RE: [swinog] DNS maintenance ns1.tiscali.ch / ns2.tiscali.ch
Did you try: $ dig +short tiscali.ch soa ns1.tiscali.ch. hostmaster.ch.tiscali.com. 2004121302 10800 3600 604800 86400 That one too ? Evidently not, otherwise I would have received it :- - Fabian ___ swinog mailing list [EMAIL PROTECTED] http://lists.init7.net/cgi-bin/mailman/listinfo/swinog
RE: [swinog] Mail sent to bluewin hostcenter customers: 451 Exhausted MX records for domain
Hello Martin, Thanks for any pointers or the phone-number of the bluewin mailadmin. Martin From our experiences [EMAIL PROTECTED] should be able to help you rather quickly. That mailbox is read and well maintained. And yes, we've seen that error too. Looks like some kind of too many connections problem to me, probably because of the recent Sobig flood. cheers, - Fabian ___ swinog mailing list [EMAIL PROTECTED] http://lists.init7.net/cgi-bin/mailman/listinfo/swinog
RE: [swinog] ns1.ip-plus.net
EHLO, Did anyone else also noticed that 164.128.36.34 is no longer responding to DNS queries from non ip-plus ip-addresses? Maybe, swisscom is trying to save some bandwidth... They're rather trying to prevent Spammers (and other scum) from abusing their DNS servers, by disabling recursion for non-trusted hosts. Have a look at: http://www.securityfocus.com/archive/1/336958/2003-09-06/2003-09-12/0 cheers, - Fabian ___ swinog mailing list [EMAIL PROTECTED] http://lists.init7.net/cgi-bin/mailman/listinfo/swinog
RE: [swinog] Kassensturz
have a look at the filepaths listet below (and put them into your webbrowser) .. oops :) the question is: which door is not closed? Exactly. With a little bit of 'fantasie' you'll find the mysql user, db name and password in clear text.(nice pw, btw). :) We should really make a story about kassensturz and their idea of 'security'. - Fabian -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
RE: [swinog] Contacts Swissonline / Hispeed
EHLO, Is Cablecom the only target, or other ISPs experienced the same attacks? We're experiencing such large attacks every few weeks and there's not much you can do against it. The attackers use open proxies and infected home pc's to connect to the MTAs, each connections only scans for a few RCPT's (10-20). Sometimes we see 900 simultaneous connections on each MTA from such hosts. One of the largest attacks we experienced was in December last year, it lasted about 5 days. Our MTAs are constantly scanned for valid recipients, but usually only from 50-80 simultaneous connections per MTA (we're not considering this an 'attack' [anymore]). Although we've set a delay of 40 seconds after an invalid RCPT TO: the attackers won't give up. Just to give a little statistic: During the last minute (16:12:00 to 16:12:59) we've seen a total 522 invalid RCPT's from 80 different hosts on our MTAs. Sucks to be an MTA these days :( cheers, Fabian Uebersax System Engineer Tiscali AG -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
RE: [swinog] MX Swissonline Down?
EHLO, Secondly, what about this: - Transcript of session follows - while talking to mx.hispeed.ch.: DATA 550 5.7.1 [EMAIL PROTECTED]... Fix reverse DNS for 217.118.195.58 or use your ISPs mail server I have a reverse entry for my 217.xxx ... Any clues? Hmm, doesn't work for me: - # dig -x 217.118.195.58 ; DiG 9.2.3 -x 217.118.195.58 ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NXDOMAIN, id: 17103 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 - Well, at least you're able to establish a _connection_ to mx.hispeed.ch :- Our server IP range was blocked there for days and days but after a gazillion of mails and phone calls I finally found a friend of mine whose friend is a friend [...] of someone who works at cablecom and happens to be sitting next to the cablecom mailserver admin. So finally they added a -j ACCEPT rule for our MTAsduh! Let's see if I can find out any contact information of that admin BTW, the following explanations were given to me: - cablecom applies filters whenever they feel like - no-one gets informed when a filter is added - the filter will remain active until the admin of the IP / IP range that was filtered contacts cablecom - they do not read mails sent to [EMAIL PROTECTED]/swissonline.ch, quote there are simply too many mails coming in there so it's easier to simply /dev/null all of them sigh! cheers, - Fabian -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
RE: [swinog] Somebody from Tiscali on this List?
Hi Tiscali :-) EHLO, So could somebody from Tiscali Switzerland please tell them to fix their system or explain to me why they block all my emails? I'll try to reach someone from Italy, let's see... cheers, - Fabian -- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/