Right now SMTP AUTH is a bit more useful because the mailer can directly
identify the compromised subscriber. But I expect this to also be
short-lived. Eventually the compromised computers will start passing
authentication information.
SMTP AUTH and 587 might not be silver bullets but they can
The newly reorganizaed Anti-Spam Research Group has set up some new
subgroups to see if we can get some work done. Our slant is sort of
applied research; it's stuff that's not ready for the standards track yet,
but isn't blue sky.
Several of the groups have a lot of operational relevance,
At 04:25 PM 2/10/2004, Paul Vixie wrote:
[EMAIL PROTECTED] (JC Dill) writes:
Just as Canter and Siegel's green card spam was a novel way to (ab)use
SMTP for Canter and Siegel's profit, ten years later Verisign develops
Sitefinder [1] - a novel way to (ab)use DNS requests for Verisign's
First, a quick thanks to everyone that responded. I've received useful and excellent
info from everyone.
We do not block on 25 outbound/inbound, but we are considering it for the residential
broadband connections - maybe filter, proxy, or at least monitor it.
I should clarify one thing:
Well, over here we have gone that route, and we're a National ISP/NSP.
Customers can either A) Run their own mail servers, which makes them
responsible for the use (or abuse) of their own mail server, or,
B) If they choose to purchase mail services from us, we require
authentication (via
In article [EMAIL PROTECTED],
Lou Katz [EMAIL PROTECTED] wrote:
On Wed, Feb 11, 2004 at 03:13:30PM -0500, Sean Donelan wrote:
On Wed, 11 Feb 2004 [EMAIL PROTECTED] wrote:
On Wed, 11 Feb 2004 11:15:20 PST, Dave Crocker said:
what about port 25 blocking that is now done by many access
Hi all -
For those of you who could not attend the BOF, here are my notes from the
Peering BOF. Comments welcome -
Peering BOF VII - NANOG 30 - Miami
2/10/2004 7PM
Moderator: William B. Norton
We were at capacity in
We've been seeing the following on all of our (9.2.1) authoritative
nameservers since approximately 10am today. Googling has turned up
nothing; I'm currently trying to glean some useful netflow data. Just
wondering if this is local, or if others have suddenly seen the same.
Seems harmless
On Thu, Feb 12, 2004 at 08:48:06PM +, Miquel van Smoorenburg wrote:
In article [EMAIL PROTECTED],
Lou Katz [EMAIL PROTECTED] wrote:
On Wed, Feb 11, 2004 at 03:13:30PM -0500, Sean Donelan wrote:
On Wed, 11 Feb 2004 [EMAIL PROTECTED] wrote:
On Wed, 11 Feb 2004 11:15:20 PST, Dave
Hello Everyone,
To finish up on this mini-thread, I found this:
http://www.maxmind.com/geoip
MaxMind GeoIP - Obtain the Country, Region, City, Latitude, and
Longitude of any IP address.
scott
: : I'm however pursuing this issue futher and see it as that rather then
: :
Once upon a time, Brian Wallingford [EMAIL PROTECTED] said:
We've been seeing the following on all of our (9.2.1) authoritative
nameservers since approximately 10am today. Googling has turned up
nothing; I'm currently trying to glean some useful netflow data. Just
wondering if this is
--On 12 February 2004 14:07 -0800 Lou Katz [EMAIL PROTECTED] wrote:
I can locally submit to my mailserver, but if it tries to make an outbound
connection on port 25 to a client's mailserver, and that is blocked, than
all confidentiality of business or personal communication is gone.
Since when
At 05:31 PM 2/12/2004, Brian Bruns wrote:
On Thu, February 12, 2004 4:52 pm, Brian Wallingford said:
We've been seeing the following on all of our (9.2.1) authoritative
nameservers since approximately 10am today. Googling has turned up
nothing; I'm currently trying to glean some useful
On Thu, 12 Feb 2004, Chris Adams wrote:
Once upon a time, Brian Wallingford [EMAIL PROTECTED] said:
We've been seeing the following on all of our (9.2.1) authoritative
nameservers since approximately 10am today. Googling has turned up
nothing; I'm currently trying to glean some useful
On 12 Feb 2004, at 16:52, Brian Wallingford wrote:
We've been seeing the following on all of our (9.2.1) authoritative
nameservers since approximately 10am today. Googling has turned up
nothing; I'm currently trying to glean some useful netflow data. Just
wondering if this is local, or if
Brian Bruns wrote:
On Thu, February 12, 2004 4:52 pm, Brian Wallingford said:
We've been seeing the following on all of our (9.2.1) authoritative
nameservers since approximately 10am today. Googling has turned up
nothing; I'm currently trying to glean some useful netflow data. Just
Brian Bruns wrote:
On Thu, February 12, 2004 4:52 pm, Brian Wallingford said:
We've been seeing the following on all of our (9.2.1) authoritative
nameservers since approximately 10am today. Googling has turned up
nothing; I'm currently trying to glean some useful netflow data. Just
wondering
On Thu, 12 Feb 2004 22:44:50 GMT, Alex Bligh said:
Since when was anything sent over port 25 confidential?
Since Phil Zimmerman decided to do something about it.
And quite frankly, he was right - that's the only way to do it right.
(I'm going to pretend that the S/MIME equivalents are in fact
Brian Wallingford wrote:
Feb 12 16:25:07 ns1 named[3150]: socket.c:1100: unexpected error:
Hmm. A few weeks ago I started noticing some similiar messages that I
had not ever seen before:
Jan 29 18:21:52 named[658]: socket.c:1100: unexpected error:
Jan 29 18:21:52 named[658]: internal_send:
On Thu, 12 Feb 2004 18:54:10 MST, Mike Lewinski [EMAIL PROTECTED] said:
FWIW, only a small percentage of the updates were generating this error
# grep -c '210.22.158.126.*denied' messages.2
1375
# grep -c socket.c messages.2
24
Your kernel probably distinguishes between attempted
[EMAIL PROTECTED] wrote:
Multicast ends at 239.255.255.255, unless somebody dorked with the
RFCs while I wasn't looking, and failed to update the listing at
http://www.iana.org/assignments/ipv4-address-space while they were at it.
Doh! knew I should have checked ;-)
Folks,
SD SMTP Auth is not the silver bullet to solve the spam problem. As it
SD becomes more widely deployed, it will become less effective. It only
SD appears to work now because SMTP AUTH is still a bit of a niche.
The problem is that this puts it into the category of being an arms
race
On Thu, 12 Feb 2004 22:58:18 -0800, Dave Crocker wrote:
To attack spam, we need to attack it at its core, not at some secondary or
tertiary side-effect, with a mechanism that also hurt legitimate users.
So, what, exactly, _is_ that core?
Unless and until there is broad community consensus
23 matches
Mail list logo