[swinog] Anyone from pcloud.com Zug on this List
Hi If anyone from pcloud.com is reading this list. Could you please quickly get in contact with me? I know why your domain is listed on the SWINOG URIBL. I would like to look into the root cause. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Any contact to sunrise / chello.at / libertyglobal Postmaster
Hi We have a case of emails reproducible disappearing to one specific sunrise recipient. The recipient is quite sure, he has not activated any filtering rule in his sunrise webmail. He requests us as the ISP of the sender, to investigate the issue 'from the source'. We see in our logs: mx0.sunrise.ch has address 213.46.255.61 is happily accepting the email with 200 OK. No late bounce can be found. Does anyone know, how to contact chello.at for such issue? I have tried the contacts registered @ RIPE for this range. They are either 'not in charge and don't know who is' or do not respond. Sunrise seems not to know how to open a case with chello for such an issue (as last time we faced such an issue). -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Email Outage @ NZZ?
Hi Thanks for the help. Issue found. I hate Fail2ban! -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: Email Outage @ NZZ?
Hi According to NZZ we are rejecting all emails with sender domain @bounce.email.nzz.ch with "Receiving email server is temporarily overwhelmed with delivery attempts, from you and other senders". Unfortunately their feedback is very vague, no logs or exact times of issue from their side. I can't find any such emails in our log, but I see some are SRS forwarded from bluewin, VTX, Hostpoint etc. and do reach us. Unfortunately I have no access (without customer permission) to the content and therefore can not glimpse at the email headers to find the true origin. Could somebody do me a favour: From which IP Address do you see emails with envelope domain @bounce.email.nzz.ch being delivered? It used to be salesforce: 13.111.14.63 until 17. August, but I fear this changed, which causes the issue, as I have seen at least one email delivered with this domain, failing SPF from an IP belonging to Liberty Global Austria if this was not some broken forwarding attempt. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: DNSSEC auto-disabled by SWITCH on some .ch domains?
Am Mon, 1 May 2023 15:48:16 +0200 schrieb Benoît Panizzon via swinog : > Some update > > It looks like Gandi at least messed up their Registrar UI. Gandi Support confirmed the issue. Their API is getting stuck while trying to remove no longer existing DS entries from the ch TLD, preventing adding new ones. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: DNSSEC auto-disabled by SWITCH on some .ch domains?
Hi Daniel > The nerd answer is that you can use Automated DNSSEC Provisioning [1] > to enable DNSSEC. This also sends an EPP poll message to your > registrar to update locally cached state information about a domain > name. Yes, trying to understand, how I correctly get rid of my old RRSIG entries without shooting myself in the foot, I came across this whole new dnssec-policy and automatic publishing CDS records via Bind. Not sure if I have yet fully understood the mechanics. But I have tentatively set it up now and I'll see, if this somehow, by the magic of the internet, caused my DS entries to get refreshed. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: DNSSEC auto-disabled by SWITCH on some .ch domains?
Some update It looks like Gandi at least messed up their Registrar UI. From their point of view, my 'algo 5' .ch domains have still DNSSEC active but deleting DS or disabling DNSSEC hangs forever and upon reloading my old algo 5 keys are back. I guess they perform some API calls to Switch and this fails, because both disagree on the DNSSEC status? -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: DNSSEC auto-disabled by SWITCH on some .ch domains?
Hey > To the partners at least, in October 2022 informing them that > anything containing digest-type 1 and/or key algorithm 5 oder 7 are > no longer supported and will be deleted. This was done last week and > digest-type 2 and key algorithm should be used. Since end of January > 2023 you could not use them anymore. Darn, thank you for the hint! I'm also affected and missed the phase out of those algos. Guess I have to read: https://www.dns.cam.ac.uk/news/2020-01-15-rollover.html I wonder why my registrar never noticed me he would delete my DS records disabling DNSSEC on my domains. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Anyone IT/Email/Marketing contact at United Nations or Geneva Forum or Objectif Sciences International
Hi all Does anyone have a contact to the IT or more precisely Email / Marketing Department of the UN Geneva Forum aka Objectif Sciences International? https://www.osi-ngo.org/ They most probably have acquired an email list containing SWINOG Spamtraps and using this to advertised their science activities, getting shared Office365 IP addresses, used by the UN and other Swiss Office365 customers, blacklisted. I was in contact with the OSI Geneva Forum CEO, but he was not successful in finding anyone in charge. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: DNSSEC issue with swizzonic DNS servers?
Hi Markus > the name server from swizzonic is not supposed to provide you with a > answer to all the queries. I guess if I point to our recursive validating caching NS and it does not possess this data in it's cache, it will start by following from the root by asking for _.numberportability.ch to avoid revealing which host it is exactly looking for until it reaches the authoritative DNS for that zone and then ask this one directly for the desired RR. I guess this is where something is breaking the chain. I also don't see why the swizzonic DNS which is the authoritative primary should not answer to all queries. Well of course the DNSSEC chain (Signed DS entries) has to be followed from the root over ch. to swizzonic. But everything else should be obtainable from the authoritative server for that zone, right? Right now, all needed RR within numberportability.ch resolve ok. So maybe the now found and fixed he issue. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Re: DNSSEC issue with swizzonic DNS servers?
Hi Markus Thank for the hint regarding the delv tool. The issue is back this morning: $ delv @dns1.swizzonic.ch www.numberportability.ch ;; chase DS servers resolving 'numberportability.ch/DS/IN': 2a01:8100:2901::1:183:201#53 ;; REFUSED unexpected RCODE resolving 'ch/NS/IN': 195.110.124.196#53 ;; REFUSED unexpected RCODE resolving 'ch/NS/IN': 2a01:8100:2901::1:183:201#53 ;; REFUSED unexpected RCODE resolving './NS/IN': 195.110.124.196#53 ;; REFUSED unexpected RCODE resolving './NS/IN': 2a01:8100:2901::1:183:201#53 ;; REFUSED unexpected RCODE resolving 'ch/DS/IN': 2a01:8100:2901::1:183:201#53 ;; REFUSED unexpected RCODE resolving 'ch/DS/IN': 195.110.124.196#53 ;; broken trust chain resolving 'numberportability.ch/DNSKEY/IN': 195.110.124.196#53 ;; broken trust chain resolving 'www.numberportability.ch/A/IN': 2a01:8100:2901::1:183:201#53 ;; resolution failed: broken trust chain Does anyone have a contact to a DNS technician working @ Swizzonic. Preferably with a phone number. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch
[swinog] Anyone else having email issues with Metanet?
Hi List Yes, I am already in contact with Metanet techs. We have a very strange issue with two of their email servers. Connecting to Port 25 starts fine. SYN, SYN-ACK but then we start seeing re-transmits until the connections times out. This first happened to one of their server, then to another one, the the first server became reachable again at the beginning of this week, the second one still causes the same problem. The Problem also occurs the other way round. Metanet is unable to establish tcp connection to port 25 on rrmx.imp.ch Is anyone else seeing such an issue, either to metanet or towards our rrmx.imp.ch? Has anyone any clue what could cause such an issue? I compared traces of tcp connections to both of the affected metanet servers, to the working one and to the one causing re-transmits. The two initial SYN and SYN-ACK look identical and then to one destination the re-transmits start and to the other destination I get the SMTP HELO banner. PS: Yes, I did disable the firewall on our mail-plattform and re-test. This does not seem to be the cause. -- Mit freundlichen Grüssen -Benoît Panizzon- @ HomeOffice und normal erreichbar -- I m p r o W a r e A G-Leiter Commerce Kunden __ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 PrattelnFax +41 61 826 93 01 Schweiz Web http://www.imp.ch __ ___ swinog mailing list -- swinog@lists.swinog.ch To unsubscribe send an email to swinog-le...@lists.swinog.ch