Re: Youtube Geolocation
On Thu, 21 Apr 2011, Dan White wrote: We're experiencing very poor quality with You Tube, and it appears we're subject to a bad entry within a geolocation database somewhere. I'm not sure about Youtube, but Google seems to do some some clever but annoying things with correlating requests going through a recursive nameserver with the location of those browsers. If a bunch of browsers in Atlanta use a recursive nameserver in Los Angeles, Google after a while seems to start offering that nameserver Google server IPs close to Atlanta to give back to its clients. This internet draft might be part of a related work: http://tools.ietf.org/html/draft-vandergaast-edns-client-subnet-00 When we attempt to view videos, the contact comes back to us from IPs like: I ran into this problem while running a Tor exit node (which seems to terribly screw with this mechanism) and played with it for a while. I found my nameserver being offered Google server IPs all over the globe; one week it would be London, the next week Germany, then New York, etc. My problem was first solved by changing my browser to use recursive nameservers in a different /24 (changing the last octet didn't seem to help) and later by changing Tor itself to use Google's own 8.8.8.8 nameservers, which caused the problem to go away for other clients of my nameserver. Try using nameservers on a different /24 and see if the problem goes away. -- Aaron
best of breed nowadays in DPI space?
I have been recently researching DPI for several projects I am working on, and I recently came across this shoot out between several vendors in 2009 http://www.internetevolution.com/document.asp?doc_id=178633page_number=1 Procera (at that time) emerged the winner for its ability to process P2P traffic (out of 15 participants), and I was wondering what new players, features, or products others might point me to. I am looking for something that does reporting *and* DPI in a distributed environment. That means, I might have several DPI gateways around the country that need to roll up their reporting into one main one. (I also have some other requirements as far as measuring churn reduction and cellular offloading, but I'm not sure that any of the DPI solutions can really do that well.) If anyone has any good contacts in this space, please let me know and I might discuss with them in more detail these opportunities that I'm looking for. -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com
Re: best of breed nowadays in DPI space?
Those interest in knowing more about the DPI + mobility space (what I'm looking at) might want to check out this Jan 2011 whitepaper. http://www.qosmos.com/resources/whitepapers/new-dpi-challenges-opportunities-lte-era (sorry, sign up required) Not very technical, but a good overview on the subject as it pertains to LTE. -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com On Fri, Apr 22, 2011 at 4:06 PM, Rogelio scubac...@gmail.com wrote: I have been recently researching DPI for several projects I am working on, and I recently came across this shoot out between several vendors in 2009 http://www.internetevolution.com/document.asp?doc_id=178633page_number=1 Procera (at that time) emerged the winner for its ability to process P2P traffic (out of 15 participants), and I was wondering what new players, features, or products others might point me to. I am looking for something that does reporting *and* DPI in a distributed environment. That means, I might have several DPI gateways around the country that need to roll up their reporting into one main one. (I also have some other requirements as far as measuring churn reduction and cellular offloading, but I'm not sure that any of the DPI solutions can really do that well.) If anyone has any good contacts in this space, please let me know and I might discuss with them in more detail these opportunities that I'm looking for. -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com
Re: best of breed nowadays in DPI space?
...and of possible interest to those following this thread, here is a PCRF to DPI compatibility matrix. http://broabandtrafficmanagement.blogspot.com/p/pcrf-pcefdpi-compatibility-matrix.html So far, it seems like Sandvine and Bridgewater take the cake when it comes to 3G/4G policy controls (pricy, I'm sure) Sept 2010 PR stuff of their relationship http://www.sys-con.com/node/1550689 On Fri, Apr 22, 2011 at 5:46 PM, Rogelio scubac...@gmail.com wrote: Those interest in knowing more about the DPI + mobility space (what I'm looking at) might want to check out this Jan 2011 whitepaper. http://www.qosmos.com/resources/whitepapers/new-dpi-challenges-opportunities-lte-era (sorry, sign up required) Not very technical, but a good overview on the subject as it pertains to LTE. -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com On Fri, Apr 22, 2011 at 4:06 PM, Rogelio scubac...@gmail.com wrote: I have been recently researching DPI for several projects I am working on, and I recently came across this shoot out between several vendors in 2009 http://www.internetevolution.com/document.asp?doc_id=178633page_number=1 Procera (at that time) emerged the winner for its ability to process P2P traffic (out of 15 participants), and I was wondering what new players, features, or products others might point me to. I am looking for something that does reporting *and* DPI in a distributed environment. That means, I might have several DPI gateways around the country that need to roll up their reporting into one main one. (I also have some other requirements as far as measuring churn reduction and cellular offloading, but I'm not sure that any of the DPI solutions can really do that well.) If anyone has any good contacts in this space, please let me know and I might discuss with them in more detail these opportunities that I'm looking for. -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com -- Also on LinkedIn? Feel free to connect if you too are an open networker: scubac...@gmail.com
Re: VPN over slow Internet connections
Original Message Subject: VPN over slow Internet connections From: Ben Whorwood bw...@mube.co.uk To: nanog@nanog.org Date: Thursday, April 21, 2011 11:55:32 AM Dear all, Can anyone share any thoughts or experiences for VPN links running over slow Internet connections, typically 2kB/s - 3kB/s (think 33.6k modem)? We are looking into utilising OpenVPN for out-of-office workers who would be running mobile broadband in rural areas. Typical data across the wire would be SQL queries for custom applications and not much else. Some initial thoughts include... * How well would the connection handle certificate (= 2048 bit key) based authentication? * Is UDP or TCP better considering the speed and possibility of packet loss (no figures to hand)? * Is VPN over this type of connection simply a bad idea? Many thanks in advance. Kind regards, Ben Whorwood I'm not sure what type of SQL you're using, but MySQL and MS SQL both natively support (and can optionally require) SSL'd connections from clients. --Blake
Re: Youtube Geolocation
Aaron Hopkins wrote: Try using nameservers on a different /24 and see if the problem goes away. -- Aaron That's a good point. We've worked with Akamai in the past. Their CDN solution works via DNS resolution. If your DNS servers are in Kansas, you'll get the Akamai servers close to Kansas - whether you're there or not. Akamai uses a combination of GeoIP and network operator contributed IP ranges. For example, if you have an Akamai cache on your network, you specifically tell Akamai what IP ranges should be served from that cache - it doesn't seem to matter if these IP addresses belong to you or not. I'm not sure how they deal with overlap. --Blake
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-st...@lists.apnic.net For historical data, please see http://thyme.rand.apnic.net. If you have any comments please contact Philip Smith p...@cisco.com. Routing Table Report 04:00 +10GMT Sat 23 Apr, 2011 Report Website: http://thyme.rand.apnic.net Detailed Analysis: http://thyme.rand.apnic.net/current/ Analysis Summary BGP routing table entries examined: 355581 Prefixes after maximum aggregation: 160822 Deaggregation factor: 2.21 Unique aggregates announced to Internet: 175365 Total ASes present in the Internet Routing Table: 37371 Prefixes per ASN: 9.51 Origin-only ASes present in the Internet Routing Table: 31313 Origin ASes announcing only one prefix: 15071 Transit ASes present in the Internet Routing Table:5046 Transit-only ASes present in the Internet Routing Table:135 Average AS path length visible in the Internet Routing Table: 4.3 Max AS path length visible: 36 Max AS path prepend of ASN (36992) 29 Prefixes from unregistered ASNs in the Routing Table: 564 Unregistered ASNs in the Routing Table: 275 Number of 32-bit ASNs allocated by the RIRs: 1309 Number of 32-bit ASNs visible in the Routing Table:1012 Prefixes from 32-bit ASNs in the Routing Table:2274 Special use prefixes present in the Routing Table:0 Prefixes being announced from unallocated address space:161 Number of addresses announced to Internet: 2418199616 Equivalent to 144 /8s, 34 /16s and 204 /24s Percentage of available address space announced: 65.2 Percentage of allocated address space announced: 65.2 Percentage of available address space allocated: 100.0 Percentage of address space in use by end-sites: 90.5 Total number of prefixes smaller than registry allocations: 147668 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes:8 Total APNIC prefixes after maximum aggregation: 29965 APNIC Deaggregation factor:2.97 Prefixes being announced from the APNIC address blocks: 85376 Unique aggregates announced from the APNIC address blocks:36841 APNIC Region origin ASes present in the Internet Routing Table:4419 APNIC Prefixes per ASN: 19.32 APNIC Region origin ASes announcing only one prefix: 1226 APNIC Region transit ASes present in the Internet Routing Table:700 Average APNIC Region AS path length visible:4.6 Max APNIC Region AS path length visible: 22 Number of APNIC region 32-bit ASNs visible in the Routing Table: 48 Number of APNIC addresses announced to Internet: 610706464 Equivalent to 36 /8s, 102 /16s and 164 /24s Percentage of available APNIC address space announced: 77.4 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079 55296-56319, 131072-132095 APNIC Address Blocks 1/8, 14/8, 27/8, 36/8, 39/8, 42/8, 43/8, 49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 103/8, 106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8, 116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8, 123/8, 124/8, 125/8, 126/8, 133/8, 175/8, 180/8, 182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8, 222/8, 223/8, ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes:140032 Total ARIN prefixes after maximum aggregation:71172 ARIN Deaggregation factor: 1.97 Prefixes being announced from the ARIN address blocks: 112430 Unique aggregates announced from the ARIN address blocks: 45157 ARIN Region origin ASes present in the Internet Routing Table:14334 ARIN Prefixes per ASN: 7.84 ARIN Region origin ASes announcing only one prefix:5473 ARIN Region transit ASes
Looking for XO routing engineer
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Can someone from XO please contact me about this hijacked prefix: 72.44.152.0/24 I see it coming from AS35909 through AS2828. No luck getting anyone on the phone. Thanks George Carey -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.11 (Darwin) iEYEARECAAYFAk2x0jcACgkQJdlqYKAmD6FO2gCeJd6uToUghlKdjNd38JpAP2VZ SnwAoLQbpi9ygjIkCPDCU6TrnPOFc98r =OkTz -END PGP SIGNATURE-
RE: Voice Peering?
Do you need to be a mobile operator to join an IPX/GRX? I know EQUINIX operates I think two IPXs but I do not know witch mobile operator are passing traffic. We are working on a project witch 100% of the outbound voice traffic is going to go to mobiles. There will also be a large volume of SMS/MMS traffic. It would be very useful to peer with the mobile operators. Cheers Ryan -Original Message- From: Cameron Byrne [mailto:cb.li...@gmail.com] Sent: Thursday, April 21, 2011 10:24 AM To: Remco Bressers Cc: nanog@nanog.org Subject: Re: Voice Peering? On Apr 21, 2011 1:59 AM, Remco Bressers re...@signet.nl wrote: I also thought GRX peering was only data and sms. There's a SIP peering point on the NL-IX though. Grx is data only. IPX in theory does voice too but I don't think the take rate is very high. Cb Look at http://www.nl-ix.net/solutions/voice-peering/ for more. Regards, Remco Bressers Signet B.V. AS28878 On 04/21/2011 10:52 AM, Santino Codispoti wrote: Thank you I will look into AMS-IX. I was thinking the GRX platforms where for SMS and Data only. On Thu, Apr 21, 2011 at 4:45 AM, Erik Bais eb...@a2b-internet.com wrote: Hi Santino, Did you had a look at AMS-IX ? They have a grx offering for that. Regards, Erik Bais A2B Internet Verstuurd vanaf mijn iPad Op Apr 21, 2011 om 9:35 heeft Santino Codispoti santino.codisp...@gmail.com het volgende geschreven: I know a few years ago some Vo/IP peering points where started. Are they still around today? I am looking for a solution to hand-off outbound voice calls to mobile operators
Re: gmail dropping mesages
What is the DKIM check result for those messages? May be time to get nanog mailing list DKIM aware? On 4/22/11 13:24 , Bill Blackford bblackf...@gmail.com wrote: I've recently observed gmail dropping messages or not forwarding all messages/posts from the nanog list. This is rather annoying. Has anyone else experienced this? Does anyone have any insight as to why? Thanks,
BGP Update Report
BGP Update Report Interval: 14-Apr-11 -to- 21-Apr-11 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS19743 31254 1.4%4464.9 -- 2 - AS982920367 0.9% 20.2 -- BSNL-NIB National Internet Backbone 3 - AS17974 19362 0.9% 10.6 -- TELKOMNET-AS2-AP PT Telekomunikasi Indonesia 4 - AS11492 19099 0.9% 15.0 -- CABLEONE - CABLE ONE, INC. 5 - AS16586 17967 0.8% 58.0 -- CLEARWIRE - Clearwire US LLC 6 - AS32528 17918 0.8%2239.8 -- ABBOTT Abbot Labs 7 - AS638915224 0.7% 4.2 -- BELLSOUTH-NET-BLK - BellSouth.net Inc. 8 - AS35931 13544 0.6%2257.3 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 9 - AS44609 12775 0.6%4258.3 -- FNA Fars News Agency Cultural Arts Institute 10 - AS845212329 0.6% 14.6 -- TE-AS TE-AS 11 - AS14420 12223 0.6% 18.4 -- CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP 12 - AS45595 11814 0.6% 32.5 -- PKTELECOM-AS-PK Pakistan Telecom Company Limited 13 - AS20115 11671 0.5% 7.4 -- CHARTER-NET-HKY-NC - Charter Communications 14 - AS749111527 0.5% 125.3 -- PI-PH-AS-AP PI-PHILIPINES 15 - AS754511205 0.5% 8.3 -- TPG-INTERNET-AP TPG Internet Pty Ltd 16 - AS432310876 0.5% 4.1 -- TWTC - tw telecom holdings, inc. 17 - AS815110834 0.5% 8.6 -- Uninet S.A. de C.V. 18 - AS28573 10339 0.5% 6.6 -- NET Servicos de Comunicao S.A. 19 - AS172249487 0.4% 169.4 -- ATT-CERFNET-BLOCK - ATT Enhanced Network Services 20 - AS277389133 0.4% 26.9 -- Ecuadortelecom S.A. TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS19743 31254 1.4%4464.9 -- 2 - AS44609 12775 0.6%4258.3 -- FNA Fars News Agency Cultural Arts Institute 3 - AS35931 13544 0.6%2257.3 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 4 - AS32528 17918 0.8%2239.8 -- ABBOTT Abbot Labs 5 - AS496001519 0.1%1519.0 -- LASEDA La Seda de Barcelona, S.A 6 - AS522801442 0.1%1442.0 -- INTERNEXA Chile S.A. 7 - AS329491434 0.1% 717.0 -- UNITED-REFRIGERATION - UNITED REFRIGERATION INC 8 - AS20132 874 0.0% 437.0 -- DSC-AS - Dundee Securities Corporation 9 - AS3 408 0.0% 735.0 -- SL-NET-ASN SL-NET s.c. 10 - AS50364 403 0.0% 403.0 -- INPRIME InPrime Ltd 11 - AS48349 395 0.0% 395.0 -- SICE-IT-AS JSC Siberian Interbank Currency Exchange - Information Technologies 12 - AS52000 761 0.0% 380.5 -- ALDAN-3-AS LTD ALDAN-3 13 - AS11843 700 0.0% 350.0 -- BARNES - Barnes Distribution 14 - AS52126 337 0.0% 337.0 -- IXTERM-AS ixTerm Ltd. 15 - AS46167 325 0.0% 325.0 -- LANDSERVICESUSA - Land Services USA, Inc 16 - AS333623680 0.2% 306.7 -- WIKTEL-NET - Wikstrom Telephone Company, Incorporated 17 - AS38757 569 0.0% 284.5 -- ICONPLN-ID-AP PT. Indonesia Comnets Plus 18 - AS31662 569 0.0% 284.5 -- KNSURSELVA aurax connecta AG 19 - AS36059 284 0.0% 284.0 -- MEDMANAGEMENT-LLC - MedManagement, LLC 20 - AS45310 267 0.0% 267.0 -- PISHON-SMARTNET-AS-ID SMARTNET - Broadband Internet Service. TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 221.121.96.0/199147 0.4% AS7491 -- PI-PH-AS-AP PI-PHILIPINES 2 - 130.36.34.0/24 8943 0.3% AS32528 -- ABBOTT Abbot Labs 3 - 130.36.35.0/24 8943 0.3% AS32528 -- ABBOTT Abbot Labs 4 - 63.211.68.0/22 7754 0.3% AS35931 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 5 - 178.22.72.0/21 6429 0.2% AS44609 -- FNA Fars News Agency Cultural Arts Institute 6 - 178.22.79.0/24 6326 0.2% AS44609 -- FNA Fars News Agency Cultural Arts Institute 7 - 65.122.196.0/246261 0.2% AS19743 -- 8 - 198.140.43.0/245352 0.2% AS35931 -- ARCHIPELAGO - ARCHIPELAGO HOLDINGS INC 9 - 72.164.144.0/245001 0.2% AS19743 -- 10 - 65.162.204.0/244999 0.2% AS19743 -- 11 - 66.238.91.0/24 4997 0.2% AS19743 -- 12 - 65.163.182.0/244996 0.2% AS19743 -- 13 - 66.89.98.0/24 4996 0.2% AS19743 -- 14 - 202.92.235.0/243908 0.1% AS9498 -- BBIL-AP BHARTI Airtel Ltd. 15 - 68.65.152.0/22 3673 0.1% AS11915 -- TELWEST-NETWORK-SVCS-STATIC - TEL WEST COMMUNICATIONS LLC 16 - 202.153.174.0/24 3518 0.1% AS17408 -- ABOVE-AS-AP AboveNet Communications Taiwan 17 - 213.55.75.0/24 2790 0.1% AS24757 -- EthioNet-AS 18 - 213.55.74.0/24 2788 0.1% AS24757 -- EthioNet-AS 19 - 208.54.82.0/24 2734 0.1% AS701 -- UUNET
The Cidr Report
This report has been generated at Fri Apr 22 21:12:05 2011 AEST. The report analyses the BGP Routing Table of AS2.0 router and generates a report on aggregation potential within the table. Check http://www.cidr-report.org for a current version of this report. Recent Table History Date PrefixesCIDR Agg 15-04-11357492 209863 16-04-11357568 209705 17-04-11356846 210150 18-04-11357824 210186 19-04-11358136 210366 20-04-11358373 210576 21-04-11358318 210619 22-04-1135 210705 AS Summary 37468 Number of ASes in routing system 15788 Number of ASes announcing only one prefix 3651 Largest number of prefixes announced by an AS AS6389 : BELLSOUTH-NET-BLK - BellSouth.net Inc. 110418432 Largest address span announced by an AS (/32s) AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street Aggregation Summary The algorithm used in this report proposes aggregation only when there is a precise match using the AS path, so as to preserve traffic transit policies. Aggregation is also proposed across non-advertised address space ('holes'). --- 22Apr11 --- ASnumNetsNow NetsAggr NetGain % Gain Description Table 358798 210633 14816541.3% All ASes AS6389 3651 260 339192.9% BELLSOUTH-NET-BLK - BellSouth.net Inc. AS4323 2641 402 223984.8% TWTC - tw telecom holdings, inc. AS4766 2430 915 151562.3% KIXS-AS-KR Korea Telecom AS6478 1636 214 142286.9% ATT-INTERNET3 - ATT Services, Inc. AS22773 1299 93 120692.8% ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc. AS19262 1495 298 119780.1% VZGNI-TRANSIT - Verizon Online LLC AS18566 1760 662 109862.4% COVAD - Covad Communications Co. AS10620 1437 347 109075.9% Telmex Colombia S.A. AS4755 1454 365 108974.9% TATACOMM-AS TATA Communications formerly VSNL is Leading ISP AS1785 1792 764 102857.4% AS-PAETEC-NET - PaeTec Communications, Inc. AS28573 1281 337 94473.7% NET Servicos de Comunicao S.A. AS7552 1037 117 92088.7% VIETEL-AS-AP Vietel Corporation AS7545 1552 758 79451.2% TPG-INTERNET-AP TPG Internet Pty Ltd AS18101 934 151 78383.8% RELIANCE-COMMUNICATIONS-IN Reliance Communications Ltd.DAKC MUMBAI AS8151 1245 529 71657.5% Uninet S.A. de C.V. AS4808 1034 332 70267.9% CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network AS3356 1145 476 66958.4% LEVEL3 Level 3 Communications AS7303 927 264 66371.5% Telecom Argentina S.A. AS11492 1256 597 65952.5% CABLEONE - CABLE ONE, INC. AS17488 942 300 64268.2% HATHWAY-NET-AP Hathway IP Over Cable Internet AS6503 908 280 62869.2% Axtel, S.A.B. de C.V. AS17676 658 70 58889.4% GIGAINFRA Softbank BB Corp. AS24560 1140 560 58050.9% AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services AS855632 56 57691.1% CANET-ASN-4 - Bell Aliant Regional Communications, Inc. AS14420 663 104 55984.3% CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP AS3549 944 394 55058.3% GBLX Global Crossing Ltd. AS22047 565 30 53594.7% VTR BANDA ANCHA S.A. AS4780 718 188 53073.8% SEEDNET Digital United Inc. AS22561 863 340 52360.6% DIGITAL-TELEPORT - Digital Teleport Inc. AS4804 576 82 49485.8% MPX-AS Microplex PTY LTD Total 38615102852833073.4% Top 30 total Possible Bogus Routes 10.86.64.32/30
Re: gmail dropping mesages
On Fri, Apr 22, 2011 at 9:44 PM, Franck Martin fmar...@linkedin.com wrote: What is the DKIM check result for those messages? Non existent, it's SPF only. This is what GMail sees: Received: from s0.nanog.org (s0.nanog.org [207.75.116.162]) by mx.google.com with ESMTPS id h1si7255610ibn.43.2011.04.22.13.42.53 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 22 Apr 2011 13:42:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of nanog-bounces+askoorb+nanog=gmail@nanog.org designates 207.75.116.162 as permitted sender) client-ip=207.75.116.162; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of nanog-bounces+askoorb+nanog=gmail@nanog.org designates 207.75.116.162 as permitted sender) smtp.mail=nanog-bounces+askoorb+nanog=gmail@nanog.org May be time to get nanog mailing list DKIM aware? On 4/22/11 13:24 , Bill Blackford bblackf...@gmail.com wrote: I've recently observed gmail dropping messages or not forwarding all messages/posts from the nanog list. This is rather annoying. Has anyone else experienced this? Does anyone have any insight as to why? Yes, for example, the message I'm replying to had this at the top of it: Due to a filter you created, this message was not sent to Spam. Edit Filters Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information. Learn more So GMail thinks it's a phishing message :-/ Quite a lot of my Nanog messages are marked as spam, which is why I created a filter to not send any messages with a list ID header with nanog.nanog.org in it to spam at all. The only way for Nanog to get round this would be for the mail administrator to follow *every* step at https://mail.google.com/support/bin/answer.py?answer=81126 which basically is: - Explicit SPF with hard fail. - Signing with DKIM or DomainKeys. - Useing a consistent IP address to send bulk mail. - Keeping valid reverse DNS records for the IP address(es) from which mail is sent, pointing to the sending domain. - Use the same address in the 'From:' header on every bulk mail that is sent. - Using the Precedence: bulk header. - Up-to-date contact information in the WHOIS record, and on abuse.net. But the list administrator would have to do all of that faff. Alex
Re: gmail dropping mesages
On 4/23/11 10:41 , Alex Brooks askoorb+na...@gmail.com wrote: On Fri, Apr 22, 2011 at 9:44 PM, Franck Martin fmar...@linkedin.com wrote: What is the DKIM check result for those messages? Non existent, it's SPF only. My point. This is what GMail sees: Received: from s0.nanog.org (s0.nanog.org [207.75.116.162]) by mx.google.com with ESMTPS id h1si7255610ibn.43.2011.04.22.13.42.53 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 22 Apr 2011 13:42:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of nanog-bounces+askoorb+nanog=gmail@nanog.org designates 207.75.116.162 as permitted sender) client-ip=207.75.116.162; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of nanog-bounces+askoorb+nanog=gmail@nanog.org designates 207.75.116.162 as permitted sender) smtp.mail=nanog-bounces+askoorb+nanog=gmail@nanog.org May be time to get nanog mailing list DKIM aware? On 4/22/11 13:24 , Bill Blackford bblackf...@gmail.com wrote: I've recently observed gmail dropping messages or not forwarding all messages/posts from the nanog list. This is rather annoying. Has anyone else experienced this? Does anyone have any insight as to why? Yes, for example, the message I'm replying to had this at the top of it: Due to a filter you created, this message was not sent to Spam. Edit Filters Warning: This message may not be from whom it claims to be. Beware of following any links in it or of providing the sender with any personal information. Learn more So GMail thinks it's a phishing message :-/ Because from: may be from a domain which is known to DKIM sign everything (like gmail). Quite a lot of my Nanog messages are marked as spam, which is why I created a filter to not send any messages with a list ID header with nanog.nanog.org in it to spam at all. The only way for Nanog to get round this would be for the mail administrator to follow *every* step at https://mail.google.com/support/bin/answer.py?answer=81126 which basically is: - Explicit SPF with hard fail. - Signing with DKIM or DomainKeys. - Useing a consistent IP address to send bulk mail. - Keeping valid reverse DNS records for the IP address(es) from which mail is sent, pointing to the sending domain. - Use the same address in the 'From:' header on every bulk mail that is sent. - Using the Precedence: bulk header. - Up-to-date contact information in the WHOIS record, and on abuse.net. But the list administrator would have to do all of that faff. No, it is mailman, just upgrade mailman. Recent versions are more DKIM aware... More info: http://tools.ietf.org/html/draft-ietf-dkim-mailinglists-06
Re: gmail dropping mesages
On 4/22/2011 4:01 PM, Franck Martin wrote: On 4/23/11 10:41 , Alex Brooksaskoorb+na...@gmail.com wrote: On Fri, Apr 22, 2011 at 9:44 PM, Franck Martinfmar...@linkedin.com wrote: What is the DKIM check result for those messages? Non existent, it's SPF only. My point. Nearly all of the spam I see is DKIM signed. It just makes messages bigger. I'd just as soon our volunteers spend their times on other things, myself. -- The person becomes vulnerable to all manner of fads, such as astrology, superstitions, economics, and tarot-card reading. The Black Swan, by Nassim Nicholas Taleb
Re: gmail dropping mesages
On 4/21/11 9:24 PM, Bill Blackford wrote: I've recently observed gmail dropping messages or not forwarding all messages/posts from the nanog list. This is rather annoying. Has anyone else experienced this? Does anyone have any insight as to why? I've read the thread, and ironically all messages from Franck Martin in this thread were sent to spam by gmail. None of the others! This is like an earlier thread: Previous Message Subject: Re: sudden low spam levels? Date: Tue, 04 Jan 2011 10:10:24 -0500 From: William Allen Simpson william.allen.simp...@gmail.com To: nanog@nanog.org On 1/3/11 6:42 PM, Jay Farrell wrote: I noticed a substantial drop in spam in my gmail account in recent days, from several hundred a day to maybe a hundred. Ironically, gmail filtered this thread to my spam folder. Yes, I found these messages my gmail spam today, too. Lately, gmail has been regularly flagging NANOG as spam, particularly the end of week CIDR and BGP reports.