On Nov 6, 2012, at 4:33 AM, Seth Mos wrote:
Hi,
Since about a week or so it's become impossible to reach wp.com content over
IPv6.
IPv4 content does work fine, using the IPv6 literal returns a 404 which is
small enough to fit in a smaller 1480 byte MTU.
I have another test site that
On Apr 7, 2012, at 4:41 PM, TR Shaw wrote:
As for SORBS, most competent mail admins dropped its use a long time ago. I
thought when Proofpoint took it over things would change (I actually thought
they would dump the SORBS name because of bad karma) but it hasn't happened.
Out of
On Aug 11, 2011, at 6:43 AM, Babak Pasdar wrote:
Hello NANOG Group,
I am curious if anyone has any experiences positive or negative with Juniper
MX-80s. Our recent experience with Juniper has not been great both in terms
of new product offerings (SRX) and software bugs in the recent revs
On Mar 24, 2011, at 7:09 AM, Harald Koch wrote:
On 3/23/2011 11:05 PM, Martin Millnert wrote:
To my surprise, I did not see a mention in this community of the
latest proof of the complete failure of the SSL CA model to actually
do what it is supposed to: provide security, rather than a false
On Jan 12, 2011, at 9:21 AM, George Bonser wrote:
I'd eat a hat if a vendor didn't implement a PAT equivalent. It's
demanded too much. There is money for it, so it will be there.
Jack
Yeah, I think you are right. But in really thinking about it, I wonder
why. The whole point of PAT
Check your inboxes :)
--
bk
On Mar 5, 2010, at 1:33 PM, Zachary Frederick wrote:
We have been having a problem emailing to a customer whose server is hosted
by The Planet (http://www.theplanet.com/). Our mail server is hosted in-house
on a comcast business connection.
IP address of our server is: 173.13.45.23
Andrew
Security consultant
CITATION NEEDED
You can goto Full-disclosure mailing list
http://www.grok.org.uk/full-disclosure/ ...
Andrew
Security consultant
For clarity and transparency you were banned from that list for trolling
under the persona n3td3v.
--
bk
On Jan 12, 2010, at 1:09 PM, Rich Kulawiec wrote:
On Tue, Jan 12, 2010 at 10:48:31AM -0800, Brian Keefer wrote:
I wouldn't say that necessarily accurate. I could be considered
part of the anti-spam crowd, seeing as that's my line of work.
I think DULs are a really dumb way to block spam
On Jan 12, 2010, at 10:31 AM, Jed Smith wrote:
Given the first few replies I received, allow me to clarify, now that I've
... apparently angered the anti-spam crowd:
I wouldn't say that necessarily accurate. I could be considered part of the
anti-spam crowd, seeing as that's my line of
On Jan 12, 2010, at 10:48 AM, Dave Martin wrote:
On Tue, Jan 12, 2010 at 11:51:47AM -0500, Jed Smith wrote:
On Jan 11, 2010, at 11:11 AM, Jon Lewis wrote:
The vibe I got from a number of administrators I talked to about it was why
would a standards document assume an IPv4/IPv6 unicast
On Jan 11, 2010, at 8:18 AM, Patrick W. Gilmore wrote:
people using SORBS stop using SORBS.
--
TTFN,
patrick
Usually that's the easiest path. All it takes is asking the site using SORBS
to do a few Google searches.
There are much better options out there than SORBS. Why anyone
On Jan 10, 2010, at 5:40 PM, George Bonser wrote:
And I don't believe anyone is necessarily advocating exposing individual
servers directly to the internet either.
Actually, some of us are.
There are other devices that
can handle isolation of the servers and protect them against such
I haven't tested the code myself, but no reason to think it doesn't work.
Consider this your exploits are in the wild notice.
--
bk
On Jan 6, 2010, at 6:51 AM, Brian Johnson wrote:
Like Roland, I've been doing
this for over a decade as well, and I have seen some pretty strange
things, even a statefull firewall in front of servers with IPS actually
work.
What do you mean by work? If you mean all three pieces ran for
quality free services, such as Spamhaus (speaking
personally), but they're few and far between.
I've had better luck convincing customers (or customers of customers)
to stop using the poorly-maintained legacy DNSBLs than I've had
getting customers delisted from such services.
YMMV.
Brian
On Feb 26, 2009, at 6:59 AM, John Levine wrote:
Nor should they. Anyone who actually researches this stuff knows
that
the vast majority of unsub links simply confirm you as a live
target
who will click on random links sent to them through e-mail.
That's the conventional wisdom, not
On Feb 26, 2009, at 8:28 AM, John R. Levine wrote:
This also pre-dates organized crime becoming heavily involved, and
pre-dates the obsession with browser exploits. Back then a lot of
spam was sent by semi-legitimate marketers from the US. These days
all the bad guys are out to get you
On Feb 26, 2009, at 5:08 PM, J.D. Falk wrote:
Blocking an entire site just because one John Doe user clicked a
button
they don't even understand just does not make sense.
You're right -- but Yahoo! has a sufficiently large userbase that
they can count multiple complaints before blocking
On Feb 24, 2009, at 6:27 PM, Micheal Patterson wrote:
This may be old news, but I've not been in the list for quite some
time. At any rate, is anyone else having issues with Yahoo
blocking / deferring legitimate emails?
My situation is that I host our corporate mx'ers on my network, one
On Feb 25, 2009, at 1:08 PM, Zaid Ali wrote:
There is also the issue of weather the user trusts the opt out link,
I have been in discussions where data shows that most users don't
generally trust it.
Zaid
Nor should they. Anyone who actually researches this stuff knows that
the vast
On Feb 19, 2009, at 12:30 PM, Bill Nash wrote:
Having carped, I'm obligated to offer a solution:
The technical discussion is certainly interesting to a small subset
of NANOG participants, I'm sure (I do find it interesting, I
promise), but I'm thinking this conversation is better elsewhere,
On Jan 4, 2009, at 12:05 PM, Joe Greco wrote:
The opinions on whether or not it is necessary to replace certs
seems to
vary depending on whose opinion you're listening to, but a
relatively safe
rule of thumb for this sort of security issue is to take the path
that is
most likely to avoid
On Jan 2, 2009, at 3:29 PM, Joe Greco wrote:
* Joe Greco:
It seems that part of the proposed solution is to get people to
move from
MD5-signed to SHA1-signed. There will be a certain amount of
resistance.
What I was suggesting was the use of the revocation mechanism as
part of
the stick
On Dec 5, 2008, at 12:51 PM, Skywing wrote:
McColo hosted the command and control servers for spam botnets and
didn't originate spam directly, at least primarily, according to my
understanding.
- S
That is correct. Srizbi and Rustok, primarily.
--
bk
On Nov 11, 2008, at 7:52 PM, mike wrote:
Since 11/5, my spam load has dropped from about 400,000 attempts
per day to less than 40,000 ! And most of this I had noted was
comming from what looked like compromised web hosts - eg: same host/
domain name representing 10 or 20 addresses in any
On Oct 9, 2008, at 6:37 AM, Michienne Dixon wrote:
snip
I too think C-R spam 'prevention' is the lazy-mans approach at
filtering
spam. People can easily create their own whitelists based on their
maillogs or mailhistory.
snip
Unfortunately, I feel the majority of the solutions offered cater
);
+my ($ip, $port, $txid) = split -, $data;
+print $ip:$port TXID=$txid\n;
+$ports{$port} = 1;
+}
}
Thanks to Michael for the tool, though!
Brian Keefer
Sr. Systems Engineer
www.Proofpoint.com
Defend email. Protect data.
28 matches
Mail list logo