, 2015 at 4:30 PM, wrote: > Hi, > >> And there isn't > > > its your DNS ;-) No. My DNS (using the roots) gets it right. ;-) The failure is somewhere between Google Public DNS's IPv4 servers and Akamai. See my earlier post. -Jim P.

Re: M$ no v6 or just me?

On Tue, Jul 14, 2015 at 3:48 PM, Jim Popovitch wrote: > On Tue, Jul 14, 2015 at 3:37 PM, Josh Luthman > wrote: >> There is > > And there isn't > > ~$ dig -t www.microsoft.com +short > toggle.www.ms.akadns.net. > www.microsoft.com

Re: M$ no v6 or just me?

On Tue, Jul 14, 2015 at 3:37 PM, Josh Luthman wrote: > There is And there isn't ~$ dig -t www.microsoft.com +short toggle.www.ms.akadns.net. www.microsoft.com-c.edgekey.net. www.microsoft.com-c.edgekey.net.globalredir.akadns.net. e10088.dspb.akamaiedge.net. ~$ host e10088.dspb.akamaiedge.n

NTT->HE earlier today (~10am EDT)

Hello, I haven't seen anything to explain this, so I'm asking a larger audience. Did anyone notice any unusual NTT or HE routing this AM? Here's what I saw: 2.|-- xe-0-1-0-17.r04.atlnga05.us.bb.gin.ntt.net 0.0%200.8 0.7 0.6 0.9 0.1 3.|-- ae-2.r20.atlnga05.us.bb.gin.ntt.net

Re: OPM Data Breach - Whitehouse Petition - Help Wanted

On Fri, Jun 19, 2015 at 12:12 PM, Naslund, Steve wrote: > There is an O&M budget created for the day to day operation and maintenance > of IT systems. This is approved along with your department's budget > annually. If you classify updating equipment as an O&M function (which it > routinely i

Re: OPM Data Breach - Whitehouse Petition - Help Wanted

On Fri, Jun 19, 2015 at 9:55 AM, Darden, Patrick wrote: > Good point. It's a massive job, and sometimes it is best to look at those > piecemeal. Start with small goals, and pick low hanging fruit--your example > of the server room is good. Set it up with and IDS, a firewall, harden the > hos

Re: Setting Up a Looking Glass

On Sat, Jun 13, 2015 at 6:10 PM, Randy Bush wrote: >>> Here's a relatively new and fresh perspective on it: >>> https://github.com/ramnode/LookingGlass >>> You can see it in action here: >>> http://lg.nyc.ramnode.com/ >> looking glass without routing, indeed a new perspective :( > > with a bit mor

Re: Setting Up a Looking Glass

On Sat, Jun 13, 2015 at 4:28 PM, Randy Bush wrote: >> Here's a relatively new and fresh perspective on it: >> https://github.com/ramnode/LookingGlass >> You can see it in action here: >> http://lg.nyc.ramnode.com/ > > looking glass without routing, indeed a new perspective :( But routing is so pe

Re: Setting Up a Looking Glass

On Sat, Jun 13, 2015 at 12:53 PM, Shane Ronan wrote: > This would be even more AWESOME if you added routing table lookup. I'll suggest that to the author. -Jim P.

Re: Setting Up a Looking Glass

On Sat, Jun 13, 2015 at 12:29 PM, Mike Hammett wrote: > What's out there for setting up your own looking glass? I saw lots of lists > of dead projects or projects that hadn't received any love in years. Being as > most the people I work with don't run Cisco, Juniper, etc. for routers, > likely

Re: Android (lack of) support for DHCPv6

On Fri, Jun 12, 2015 at 11:18 AM, James R Cutler wrote: > “please let me manage my business and don’t take away my tools just to > satisfy your prejudices.” There are probably several ways to interpret that in ways you hadn't considered for this discussion, I can think of a few. They are:

Re: FastNetMon 1.1.2 - open source solution for DoS/DDoS mitigation

There's a surprising amount of GMail (yes, including me) and new-ness in this thread.Should I be impressed with the freshness or concerned about astroturfing? :-) Bah Humbug! -Jim P.

Re: gmail security is a joke

On Wed, May 27, 2015 at 4:52 PM, Harald Koch wrote: > > Y'all are way too trusting ;) Or we are much more comfortable with our knowledge. Six in one, > If I recall from a brief experiment yesterday, three of the four options on > that page are variations on "I'd like to bypass 2-factor auth

Re: gmail security is a joke

On Tue, May 26, 2015 at 10:26 AM, Markus wrote: > Did you know that anyone, anywhere in the world can get into a gmail account > merely by knowing its creation date (month and year is sufficient) and the > last login date (try "today")? What a joke. We don't even know if this email originated by

Re:

On Sat, May 9, 2015 at 11:05 AM, Keith Medcalf wrote: > > No test/plain? Delete without further ado. In the past year or so it seems that all RAA Verification emails, or at least the ones I see, contain no plain text. :-( -Jim P.

Re: Galaxy S6 is IPv6 on all US National Mobile carriers

On Mon, Apr 13, 2015 at 5:20 PM, Ca By wrote: > Good news (that i have not personally verified) ! > > Verizon This is not new for VZW, they've been defaulting to IPv6 since my first Galaxy Nexus (2011). -Jim P.

Re: discussing how to stop hacking is hacking which is now racketeering

On Wed, Jan 14, 2015 at 4:09 PM, Andrew D Kirch wrote: > > >> On Jan 14, 2015, at 12:19 PM, Jim Popovitch wrote: >> >> >>> On Wed, Jan 14, 2015 at 3:08 PM, Ken Chase wrote: >>> http://blog.erratasec.com/2015/01/obams-war-on-hackers.html >>> &

Re: discussing how to stop hacking is hacking which is now racketeering

On Wed, Jan 14, 2015 at 3:08 PM, Ken Chase wrote: > http://blog.erratasec.com/2015/01/obams-war-on-hackers.html > > Therefore, immediate end of this thread? Are all subscribers to this list now > to be inconvenienced at airports? (Sorry, my bad.) > > Do we all need a CCNP Security-multipass to log

Re: Google public DNS - getting SERVFAIL for any domains delegated to GoDaddy NSs

On Sun, Dec 7, 2014 at 12:01 PM, Erik Levinson wrote: > All, > > Could someone from Google public DNS and from GoDaddy contact me off-list? > > I'm getting SERVFAIL when trying to resolve any record in any domain whose > NSs are > pdns01.domaincontrol.com/pdns02.domaincontrol.com/pdns05.domaincont

Re: Seeking VPS providers for low volume network probe

On Wed, Oct 29, 2014 at 5:11 PM, Josh Luthman wrote: > Ramnode is like $24 a year. They have a Netherlands cluster. I'm running > CentOS6 and get both IPv4 and v6. They use OpenVZ for the really cheap > stuff so depending on what you're doing you may run into issues. +1 for RamNode (AS3842).

Re: Linux: concerns over systemd adoption and Debian's decision to switch

On Thu, Oct 23, 2014 at 12:04 PM, Mike. wrote: > > > On 10/23/2014 at 10:56 AM Randy wrote: > > |I've enjoyed kernel hot patches (ksplice) until now. > | > |So my primary concern is that updates to systemd appears to require > a > |full reboot: > | > |http://forums.fedoraforum.org/showthread.php?t

Re: Linux: concerns over systemd adoption and Debian's decision to switch

On Wed, Oct 22, 2014 at 12:57 PM, * wrote: > Poettering's own blog for example even misleads on how systemd > and sysvinit work http://0pointer.de/blog/projects/why.html Oh look... he's related to PulseAudio and Avahi . If you've ever tried above average audio on Linux, then you know all abo

Re: Linux: concerns over systemd adoption and Debian's decision to switch

On Tue, Oct 21, 2014 at 3:41 PM, Eugeniu Patrascu wrote: > > I think systemd wants to become the next Emacs ;)) Or the next user activity collection point. Systemd really is a black hole to 99.9% of the people who will use/deploy it... seems perfect for lots of things. -Jim P.

Re: Why is .gov only for US government agencies?

On Sun, Oct 19, 2014 at 12:51 PM, David Conrad wrote: > RFC 1591. "It is extremely unlikely that any other TLDs will be created." My how times have changed. -Jim P.

Re: Bounce action notifications - NANOG mailing list changes yahoo.com users

On Fri, Oct 10, 2014 at 12:21 PM, Royce Williams wrote: > What other theory about their motivation makes sense? Most of the DMARC backers offer one or more services that compete with traditional mailinglists. -Jim P.

Re: update

On Sep 24, 2014 10:56 PM, "William Herrin" wrote: > > On Wed, Sep 24, 2014 at 10:52 PM, Jim Popovitch wrote: > > I *did* read that, and it doesn't change anything about what I wrote. > > Debian didn't make those changes for you.. Debian has ne

Re: update

On Wed, Sep 24, 2014 at 10:49 PM, William Herrin wrote: > On Wed, Sep 24, 2014 at 10:43 PM, Jim Popovitch wrote: >> You have done something wrong/different than what appears on a >> relatively clean install: > > Since you didn't read it, I'm gonna repeat it: &g

Re: update

On Wed, Sep 24, 2014 at 10:29 PM, William Herrin wrote: > On Wed, Sep 24, 2014 at 7:36 PM, Daniel Jackson wrote: >> On 09/24/2014 07:22 PM, Jim Popovitch wrote: >>> That won't automatically invoke bash on Debian/Ubuntuunless someone >>> intentionally changed

Re: update

On Sep 24, 2014 7:00 PM, wrote: > > On Wed, 24 Sep 2014 18:50:05 -0400, Jim Popovitch said: > > > If someone is already invoking #!/bin/bash from a cgi, then they are > > already doing it wrong (bash has massive bloat/overhead for a CGI script). > > You sure you don

Re: update

On Sep 24, 2014 6:39 PM, "Michael Thomas" wrote: > > > On 9/24/14, 3:27 PM, Jim Popovitch wrote: >> >> On Wed, Sep 24, 2014 at 6:17 PM, Brandon Whaley wrote: >>> >>> The scope of the issue isn't limited to SSH, that's just a popular &g

Re: update

On Wed, Sep 24, 2014 at 6:17 PM, Brandon Whaley wrote: > The scope of the issue isn't limited to SSH, that's just a popular > example people are using. Any program calling bash could potentially > be vulnerable. Agreed. My point was that bash is not all that popular on debian/ubuntu for account

Re: update

> debian/ubuntu admins may want to apt-get update/upgrade or whatever debian/ubuntu aren't really all that immediately impacted. $ grep "bash$" /etc/passwd | wc -l 2 ^^ both of those are user accounts, not system/daemon accounts. -Jim P.

Re: [OPINION] Best place in the US for NetAdmins

On Sat, Jul 26, 2014 at 7:04 AM, Rich Kulawiec wrote: > On Fri, Jul 25, 2014 at 05:35:45PM -0700, Scott Weeks wrote: >> One day, hopefully, telecommuting really takes off [...] > > It often strikes me as incredibly ironic that companies which *would > not exist* were it not for the Internet are am

Re: Verizon Public Policy on Netflix

On Fri, Jul 11, 2014 at 11:38 AM, Miles Fidelman wrote: > > Methinks all of the arguments and finger-pointing need to be recognized as > being mostly posturing for position. .. at the expense of the customer. -Jim P.

Re: Verizon Public Policy on Netflix

On Thu, Jul 10, 2014 at 9:12 PM, Miles Fidelman wrote: > Randy Bush wrote: >>> >>> And, of course, one might ask why Netflix isn't ... making use of a >>> caching network like Akamai, as many other large traffic sources do >>> on a routine basis. >> >> they do. netflix rolls their own cache serve

Re: hotmail email issues today?

On Wed, Jul 9, 2014 at 11:04 AM, Christopher Morrow wrote: > it's not clear (to me at least) that hotmail has deployed any DMARC Don't let that stop others from offering leftfield advice. :-) According to MailOP, Yahoo had acceptability issues as well this AM. -Jim P.

Re: Yahoo DMARC breakage

On Fri, Apr 25, 2014 at 12:12 PM, Jim Popovitch wrote: > On Fri, Apr 25, 2014 at 12:00 PM, Jim Popovitch wrote: >> Just a heads up to interested parties... Google seems to now be >> bouncing where From: is another gmail account. But it seems to be >> inconsistent. If you

Re: AOL Mail updates DMARC policy to 'reject'

On Fri, Apr 25, 2014 at 12:04 PM, Steven Saner wrote: > We run several mailing lists for customers. We frequently get feedback > reports from AOL saying that the AOL user has flagged the message as > spam. So, we remove said user from the list. They then complain that > they have been removed and

Re: Yahoo DMARC breakage

On Fri, Apr 25, 2014 at 12:00 PM, Jim Popovitch wrote: > Just a heads up to interested parties... Google seems to now be > bouncing where From: is another gmail account. But it seems to be > inconsistent. If you are reading this on a gmail account please let > me know. > > -Ji

Re: Phase 4.

On Thu, Apr 24, 2014 at 8:23 AM, Clayton Zekelman wrote: > > Can someone please check the NANOG mailing list Universal Translator? I > think it is broken. I think you mean a NANOG liver is broken. -Jim P.

Re: DMARC -> CERT?

On Thu, Apr 17, 2014 at 12:19 AM, Private Sender wrote: > On 04/14/2014 03:47 PM, Jim Popovitch wrote: > > On Mon, Apr 14, 2014 at 6:21 PM, Scott Howard wrote: > >> On Mon, Apr 14, 2014 at 2:59 PM, Jim Popovitch > wrote: > >>> 7-April: Monday, Yahoo's dm

Re: DMARC -> CERT?

On Thu, Apr 17, 2014 at 12:29 AM, Larry Sheldon wrote: > On 4/16/2014 11:19 PM, Private Sender wrote: > > Does that raise any alarms? Of course it does. http://whois.domaintools.com/snovc.com computerguy0...@yahoo.com Bret Taylor -Jim P.

Re: DMARC -> CERT?

On Mon, Apr 14, 2014 at 6:21 PM, Scott Howard wrote: > On Mon, Apr 14, 2014 at 2:59 PM, Jim Popovitch wrote: >> >> 7-April: Monday, Yahoo's dmarc change kicks everyone in the groin, the >> last full week before the US tax filing deadline. > > > The change was m

Re: DMARC -> CERT?

On Mon, Apr 14, 2014 at 5:48 PM, Scott Howard wrote: > On Mon, Apr 14, 2014 at 2:29 PM, Jim Popovitch wrote: >> >> >> They could have made the change not late on a Friday afternoon (or well >> >> into the weekend for most of the world). >> >> >>

Re: DMARC -> CERT?

On Mon, Apr 14, 2014 at 5:24 PM, Miles Fidelman wrote: > Matthias Leisi wrote: >> >> On Mon, Apr 14, 2014 at 10:20 PM, Christopher Morrow < >> morrowc.li...@gmail.com> wrote: >> >>> On Mon, Apr 14, 2014 at 4:10 PM, Scott Howard wrote: Whilst I don't agree with the way that Yahoo has don

Re: DMARC -> CERT?

On Mon, Apr 14, 2014 at 4:52 PM, Christopher Morrow wrote: > > if you're going to do something that has the potential to affect (say, > for example) email to a wide set of people, most of which are NOT your > direct users, how do you go about making that public? > > 'the internet' isn't really a g

Re: DMARC -> CERT?

On Mon, Apr 14, 2014 at 4:44 PM, Doug Barton wrote: > On 04/14/2014 01:38 PM, Christopher Morrow wrote: >> >> On Mon, Apr 14, 2014 at 4:28 PM, Doug Barton wrote: >>> >>> The obvious ones would have been to announce a flag day somewhere far >>> enough >>> in advance to give list software devs time

Re: DMARC -> CERT?

On Mon, Apr 14, 2014 at 4:39 PM, Christopher Morrow wrote: > On Mon, Apr 14, 2014 at 4:34 PM, Matthias Leisi wrote: >> They could have communicated, as in "listen folks, we are going to make a >> critical change that will affect mailing lists (etc...) in four weeks time". > > communicated it wher

Re: DMARC -> CERT?

On Mon, Apr 14, 2014 at 4:38 PM, Christopher Morrow wrote: > On Mon, Apr 14, 2014 at 4:28 PM, Doug Barton wrote: >> The obvious ones would have been to announce a flag day somewhere far enough >> in advance to give list software devs time to adapt, and to work with list >> software devs on a solu

Re: DMARC -> CERT?

On Mon, Apr 14, 2014 at 1:33 PM, Matthew Petach wrote: > > So, I take it you prefer a world in which there's no sender > validation, and receiving floods of spoofed sender email > spam is just part of the price of being on the internet? That is clearly not what this issue is about. > I'm finding

Re: responding to DMARC breakage

On Sun, Apr 13, 2014 at 1:43 AM, Joly MacFie wrote: > Question: > > Years ago Yahoo! bought major mailing list provider egroups formerly > onelist, eventually absorbing it into yahoo clubs and making something > called yahoogroups. > > Does this break yahoogroups too? How are THEY handling it? I

Re: responding to DMARC breakage

On Sat, Apr 12, 2014 at 5:56 PM, Dave Crocker wrote: > On 4/12/2014 2:38 PM, Jim Popovitch wrote: >> >> On Sat, Apr 12, 2014 at 1:12 PM, Miles Fidelman >> wrote: >> someone needs to get a legal opinion wrt >> the DMARC group's effort to have all mail

Re: responding to DMARC breakage

On Sat, Apr 12, 2014 at 1:12 PM, Miles Fidelman wrote: > valdis.kletni...@vt.edu wrote: >> >> On Sat, 12 Apr 2014 10:12:09 -0400, Miles Fidelman said: >> >>> It occurs to me that Yahoo's deployment of DMARC p=reject, and the >>> choice of several big mail operators to honor that, has created a >>>

Re: Yahoo DMARC breakage

On Wed, Apr 9, 2014 at 8:12 PM, William Herrin wrote: > On Wed, Apr 9, 2014 at 6:11 PM, wrote: >> and just how is an algorithm supposed to detect that >> is a single human and not a list? > > If the autoresponder is sane, it looks for: > > List-Id: North American Network Operato

Re: Yahoo DMARC breakage

On Wed, Apr 9, 2014 at 8:02 PM, Jeff Kell wrote: >> Date: Wed, 9 Apr 2014 18:22:51 -0500 >> From: Larry Sheldon >> Organization: Maybe tomorrow >> User-Agent: Mozilla/5.0 (Windows NT 5.1; >> rv:24.0) Gecko/20100101 Thunderbird/24.4.0 >> To: >> Subject: Re: Yahoo DMARC breakage It's also worth

Re: Yahoo DMARC breakage

> The most "sane" out-of-mind response should only be sent *if* the > out-of-mind person is named explicitly as a recipient in the RFC822 > header. Anything To: somelist@somehost does not qualify :) Funny story: When I was at IBM I filed that as a bug with Lotus Notes. The Notes team rejected t

Re: Yahoo DMARC breakage

On Wed, Apr 9, 2014 at 5:15 PM, William Herrin wrote: > On Wed, Apr 9, 2014 at 4:05 PM, John Levine wrote: >> I'd say it's pretty badly broken if Yahoo intends for their web mail >> to continue to be a general purpose mail system for consumers. If >> they want to make it something else, that's c

Re: Yahoo DMARC breakage

> Confirmed across a variety of Mailman lists I administer. Mailman can be patched to reject/discard posts from members with p=reject. https://code.launchpad.net/~jimpop/mailman/dmarc-reject I'm sort of glad that Yahoo did what they did, people are now seeing the dark side of DMARC. WooHoo!! V

Re: [mailop] IPv6 DNSBL

On Thu, Mar 27, 2014 at 9:21 AM, David Hofstee wrote: > There must be a good reason for people to get of their asses and start > implementing things like DMARC. All the banks (!$%^) I talk to do not have > any reason to implement it swiftly (they turn on p=none and then all progress > stops). F

Re: why IPv6 isn't ready for prime time, SMTP edition

On Thu, Mar 27, 2014 at 3:38 AM, Mark Tinka wrote: > > Not all of 41/8 is served by South Africa :-). > But a significant portion of it routes through London :-) *cough *cough co.tz to co.za, etc., etc. -Jim P.

Re: why IPv6 isn't ready for prime time, SMTP edition

On Tue, Mar 25, 2014 at 5:33 PM, Laszlo Hanyecz wrote: > The usefulness of reverse DNS in IPv6 is dubious. Maybe the idea is to > cause enough pain that eventually you fold and get them to host your email > too. Heh, I say the same things about DMARC where a lot of the major proponents offer al

Re: why IPv6 isn't ready for prime time, SMTP edition

On Tue, Mar 25, 2014 at 1:43 PM, Brielle Bruns wrote: > On 3/25/14, 11:23 AM, John Levine wrote: >> >> Large mail providers all agree that v6 senders need to follow good >> mail discipline, but are far from agreeing what that means. It >> certainly means proper rDNS, but does it mean SPF? DKIM o

Re: Level 3 blames Internet slowdowns on Technica

On Fri, Mar 21, 2014 at 11:48 AM, Naslund, Steve wrote: > What do you mean by average monthly bill? What is the average monthly (non-subsidized) access cost that your friends and family pay each month? -Jim P.

Re: Level 3 blames Internet slowdowns on Technica

On Fri, Mar 21, 2014 at 10:25 AM, Naslund, Steve wrote: > Nice idea, too bad no one can make any money on building infrastructure but > not selling the services on top of it. Remember Global Crossing? You are > asking one company to put up all the capital expense and then try to recover > it

Re: Level 3 blames Internet slowdowns on ISPs' refusal to upgrade networks | Ars Technica

On Thu, Mar 20, 2014 at 5:38 PM, Warren Bailey wrote: > This email is the reason I spend money with digital ocean. :) > > You should too. uhh, no. It's the 21st century. I prefer to spend my money with those that, at a bare minimum, provide IPv6. -Jim P.

Re: How anti-NSA backlash could fracture the Internet along national borders - The Washington Post

On Mon, Nov 4, 2013 at 9:30 AM, Eric Tykwinski wrote: > Just wanted to add something to the discussion: > http://www.renesys.com/2013/10/google-dns-departs-brazil-ahead-new-law/ > > Basically, they are claiming possible new laws in Brazil have left Google to > shut down DNS services locally. Dram

Re: How anti-NSA backlash could fracture the Internet along national borders - The Washington Post

On Sun, Nov 3, 2013 at 12:12 AM, Christopher Morrow wrote: > On Sat, Nov 2, 2013 at 3:13 PM, Jim Popovitch wrote: >> >> I can't be the only one to have been following this 12.8TB of neat-o-ness: >> >> http://www.bricscable.com/ > > " 34 000 km, 2 fibr

Re: Email Server and DNS

On Sun, Nov 3, 2013 at 11:49 AM, Private Sender wrote: > I would recommend you go a step further and use DKIM, ADSP, and DMARC. Don't do DMARC if you expect to have end-users forward emails, or subscribe to mailinglists. Despite the removal from the current DMARC spec, the original guidelines cal

Re: How anti-NSA backlash could fracture the Internet along national borders - The Washington Post

On Sat, Nov 2, 2013 at 3:42 PM, Matthew Petach wrote: > > > > On Sat, Nov 2, 2013 at 12:13 PM, Jim Popovitch wrote: >> >> On Sat, Nov 2, 2013 at 3:06 PM, John Levine wrote: >> > In article you >> > write: >> >>The balkanizing of the Net

Re: How anti-NSA backlash could fracture the Internet along national borders - The Washington Post

On Sat, Nov 2, 2013 at 3:06 PM, John Levine wrote: > In article you write: >>The balkanizing of the Net? >> >>http://www.washingtonpost.com/blogs/worldviews/wp/2013/11/01/how-anti-nsa-backlash-could-fracture-the-internet-along-national-borders/ > > I expect we'll hear lots of pontification, quiet

VZ FIOS SoCo traceroute plea

Hello, A desperate plea, since apparently VZ still doesn't have a public routeserver. :-( I need a trace from a VZ FIOS connection in Southern California, to 96.44.148.54 (Quadranet, DFW). Private replies are welcome and encouraged. Thank you, sorry for the noise. -Jim P.

  1   2   >