On Sun, 13 Apr 2008, Barry Shein wrote:
>
> For example, and it's only an example don't quibble the example,
> defining a list of return SMTP codes which are actually specific and
> meaningful like (let's assume they should be 5xx, maybe 7xx would be a
> better start? Policy failure codes)
> [..
On Mon, 14 Apr 2008, Edward B. DREGER wrote:
>
> When it comes to establishing trust:
>
> * The current SMTP model is O(N^2);
In practice it's O(N): small-to-medium-sized email systems rely on
external reputation providers (blacklists or anti-spam service providers)
rather than creating their own
On Tue, 25 Mar 2008, Dorn Hetzel wrote:
>
> A close second might be liquid cooled air tight cabinets with the air/water
> heat exchangers (redundant pair) at the bottom where leaks are less of an
> issue (drip tray, anyone? :) )...
Something like what you suggest has been around for a year or two
On Fri, 22 Feb 2008, Roland Perry wrote:
>
> I would not be surprised to learn that "consumption in the ARIN region"
> includes all the legacy assignments.
Many legacy assignments are now administered by the other RIRs
http://www.iana.org/assignments/ipv4-address-space
Tony.
--
f.a.n.finch <[E
On Tue, 15 Jan 2008, Randy Bush wrote:
>
> > Fallback to A should be removed sure sounds like a plan.
>
> great idea. it will only break mail to 42% of the internet.
Randy's right, though it's email *from* 42% of the Internet that's the
biggest problem. [rant about email from shitty php web form
On Tue, 15 Jan 2008, Mark Andrews wrote:
>
> Since there is no [MX] fallback to
Wrong. http://www1.ietf.org/mail-archive/web/ietf/current/msg49841.html
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
FISHER GERMAN BIGHT: SOUTHERLY BECOMING CYCLONIC THEN WESTERLY 7 TO SEVE
On Mon, 14 Jan 2008, Suresh Ramasubramanian wrote:
> On Jan 13, 2008 9:55 PM, Tony Finch <[EMAIL PROTECTED]> wrote:
> > On Sun, 13 Jan 2008, Suresh Ramasubramanian wrote:
> > >
> > > One operationally better way to go seems to be Mark Delany's mx0dot
&
On Sun, 13 Jan 2008, Suresh Ramasubramanian wrote:
>
> One operationally better way to go seems to be Mark Delany's mx0dot
> proposal, which started out as an internet draft, but seems to have
> lost momentum .. the concept is sound though.
Exim implements this convention.
Tony.
--
f.a.n.finch
On Thu, 11 Oct 2007, Mikael Abrahamsson wrote:
>
> If it's multicast TV I don't see the problem, it doesn't increase your
> backbone traffic linearly with the number of people doing it.
However if you have UK-style ADSL ppp backhaul then multicast doesn't
help.
Tony.
--
f.a.n.finch <[EMAIL PRO
On Sat, 6 Oct 2007, Joel Jaeggli wrote:
> [EMAIL PROTECTED] wrote:
> >
> > And P2P is the main way to reduce the overall load that video places
> > on the Internet.
>
> We could have used IP Multicast, but nobody on the consumer side wanted
> to carry state instead of packets.
Multicast works whe
On Thu, 27 Sep 2007, Ken Simpson wrote:
>
> RBLs are only effective against perhaps 50% of spam traffic, because
> so much of it comes from never-seen-before zombies.
I'm seeing 80%-90% of spam blocked by the Spamhaus ZEN list, which
includes the PBL for blocking home computers, infected or not.
On Tue, 4 Sep 2007, Stephen Stuart wrote:
> On Mon, 3 Sep 2007, Tony Finch wrote:
> > On Mon, 3 Sep 2007, Sean Donelan wrote:
> > >
> > > Operators are probably more interested in the "fairness" part of
> > > "congestion" than the "eff
On Mon, 3 Sep 2007, Sean Donelan wrote:
>
> Operators are probably more interested in the "fairness" part of
> "congestion" than the "efficiency" part of "congestion."
TCP's idea of fairness is a bit weird. Shouldn't it be per-user, not
per-flow?
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http:
On Tue, 14 Aug 2007, Chris L. Morrow wrote:
>
> maybe I'm just thick, but how exactly does tastinng inhibit anti-phishing
> efforts?
Domain names are used as loookup keys in anti-phishing blacklists.
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
IRISH SEA: SOUTHERLY, BACKING NORTH
On Mon, 13 Aug 2007, Justin Scott wrote:
>
> Perhaps it would be better to allow for domain returns, but shorten the
> time limit to 24 hours. That should be long enough to catch a typo, but
> too short to be much use for traffic tasting.
Still long enough to be useful for spammers :-(
Tony.
--
On Sun, 15 Apr 2007, [EMAIL PROTECTED] wrote:
>
> 10/8 used to be a DoD address block, but it was also used exclusively in
> their blacker networks and similar non-connected infrastructure.
Er, no, it was the ARPANET's block. (See the Assigned Numbers RFCs up to
990.)
Tony.
--
f.a.n.finch <[EM
On Mon, 2 Apr 2007, David Conrad wrote:
>
> Even if a delay were imposed, I'm not sure I see how this would actually help
> as I would assume it would require folks to actually look at the list of newly
> created domains and discriminate between the ones that were created for good
> and the ones c
On Wed, 28 Mar 2007, Ken Simpson wrote:
>
> What is particularly missing IMHO is a spoofed-BGP-route blacklist.
> Anyone making any progress on that sort of thing?
completewhois has lists in various forms of bogon and hijacked networks.
http://completewhois.com/bogons/bogons_usage.htm
Tony.
--
On Wed, 28 Mar 2007, Chris L. Morrow wrote:
>
> didn't paul vixie post a problem domain a bit back that would suffice?
IIRC he was complaining about junk DNS lookups to the RBL's original
domain.
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
DOGGER FISHER GERMAN BIGHT: EASTERLY 4
On Sat, 17 Mar 2007, Rich Kulawiec wrote:
> On Sat, Mar 17, 2007 at 01:09:47PM +, Peter Corlett wrote:
> > Would you care to expand on why you think sender callback
> > verification is apparently abusive and supports spam?
>
> (a) this is wandering off-topic and (b) this has been covered in gr
On Mon, 19 Feb 2007, [EMAIL PROTECTED] wrote:
>
> Now, even those people have shifted to a hierarchical architecture of
> instant-messaging servers.
In what way is IM hierarchial? The commercial IM systems have a star
topology with a tightly controlled core and basically no inter-domain
federatio
On Thu, 1 Feb 2007, Paul Vixie wrote:
>
> thanks for those supportive words. note that MAPS is not defunct. the
> domain MAPS.VIX.COM is defunct, in favour of MAIL-ABUSE.ORG, which was
> originally an asset of MAPS LLC, then Kelkea, and lately Trend Micro.
They seem to have preferred mail-abuse
On Tue, 23 Jan 2007, Chris Edwards wrote:
>
> Aside from the invalid mails, this article suggests they're mostly
> identifying spam by the source IP (ie. their customer's IP) being listed
> in a DNSBL. So how come they need this super-duper real-time content
> scanning infrastructure ? Why would
On Tue, 23 Jan 2007, [EMAIL PROTECTED] wrote:
> http://www.theregister.co.uk/2006/10/12/bt_spam_buster/
Also http://wesii.econinfosec.org/draft.php?paper_id=47
(Google will give you an HTML version.)
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
SHANNON: NORTHERLY 4 OR 5 INCREASI
On Sun, 14 Jan 2007, Peter Corlett wrote:
>
> For the benefit of those of us who have been lucky to Recover from ISP work
> and now herd blogs, would you be so kind as to share which blacklists are
> worthwhile and worth consulting on this front?
I would expect the lists of compromised hosts to b
On Sat, 13 Jan 2007, Thomas Leavitt wrote:
>
> seems like the IPs (and their ilk) listed above are good prospects for a
> "bad behavior" blacklist, at a level below that of "collaborative spam
> filter" (which doesn't prevent traffic or CPU cycles from being
> consumed).
Most of the IP addresss y
On Wed, 3 Jan 2007, James Baldwin wrote:
>
> Anyone else getting a 403 Forbidden when trying to access http://cisco.com?
Who was talking about chmod -R 0 earlier?
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
SOLE LUNDY FASTNET IRISH SEA: SOUTHWEST VEERING WEST 7 TO SEVERE GALE 9,
On Fri, 10 Nov 2006, [EMAIL PROTECTED] wrote:
>
> If there were some way to have a feed of real bogons,
> i.e. address prefixes that are *KNOWN* to be bogus at
> the point in time they are in the feed, that would be
> useful for filtering. And it would likely be a best practice
> to use such a fee
On Tue, 19 Sep 2006, Travis Hassloch wrote:
>
> How hard would it be to standardize this?
>From the RFC index:
2919 List-Id: A Structured Field and Namespace for the Identification
of Mailing Lists. R. Chandhok, G. Wenger. March 2001. (Format:
TXT=18480 bytes) (Status: PROPOSED STANDAR
On Mon, 11 Sep 2006, william(at)elan.net wrote:
> On Mon, 11 Sep 2006, Tony Finch wrote:
> >
> > Far better to use a Received: header stating HTTP in the "with"
> > protocol field. (And the IANA registry should be updated to include
> > that as one of the sta
On Sat, 2 Sep 2006, Fergie wrote:
> Ack: X-Originating-From should be mandatory.
Far better to use a Received: header stating HTTP in the "with" protocol
field. (And the IANA registry should be updated to include that as one of
the standard values.)
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> h
On Tue, 18 Jul 2006, Suresh Ramasubramanian wrote:
>
> For more, take a look at http://www.circleid.com/posts/spf_loses_mindshare/
Is Hotmail actually doing the Big Yellow Box Of Doom thing that they
promised to do a year ago?
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
FITZROY:
The timing is interesting, given that DENIC and Nominet have recently come
to an agreement of sorts with ICANN.
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
SOUTH FITZROY: NORTHWEST 4 OR 5. SHOWERS. GOOD.
On Wed, 12 Apr 2006, Matthew Black wrote:
>
> I haven't seen any succinct justification for providing a
> 550 message rejection for positively-identified spam versus
> silently dropping the message.
If you are wrong about the message being spam, then the sender gets a
bounce.
Tony.
--
f.a.n.fin
On Wed, 12 Apr 2006, M. David Leonard wrote:
>
> This reminds me of "selective availability" (I think that's the
> correct term) in the GPS stream coming from US DOD orbital platforms.
> Sure, the data is jittered.
Hasn't been for several years.
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]>
On Wed, 12 Apr 2006, Suresh Ramasubramanian wrote:
>
> Exim with the spamassassin patches (sa-exim) does this, for example.
SpamAssassin support is built in to Exim since version 4.50.
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
BERWICK ON TWEED TO WHITBY: WEST OR SOUTHWEST 5 OR
On Tue, 11 Apr 2006, Edward B. DREGER wrote:
>
> AS112-style NTP service, anyone? That would be cooperative and possibly even
> useful.
pool.ntp.org
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
BERWICK ON TWEED TO WHITBY: WEST OR SOUTHWEST 5 OR 6, PERHAPS INCREASING 7
LATER IN N
On Fri, 7 Apr 2006, Richard A Steenbergen wrote:
>
> Its just NTP, I can't imagine that it is *really* enough traffic to care
> all that much.
According to Richard Clayton (who helped Poul-Henning track the problem
down) it's about 37pps continuously for each stratum-1 NTP server.
(Remember there
On Wed, 15 Feb 2006, Mike Leber wrote:
>
> While there are not as many businesses and organizations as people on the
> planet, as an exercise imagine 4 billion prefixes.
At the moment mobile IP is not implemented using the global routing
infrastructure, because it can't scale to 4 billion prefixe
On Sun, 20 Nov 2005, Suresh Ramasubramanian wrote:
>
> For extra points you could do smtp auth on the filtered smarthost as well, to
> help you jump on issues faster. Set it up so the user's local uid/gid gets
> used to auth to the remote exim box .. centralized ldap or mysql userdb does
> the tri
On Sun, 13 Nov 2005, Matthew Elvey wrote:
>
> Please don't reply w/o reading the above thread, to avoid repetition.
I have to pay to see it.
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR
GOOD.
On Sat, 24 Sep 2005, Michael Loftis wrote:
>
> Also just one hacked webform usually results in the same problem (we
> have thousands of web hosting customers). It's in our projects list to
> find 'some way' to rate limit individual senders but it's not a high
> priority right now.
I implemented
On Thu, 15 Sep 2005, John Levine wrote:
>
> >I saw this evening that CentralNic had added *.uk.com to point to
> >itself.
>
> Why should anyone care? It's just one of ten million dot-com domains.
They have quite a lot of domain name customers who don't know enough to
buy domain names from a real
On Wed, 14 Sep 2005, Roy Badami wrote:
>
> Perhaps because most telnet clients will attempt telnet option
> negotiation?
No they won't. I don't have any copies of BSD to hand from before 1987,
but even then Berkeley Telnet would not do unsolicited option negotiation
if you specified a port number
On Mon, 22 Aug 2005, Petri Helenius wrote:
> David Hagel wrote:
>
> > This is interesting. This may sound like a naive question. But if
> > queuing delays are so insignificant in comparison to other fixed delay
> > components then what does it say about the usefulness of all the
> > extensive tech
On Wed, 17 Aug 2005, Florian Weimer wrote:
>
> For a contrast, consider the situation in Germany. Beginning this
> year, Germany's largest research network DFN will run on Huawei
> technology. Not many security concerns over here, apparently.
Huawei are one of the suppliers for BT's "21cn" IP-b
On Wed, 6 Jul 2005, Pekka Savola wrote:
> On Tue, 5 Jul 2005, Adi Linden wrote:
> >
> > Make your secondary mx aware of all the valid recipient addresses.
>
> Are there mechanisms in postfix or sendmail to do this automatically, or
> should this be done out-of-band? I've tried looking for this fe
On Tue, 5 Jul 2005, Jim Popovitch wrote:
>
> Presumably sending smtp servers do have spools, however given the range
> of things that send email these days... who really knows?
Things that send email without having a spool cannot route email
according to RFC 974, so they are not a problem for MXs
On Wed, 6 Jul 2005 [EMAIL PROTECTED] wrote:
>
> There is no reason why DNS resolution could not similarly be unbundled
> from access. Yes, there would be some latency issues to deal with, but
> they are not insurmountable.
There are security problems too.
Tony.
--
f.a.n.finch <[EMAIL PROTECTED
On Wed, 6 Jul 2005, Brad Knowles wrote:
>
> There's not much we can do to stop the alternate roots. They already
> exist, and at least two are currently in operation. However, I think we can
> look at what it is that they're offering in terms of i18n and see what we can
> do to address tho
On Mon, 4 Jul 2005 [EMAIL PROTECTED] wrote:
>
> They are battling it out in the marketplace and one of the IDN solutions
> will evolve to the point where the market considers it clearly superior.
> This may be the IETF-blessed solution and it may not. One only has to
> browse through the RFC archi
On Mon, 4 Jul 2005, Suresh Ramasubramanian wrote:
>
> There is a lot of IDN fun to be had with several competing - and
> incompatible - technologies, each pushed by rival providers so that
> there is practically no incentive to interoperate.
Is draft-klensin-idn-tld-05.txt likely to get any tract
On Wed, 29 Jun 2005, Suresh Ramasubramanian wrote:
>
> We dont do sender rewriting / envelope rewriting for forwarded email,
> just pass it on
> We'll prepend Resent: headers though .. that should be enough
That's not permitted by RFC 2822 and it'll cause interoperability problems
with software t
On Wed, 29 Jun 2005, Peter Corlett wrote:
> Tony Finch <[EMAIL PROTECTED]> wrote:
> [...]
> > Actually, what you have to guarantee is that you never send email to
> > anyone who forwards their email elsewhere. This is impossible.
>
> How do you figure that?
>
>
On Wed, 29 Jun 2005, Brad Knowles wrote:
>
> SPF is not a panacea.
>
> In fact, it is pretty much totally worthless, unless you are the sole
> owner of a given domain and you can guarantee that all mail you ever send will
> always be routed through the machines that you own and control
On Thu, 23 Jun 2005 [EMAIL PROTECTED] wrote:
>
> Perhaps this is the time to find a new general solution rather than
> continuing to tack extensions on the existing email service?
None of the email replacement proposals I have seen are likely to get any
significant deployment because none of them
On Thu, 23 Jun 2005, Dave Crocker wrote:
>
> i seem to recall a similar redirect mechanism in SMTP some time ago. not
> worth the effort; broken; or somesuch.
The 251 and 551 forwarding address responses. Many mail servers don't know
a user's forwarding address at SMTP time; most mail servers tr
On Wed, 22 Jun 2005, Brad Knowles wrote:
>
> The last version of the Lachman-LASER draft (the one that was issued
> just before the draft was withdrawn) works well with sendmail and postfix
> pretty much out-of-the-box for handling LDAP routing. Unfortunately, you're
> going to have a proble
On Wed, 22 Jun 2005 [EMAIL PROTECTED] wrote:
>
> He *might* be able to sell the various branch offices on a solution that
> uses LDAP or similar, where each branch manages its section of the LDAP
> tree,
I don't think you can do that because you need to consolidate the branches
into a single name
On Wed, 22 Jun 2005 [EMAIL PROTECTED] wrote:
>
> The problem he's going to hit is that he wants *my* mail server to send mail
> to
> '[EMAIL PROTECTED]' to get routed to the MX in San Fran where Fred is, and
> *my*
> mail server to send mail '[EMAIL PROTECTED]' to get routed to the MX in Geneva
On Wed, 22 Jun 2005, Andrew Staples wrote:
>
> A global company (the group) is headquartered in Scandinavia. 25+ companies
> comprise the group around the world, each company with its own mailserver
> and mailserver software. The group encourages the companies to act in a
> decentralized manner,
On Wed, 8 Jun 2005, Suresh Ramasubramanian wrote:
> On 08/06/05, J.D. Falk <[EMAIL PROTECTED]> wrote:
> >
> > We can't have reliable reputation until we know who the mail is
> > coming from -- so reliable identity is a necessary first step.
>
> What the doctor ordered seems to be s
On Thu, 19 May 2005, Roger Marquis wrote:
>
> As it should. I wish it would also return a null for hostnames
> containing sequential non-alphanumerics (--, ---, __, ___, ...).
It is possible to reject multiple dots, both in theory and in practice (in
fact it's a useful for spotting certain kinds
On Thu, 19 May 2005, Brad Knowles wrote:
>
> Check Guinea-Bissau for .gw. This has been a source of heartburn for
> many years. Any site that has a mail gateway system and uses unqualified
> hostnames is at risk, because mail to "[EMAIL PROTECTED]" could legitimately
> be
> interpreted tw
On Wed, 18 May 2005, Mark Andrews wrote:
>
> No one is saying that a domain name can't be any 8 bit value.
However case insensitivity puts a big spanner in the works.
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/
BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST
There are also mail domains to consider. They have superficially the same
syntax as host names (they cannot have a trailing dot) but they are
generally checked much more strictly for conformance to that syntax. I'm
not sure whether the original post was about a mail domain or the name of
a mail ho
On Tue, 3 May 2005, Edward B. Dreger wrote:
>
> When anycast gets _really_ interesting is when an anycasted client makes
> a request [from an anycasted address] to an anycasted server.
Why would anyone use an anycast address as a client? Wouldn't it be
simpler to make all client connections from
On Tue, 5 Apr 2005, Suresh Ramasubramanian wrote:
>
> Others just grab the smtp server (and AUTH settings if any) from your
> MUA - easier if its Outlook / OE - and send using that smarthost.
Has that actually been observed in the wild?
Tony.
--
f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at
On Mon, 4 Apr 2005, Dean Anderson wrote:
>
> Err, not likely. SPF came out, and now bots can find the ISPs "closed
> relays" with very little trouble at all.
AFAIK bots use the MX of a parent domain of the infected machine's
hostname to find an outgoing relay, not SPF. This is based on an
inciden
69 matches
Mail list logo