Hi Paul,
Let's go back to the case and point: Amazon is claimed not to behave as
a good Netizen.[*] In these circumstances we have to ask why the
traditional system doesn't work. This is precisely the case when you
want to ding someone's reputation. Your argument that many good
application
Hi
If there are some members of Spamcop here, please contact me off-list
Mehmet
smime.p7s
Description: S/MIME cryptographic signature
When I hear "cloud services" I think "in the network" even though it appears
all these cloud services perform their work at a data center as an
outsourced service.
Is there a vendor that makes a product that perform spam/malware filtering
literally in the network, i.e. as a service provider, can I
eliot wrote:
> Let's go back to the case and point: Amazon is claimed not to behave as a
> good Netizen.[*] In these circumstances we have to ask why the traditional
> system doesn't work. This is precisely the case when you want to ding
> someone's reputation. Your argument that many good appli
Paul Vixie wrote:
my argument doesn't get that far, actually. i think there will be no outages
because recipients of abuse won't feel that they can afford to toss out the
good with the bad in this particular case. which is going to remind of me
tom lehrer's quip, "feels like a christian scient
On Mon, Jun 23, 2008 at 7:20 PM, Patrick Giagnocavo <[EMAIL PROTECTED]> wrote:
> What I think would/should happen is that EC2 is never assumed to be a
> legitimate source of email; and any EC2 instance that sends email will
> instead be relaying through a non-EC2 mail server.
Mail / spam seems to
On Mon, Jun 23, 2008 at 6:01 PM, Frank Bulk - iNAME <[EMAIL PROTECTED]> wrote:
> Is there a vendor that makes a product that perform spam/malware filtering
> literally in the network, i.e. as a service provider, can I provide spam
> filtering for the enterprises in my customer base by adding a piec
Looking for recommendations for carrier neutral co-lo facility for Melbourne
Australia. Our searches so far seem to turn up sites either on Telstra or
Optus affiliated co-lo facilities. We need to be in a carrier neutral space
with access to any of the major providers.
Searching for co-lo space in
$quoted_author = "Bernard Becker" ;
>
> Looking for recommendations for carrier neutral co-lo facility for Melbourne
> Australia. Our searches so far seem to turn up sites either on Telstra or
> Optus affiliated co-lo facilities. We need to be in a carrier neutral space
> with access to any of the
If it doesn't need to be Melbourne, there is a good selection in Sydney.
The best being Equinix and Globalswitch
...Skeeve
--
Skeeve Stevens, Managing Director
eintellego Pty Ltd - The ISP Specialists
[EMAIL PROTECTED] / www.eintellego.net
Phone: (+612) 8197 2760, Fax: (+612) 8572 9954
Cell +61
On 2008/06/22 06:17 PM Paul Vixie wrote:
with EC2, it's game-over for the IP reputation industry
Realistically speaking, did you not expect that to be inevitable?
As access to the internet increases, the chances of SMTP scaling to
prevent spam decreases. And as IP's become more numerous and
On Sun, Jun 22, 2008 at 12:55 PM, Andy Davidson <[EMAIL PROTECTED]> wrote:
> On 22 Jun 2008, at 17:17, Paul Vixie wrote:
>> with EC2, it's game-over for the IP reputation industry,
> I was discussing this on an e-commerce practitioners list earlier today, and
> argued basically that, from an abuse
On Mon, 23 Jun 2008 11:38:16 EDT, William Herrin said:
> Concur. From an address-reputation perspective EC2 is no different
> than, say, China. Connections from China start life much closer to my
> filtering threshold that connections from Europe because a far lower
> percentage of the connections
> > with EC2, it's game-over for the IP reputation industry
>
> Realistically speaking, did you not expect that to be inevitable?
i didn't, no. when i unknowingly launched the IP reputation industry back
in the mid 1990's, the risk i was managing was a spammer who planned to give
away free T1 li
Just because something doesn't solve all your problems doesn't mean it
has no value. Anything that can reduce the amount of inspection you have
to do @ content, and filters out the gross cruft, buys you additional
network and systems capacity, using what you have now (firewall, mail
relay). This is
Barracuda, or you could build the exact same thing using OSS.
Procmail, Spamassasin, ClamAV, and your choice of RBLs (or use
karmashpere to custom roll a hybrid one).
> -Original Message-
> From: Suresh Ramasubramanian [mailto:[EMAIL PROTECTED]
> Sent: Monday, June 23, 2008 7:16 AM
>
You can easily make IP reputation scale to IPV6 using the APL RRTYPE.
See RFC3123
> -Original Message-
> From: Colin Alston [mailto:[EMAIL PROTECTED]
> Sent: Monday, June 23, 2008 8:18 AM
> To: Paul Vixie
> Cc: [EMAIL PROTECTED]
> Subject: Re: EC2 and GAE means end of ip address reput
on Sun, Jun 22, 2008 at 01:24:43PM -0500, Al Iverson wrote:
> I'm not going to pretend I manage inbound mail service for
> thousands-to-millions of users (as most of the participants of other
> lists like SPAM-L are fond of imagining themselves), but I know enough
> about how IP reputation systems
Frank Bulk - iNAME wrote:
When I hear "cloud services" I think "in the network" even though it appears
all these cloud services perform their work at a data center as an
outsourced service.
Is there a vendor that makes a product that perform spam/malware filtering
literally in the network, i.e.
Interesting. I was more thinking of the Turntide approach which operates
within the network stream than Mailchannels which appears to operate on the
same server as the MTA, but in front of it.
Frank
-Original Message-
From: Suresh Ramasubramanian [mailto:[EMAIL PROTECTED]
Sent: Monday,
Thanks. Even with TLS, the destination port (either 25 or 365) is
well-known, right, as is the source IP? At the minimum RBLs could be used
for that encrypted traffic.
Frank
-Original Message-
From: Joel Jaeggli [mailto:[EMAIL PROTECTED]
Sent: Monday, June 23, 2008 2:20 PM
To: [EMAI
Hello Kevin ,
On Sat, 21 Jun 2008, Kevin Blackham wrote:
And in my experience (many years back), a nokia handset would start
draining its ups as soon as it got a full charge, requiring daily
reseat of the supply cord. YMMV so test and retest.
On 6/21/08, Phil Regnauld <[EMAIL PROTECTED]
On Mon, 23 Jun 2008 14:28:04 EDT, Steven Champeon said:
> Now, if the entire 'Net moved to a cloud computing model, I could agree
> with Paul that this would be the end of IP reputation. But I'm only
> aware of two such services (Amazon EC2 and Media Temple's
> gridserver.com) in widespread use, so
Hello everyone,
Over the past two years, there's been a trend toward doing more and
more analysis and reporting based on passive traffic analysis.
We started out using SPAN sessions to produce an extra copy of all of
our transit links for these purposes. But the Cisco limits of two
SPAN sessions
Frank Bulk wrote:
Thanks. Even with TLS, the destination port (either 25 or 365) is
well-known, right, as is the source IP?
And 587 though that's generally your customers, who are going authenticate.
At the minimum RBLs could be used
for that encrypted traffic.
Yeah, given that that poi
On Mon, Jun 23, 2008 at 6:01 PM, Frank Bulk - iNAME iname.com> wrote:
> Is there a vendor that makes a product that perform spam/malware
filtering
> literally in the network, i.e. as a service provider, can I
provide spam
> filtering for the enterprises in my customer base by adding a
piece o
[EMAIL PROTECTED] writes:
> One could argue that the "botnets for rent" business model is in more
> widespread use than either EC2 or gridserver...
>
> I'm unclear whether that statement needs a smiley or not...
i'd say that since EC2 won't be shut down when it's found out about, that
you need a
On 24/06/2008, at 8:32 AM, Ross Vandegrift wrote:
I've been thinking about a move to a system based on optical taps of
each of the links. I'd aggregate these links into something like a
3750 and use remote-span VLANs to pass the traffic onto servers that
sniffing on their interface on that 3750.
On 24/06/08 01:04, Martin Barry wrote:
> $quoted_author = "Bernard Becker" ;
>> Looking for recommendations for carrier neutral co-lo facility for Melbourne
>> Australia. Our searches so far seem to turn up sites either on Telstra or
>> Optus affiliated co-lo facilities. We need to be in a carrier
Ken:
Thanks for the info, but that still requires the domain owner to change
their MX records. I was wondering if there was something that could
literally be placed in the flow of traffic, like an FWSM in transparent
mode.
Frank
-Original Message-
From: Ken Simpson [mailto:[EMAIL PROTEC
Right, port 587 would require SMTP authentication.
I'm no routing expert, but can tens of thousands of /32s be excluded using
BGP communities?
I don't know if spammers are going to be using TLS in a big way soon, though
I'll admit I've not measured. As long TLS usage is low, examining TCP port
On Mon, Jun 23, 2008 at 11:14 PM, Tomas L. Byrnes <[EMAIL PROTECTED]> wrote:
> Barracuda, or you could build the exact same thing using OSS.
>
> Procmail, Spamassasin, ClamAV, and your choice of RBLs (or use
> karmashpere to custom roll a hybrid one).
Hate to point out the obvious, but ... That is
I thought I'd sent this a couple of hours ago
APNIC are aware of the problem and
things have partially recovered though the arin and ripe
name-servers still SERVFAIL
the second run of our delegation-checking script this morning
started complaining about our 203.in-addr zones and it seems
there is
We started out with SPAN ports, then moved on to Netoptics taps.
Lately we've been using a combination of Cisco Netflow (from remote routers),
and native Argus flows (from local taps) where we need more details.
Flows are useful to answer "What happened X minutes/hours/days ago?",
and where you d
On Tue, Jun 24, 2008, Suresh Ramasubramanian wrote:
> Hate to point out the obvious, but ... That isnt "network gear" as such.
>
> It is an appliance that'll require repointing of MX records
Please don't tell my test kit at home; Cisco WCCPv2 redirects TCP/25 as easy
as it does TCP/80(*1). No MX
http://www.wired.com/science/discoveries/news/2008/06/dayintech_0623
June 23, 1983: DNS Test Sets Stage for Internet Growth
1983: Paul Mockapetris and Jon Postel run the first successful test of the
automated, distributed Domain Name System. DNS will lay the foundation for
the massive expansio
On Mon, Jun 23, 2008 at 10:31 PM, Frank Bulk - iNAME <[EMAIL PROTECTED]> wrote:
> Ken:
>
> Thanks for the info, but that still requires the domain owner to change
> their MX records. I was wondering if there was something that could
> literally be placed in the flow of traffic, like an FWSM in tra
Frank Bulk - iNAME wrote:
Right, port 587 would require SMTP authentication.
I'm no routing expert, but can tens of thousands of /32s be excluded using
BGP communities?
The sort of depends on how many fib entries you want to burn on not
forwarding traffic...
the argument in this thread ho
Date: Mon, 23 Jun 2008 20:47:17 -0700
From: Joel Jaeggli <[EMAIL PROTECTED]>
Subject: Re: Cloud service [was: RE: EC2 and GAE means end of ip
address reputation industry? (Re: Intrustion attempts from Amazon
EC2
IPs)]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Message-ID: <[
Source IP blocking makes up a large portion of today's spam arrest approach,
so we shouldn't discount the CPU benefits of that approach too quickly.
I'm not sure where today's technology is in regards for caching the first 1
to 10kB of a sessiononce enough information is garnered to block, i
AAPT are pretty far from being carrier neutral these days
On Tue, Jun 24, 2008 at 11:34 AM, Julien Goodwin <[EMAIL PROTECTED]>
wrote:
> On 24/06/08 01:04, Martin Barry wrote:
> > $quoted_author = "Bernard Becker" ;
> >> Looking for recommendations for carrier neutral co-lo facility for
> Melb
41 matches
Mail list logo
