Re: v4 and v6 BOGON list

bogons.cymru.com has been around as a BGP feed for a long long time. https://www.team-cymru.com/bogon-networks From: NANOG on behalf of Gabriel Terry Date: Friday, 22 March 2024 at 3:56 PM To: nanog@nanog.org Subject: v4 and v6 BOGON list All, I was researching BOGON prefixes and found a

Re: So what do you think about the scuttlebutt of Musk interfering in Ukraine?

I have a feeling he’s fired far too much of his legal and compliance team to realise --srs From: NANOG on behalf of Michael Thomas Sent: Thursday, September 14, 2023 6:17:17 AM To: nanog@nanog.org Subject: So what do you think about the scuttlebutt of Musk

Re: Captive portal for suspended accounts

Comcast walled garden is a good starting point to Google - there’s even an rfc This is to quarantine malicious customers rather than billing defaulters but well, much the same effect --srs From: NANOG on behalf of Steve Saner via NANOG Sent: Monday, September

Re: Historical info on how 'x.com' came to be registered

December 99. Grandfathered --srs From: NANOG on behalf of Drew Weaver Sent: Thursday, July 27, 2023 6:12:43 PM To: 'nanog@nanog.org' Subject: Historical info on how 'x.com' came to be registered Does anyone have any historical information on how ‘x.com’ came

Re: BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...)

It appears legit. BKA.DE is the German Bundeskriminalamt (Federal Police) And the PTR records, SPF etc check out for the domain. Might as well check the IP in question for malware if they’ve provided date / timestamps and such --srs From: NANOG on behalf of Glen A. Pearce Date: Monday, 3

Re: email spam

, August 24, 2022 8:14:16 AM To: Suresh Ramasubramanian Cc: nanog@nanog.org Subject: Re: email spam Sorry about the bad examples, but I remember contacting both about issues with SPF multiple times. They both have seemed have to fixed things at least searching my logs for the last week. Most

Re: email spam

Without saying why the mail was blocked (dumb content filter looking for porn? a spamhaus listing because the police server was hacked? something else?) that’s not going to help too much. I’ve been spam filtering stuff at large providers since the late 90s and it never gets any easier to block

Re: Rogers Outage Canada

Just leaving this (yes, satire site) link here

Re: ASN in use, but no whois data?

Legacy lookup here ASHandle: AS394183 OrgID: ORCL-2 ASName: OROCKLLC-USA-ASN ASNumber: 394183 RegDate:2015-07-01 Updated:2015-07-01 Source: ARIN OrgID: ORCL-2 OrgName:Orange Rock Consulting, LLC CanAllocate: Street:

Re: Russian aligned ASNs?

There are reports of bgp hijacks and ddos targeted at Ukrainian asns watch for and mitigate those? --srs From: NANOG on behalf of Tony Wicks Sent: Friday, February 25, 2022 6:55:23 AM To: 'William Allen Simpson' Cc: 'North American Network Operators Group'

Re: S.Korea broadband firm sues Netflix after traffic surge

Yet another peering dispute ending in litigation? From: NANOG on behalf of Sean Donelan Date: Friday, 1 October 2021 at 7:21 PM To: nanog@nanog.org Subject: S.Korea broadband firm sues Netflix after traffic surge South Korean Internet service provider SK Broadband has sued Netflix to pay for

Re: Abuse Contact Handling

of actionable complaints. --srs From: Tom Beecher Sent: Friday, August 6, 2021 11:42:48 PM To: Suresh Ramasubramanian Cc: Mike Hammett ; Matt Corallo ; NANOG Subject: Re: Abuse Contact Handling If you’re complaining about having to maintain an abuse desk

Re: Abuse Contact Handling

If the way x is managing their network or (not) managing their customers means my network and my customers are affected .. route leaks? packet kiddies? phish sites? spammers? whatever. If what you’re doing or not doing affects someone else, expect complaints, possibly to your upstreams if

Re: Spamhaus ASN-DROP list

This is probably an ex afrinic stolen block? In which case it’s for afrinic to sort out and reclaim --srs From: NANOG on behalf of Siyuan Miao Sent: Friday, July 23, 2021 12:38:16 PM To: North American Network Operators' Group Subject: Spamhaus ASN-DROP list

Re: Anyone from Proof Point or Comcast on this list?

comcast.com is their corporate mail domain comcast.net is their customer domain Both have entirely different mx hosts and won’t relay mail for each other. --srs From: NANOG on behalf of Matt Hoppes Sent: Monday, April 19, 2021 10:06:00 PM To: North American

Re: Newbie Question: Is anyone actually using the Null MX (RFC 7505)?

OK. In your experience, which legacy system is going to misinterpret this record? The current RFC is from 2014-15 but the original idea from Mark Delany (then at Yahoo now at Apple) has been kicking around from 2006 or so. I remember contributing some text to the original draft RFC but can’t

Re: Newbie Question: Is anyone actually using the Null MX (RFC 7505)?

MTAs don’t care what online analysis tools tell you and setting a null MX for a domain that you don’t receive mail for will work just fine, for the reasons explained in the rfc Having no MX means the smtp connection will fall back to the A record for your domain if one exists --srs

Re: Famous operational issues

He is. He asked a perfectly relevant question based on what he saw of the physical setup in front of him. And he kept his cool when being talked down to. I’d hire him the next minute, personally speaking. From: Sabri Berisha Date: Friday, 19 February 2021 at 2:02 PM To: Suresh Ramasubramanian

Re: Famous operational issues

Did you at least hire the janitor? From: NANOG on behalf of Mark Tinka Date: Friday, 19 February 2021 at 10:20 AM To: nanog@nanog.org Subject: Re: Famous operational issues On 2/19/21 00:37, Warren Kumari wrote: 5: Another one. In the early 2000s I was working for a dot-com boom company. We

Re: Vint Cerf & Interplanetary Internet

; *From:* NANOG > mailto:gmail@nanog.org>> on > behalf of Rod Beck > mailto:rod.b...@unitedcablecompany.com>> >> https://www.quantamagazine.org/vint-cerfs-plan-for-building-an-internet-in-space-20201021/ > ---------

Re: Vint Cerf & Interplanetary Internet

Right. This means we are going to catch a spaceship for a future nanog / have interplanetary governance federation debates with space aliens from Andromeda, and we will finally run out of v6 and ipv9 will rule the roost while there’s a substantial aftermarket + hijack scene going on for the

Re: Consolidation of Email Platforms Bad for Email?

I don’t know. Do I miss the days of every person and their dog running a mail server on a Linux server in a basement cupboard? Huge crowds and high drama on nanae and spam-l type places You never know whether your mail is going to get through or not because of weird and wonderful notions about

Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

The first warning sign would be where they discuss your AUP and exceptions / corner cases to it --srs From: NANOG on behalf of Ross Tajvar Sent: Thursday, April 16, 2020 9:03:58 AM To: Rich Kulawiec Cc: North American Network Operators' Group Subject: Re:

Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

or the other. Corporate contacts in this individual’s case, could be reports to various upstreams in some other case. --srs From: Matt Corallo Date: Tuesday, 14 April 2020 at 12:41 AM To: Suresh Ramasubramanian Cc: Tom Beecher , Kushal R. , Nanog , Rich Kulawiec Subject: Re: Constant Abuse

Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

RiskIQ reports phish URLs for large brands The life cycle of a typical phish campaign is in hours but I guess people can live with 24. If you handle the complaint only after two business days, that’s closing the barn door after the horse has bolted and crossed a state line. --srs

Re: Constant Abuse Reports / Borderline Spamming from RiskIQ

RiskIQ is a known good player. If there’s a stream of abuse reports maybe removing whatever customer it is might be a good idea? I am not sure why they are sending out mail to every contact they can find though. Are abuse tickets resolved in a timely manner? From: NANOG Date: Monday, 13

Re: Tell me about AS19111

I do get some results from an online whois or two - https://ipinfo.io/AS19111 nbty.com is registered with Markmonitor so presumably they’re legit enough and large enough to afford brand protection. “Natures Bounty Inc” sounds like a reasonable name for a vendor of vitamins. ASNumber:

Re: Prominent horse racing identities (was Re: Elad Cohen)

Jesus was crucified during the later years of the reign of Tiberius Hadrian on the other hand would have been loved by 45 for his dedication to building the wall --srs From: NANOG on behalf of Mark Seiden Sent: Monday, January 27, 2020 11:47 PM To: Large

Re: Anyone have contacts at Bharti Airtel?

Post on sa...@sanog.org there should be some Airtel people there @anurag can you please forward to someone there --srs From: NANOG on behalf of Elmar K. Bins Sent: Saturday, December 7, 2019 3:40 PM To: Bottiger Cc: nanog@nanog.org Subject: Re: Anyone have

Re: Cogent & FDCServers: Knowingly aiding and abetting fraud and theft?

The fact that the port authority building is also an office building with multiple other tenants? Whois contacts on a defunct domain belonging to an Australian government port authority agency that’s since been renamed don’t appear to support your hypothesis that this is another tenant of a

INNOG 2 cfp 7/1 to 7/4 New Delhi, India

NANOG folks - I recognize that this is rather late notice for your travel schedules but if you happen to be in the region or have teams in India please do attend, or forward this. Thanks. INNOG 2: Call for papers The following is an open call for presentations for the conference and tutorial

Re: Open Petition for ARIN-prop-266: BGP Hijacking is an ARIN Policy Violation

Even among the network security community the number of people who track bgp hijacks and gather data is quite small yet such people do exist and have been active in speaking for this proposal when the same thing was discussed on the ripe anti abuse wg to an expected chorus of "we are not the

Re: friday fun - geko outsge

Was it trying to help them save on car insurance? On 16/03/19, 6:49 AM, "NANOG on behalf of Scott Weeks" wrote: I thought some here might enjoy this. -- Technician arrived onsite and found no issue with the fiber

Re: FB?

That's a 2010 outage that someone dug out and was doing the rounds as a new one --srs From: NANOG on behalf of cosmo Sent: Thursday, March 14, 2019 9:50 PM To: Bryan Holloway Cc: nanog@nanog.org Subject: Re: FB? Facebook pushed an update to their code that

Re: A Zero Spam Mail System [Feedback Request]

I've tried never to hand write a sendmail.cf, to be honest - I doubt even the sendmail authors recommended being that brave :). And I haven't done all that much with dmarc beyond using it. --srs From: NANOG on behalf of Brielle Bruns Sent: Thursday, February

Re: A Zero Spam Mail System [Feedback Request]

... and of all those, once you solve v6 multihoming (possibly with ipv9) do come back to nanog where I'm sure it will be operational. On 18/02/19, 8:23 AM, "NANOG on behalf of Michel Py" wrote: > Viruthagiri Thirumavalavan wrote : > I solved the email spam problem. Oh, this

Re: A Zero Spam Mail System [Feedback Request]

g dogs. If one started to bark, everyone > else gets the courage to do the same thing. > > I'm tired of fighting these assholes in every mailing list. I'm on your side > morons. So how about you all knock it off? > > Six months back, it was John Levine who humiliated me in the DMA

Re: yet another round of SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

To the IP Other people try to sugar coat what they tell you John has never minced his words in the past two decades that I know him and that's good Yes, 50 words are more than enough to decide a bad idea is bad. You don't have to like that, or like any of us, but facts are facts --srs

Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

? You already know from the dns. Concerned about the MTA version? You can configure postfix to claim it is exchange or avian carrier for that matter --srs From: Constantine A. Murenin Sent: Saturday, January 12, 2019 10:08 AM To: Suresh Ramasubramanian Cc: nanog

Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

Most new MTA implementations over the past several years default to TLS with strong ciphers. So how much of a problem is low or no TLS right now? How much more of a problem will it be over the next year or two as older hardware is retired and new servers + software deployed, or as is more

Re: SMTP Over TLS on Port 26 - Implicit TLS Proposal [Feedback Request]

But why do you think creating an out of band verification channel and separate port is going to work for this? There is plenty of local policy available as well to mandate that tls be negotiated with a set of allowed ciphers and prohibit others —srs From:

ARIN NS down?

couldn't get address for 'ns1.arin.net': not found couldn't get address for 'ns2.arin.net': not found couldn't get address for 'u.arin.net': not found couldn't get address for 'ns3.arin.net': not found dig: couldn't get address for 'ns1.arin.net': no more srs@Sureshs-MacBook-Pro-2 19:56:18 <~> $

Re: Should ISP block child pornography?

In the USA, you need to contact NCMEC - http://www.missingkids.com/home or the FBI. From: Mark Seiden Date: Friday, 7 December 2018 at 12:16 PM To: Suresh Ramasubramanian Cc: "Lotia, Pratik M" , "nanog@nanog.org" Subject: Re: Should ISP block child pornography?

Re: Should ISP block child pornography?

https://www.interpol.int/Crime-areas/Crimes-against-children/Access-blocking From: NANOG on behalf of Mark Seiden Date: Friday, 7 December 2018 at 11:54 AM To: "Lotia, Pratik M" Cc: "nanog@nanog.org" Subject: Re: Should ISP block child pornography? where is this list of dirty domains?

Re: bloomberg on supermicro: sky is falling

IVR credit card PIN entry is a thing For example - https://www.hdfcbank.com/personal/making-payments/security-measures/ivr-3d-secure On 10/10/18, 9:57 PM, "NANOG on behalf of Naslund, Steve" wrote: True and that should be mandatory but does not solve the telephone agent problem.

Re: bloomberg on supermicro: sky is falling

This is common in India but then chip and pin has been mandatory for a good few years, as has 2fa (vbv / mastercard secure code) for online transactions. Waiters would earlier ask for people's pins so they could go back and enter it - back when a lot of the POS terminals were connected to POTS

Re: SP security knowledge build up

Response and Management Critical Control 20: Penetration Tests and Red Team Exercises 2 Day On Campus Boot Camp at IIIT B Lab Session – General Threats Lab Session – Cryptography Boot Camp 1 Boot Camp 2 On Fri, Jul 27, 2018 at 5:39 PM Suresh Ramasubramanian wrote: > > Please start with the nano

Re: SP security knowledge build up

and the Limoncelli book will do very well indeed for a start. --srs From: Ramy Hashish Date: Friday, 27 July 2018 at 5:12 PM To: NANOG Mailing List , , , Suresh Ramasubramanian , Subject: Re: SP security knowledge build up Thank you guys for all your academic recommendation

Re: SP security knowledge build up

mpton, Rich A" Cc: Christopher Morrow , Suresh Ramasubramanian , nanog list Subject: Re: SP security knowledge build up Thank you Christopher, Compton and Suresh, that was helpful. I am still looking for more. Does anyone want to recommend any MOOC? Thanks, Ramy On 23

Re: SP security knowledge build up

The usual / canonical sysadmin book might work, there is a lot of security related material in there as well. https://www.amazon.com/Practice-System-Network-Administration-Second/dp/0321492668 And this updated for enterprise / devops and other such new fangled things

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

> As I always ask, retorically, in cases like this: Where are the grownups? --- ops.li...@gmail.com wrote: From: Suresh Ramasubramanian "we are not the internet police" right? ( - So your answer is to let t

Re: AS3266: BitCanal hijack factory, courtesy of Cogent, GTT, and Level3

"we are not the internet police" right? ( On 26/06/18, 10:33 AM, "NANOG on behalf of Job Snijders" wrote: On Mon, 25 Jun 2018 at 22:49, Ronald F. Guilmette wrote: > Without the generous support of Cogent, GTT, and Level3 this dumbass > lowlife IP address space thief

Re: Email security: PGP/GPG & S/MIME vulnerability drop imminent

Seems to be a set of MUA bugs that are being overblown and hyped up. TL;DR = Don't use HTML email with some mail clients when sending pgp encrypted mail. https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html --srs On 14/05/18, 1:15 PM, "NANOG on behalf of George William Herbert"

Re: Is WHOIS going to go away?

The fun problem here is that anonymity, encryption etc - everything that's good and recommended for privacy and security conscious people - gets heavily used, and early adopted, by criminals, the good ones among whom are paranoid about both these at least so they stay out of prison. If only

Re: China Showdown Huawei vs ZTE

Ah. ZTE is in a spot of trouble right about now. http://www.scmp.com/tech/article/2142557/zte-calls-us-government-ban-extremely-unfair-vows-fight-its-rights On 20/04/18, 5:58 PM, "NANOG on behalf of Colton Conor" wrote: Of the

Re: Courses/Trainings for NOC leaders

These books. https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057 https://www.amazon.com/Practice-System-Network-Administration-Enterprise/dp/0321919165/ https://www.amazon.com/Practice-Cloud-System-Administration-Practices/dp/032194318X/

Re: How can I obtain the abuse e-mail address for IPs from Japan?

whois -h whois.nic.ad.jp IP /e --srs > On 23-Aug-2017, at 7:38 PM, Kurt Kraut wrote: > > Hello, > > > I'm having a hard time to figure out the abuse e-mail address for IPs from > Japan. Any query I perform at the WHOIS, for any IP, from any autonomoyus > system I get

Re: AS29073, 196.16.0.0/14, Level3: Why does anyone peer with these schmucks?

1. They aren’t the internet police either or so quite a few of them think 2. Hanlon’s razor --srs > On 15-Aug-2017, at 2:17 AM, Baldur Norddahl wrote: > > Why are domain registrars allowing some of those domains, which are clearly > advertising highly illegal

Re: Purchased IPv4 Woes

Which one was it that demanded 2500? There's only one reasonably well known pay for whitelisting type of blocklist but I'd have thought they're a lot cheaper. --srs > On 20-Mar-2017, at 9:02 AM, Justin Wilson wrote: > > Then you have the lists which want money to be removed.

Re: Someone's scraping NANOG for phishing purposes again

Or a nanog member might be infected and the malware is scraping his mailbox for bogus froms. Got headers? On 10/02/17, 9:40 AM, "NANOG on behalf of Alexander Harrowell" wrote: I'm getting suspicious e-mail pretending to come

Re: ticketmaster.com 403 Forbidden

My guess is you have or had sometime in the long distant past a scalper operating on your network, using automated ticket purchase bots. If you still have that scalper around, you might want to turf him. If he’s ancient history, saying so might induce them to remove the block. --srs On

Re: PlayStationNetwork blocking of CGNAT public addresses

font. Personally I don’t trash abuse reports that are valid. --srs From: Tom Beecher <beec...@beecher.cc> Date: Thursday, 22 September 2016 at 7:35 PM To: Brian Rak <b...@gameservers.com> Cc: Suresh Ramasubramanian <ops.li...@gmail.com>, "nanog@nanog.org" &

Re: PlayStationNetwork blocking of CGNAT public addresses

Considering that there are likely to be many such emails - just how much time is it going to take your abuse desk staffer to just parse out those IPs from whatever log that they send you? And how much time would processing say 50 individual emails take compared to 50 IPs in a single email?

One more thing to watch out for at data centers - fire drills

http://motherboard.vice.com/read/a-loud-sound-just-shut-down-a-banks-data-center-for-10-hours?utm_source=bbcfb Releasing inert gas from fire suppression units that were over pressurized resulted in an extremely loud noise – causing cabinets full of hard drives to vibrate – which got transmitted

Re: Operations task management software?

Been meaning to dig into this one https://www.upguard.com/blog/guardrail-tasks-a-lightweight-tracking-system-for-ops --srs > On 27-Jul-2016, at 11:46 PM, David Hubbard > wrote: > > Hi all, curious if anyone has recommendations on software that helps manage >

Re: Charter FYI - FW: [SANOG] Reliance Jio (AS55836) origating a /16 belonging to Charter (AS20115)

On 03/07/16, 9:05 PM, "NANOG on behalf of Suresh Ramasubramanian" <nanog-boun...@nanog.org on behalf of ops.li...@gmail.com> wrote: > Is anyone from Jio network engineering team on this list? > I see AS55836 is originating 47.35.0.0/16 while the pool belongs to >

Charter FYI - FW: [SANOG] Reliance Jio (AS55836) origating a /16 belonging to Charter (AS20115)

From: sanog on behalf of Anurag Bhatia Date: Sunday, 3 July 2016 at 8:46 PM To: SANOG Subject: [SANOG] Reliance Jio (AS55836) origating a /16 belonging to Charter (AS20115) Hello everyone! Is anyone from Jio

Re: IPv4 Legacy assignment frustration

There is absolutely no budgeting for idiots. Beyond a long hard process that is helped by internal escalations from affected people on a corporate network - ideally as senior as you can get - ot their IT staff. “Missouri isn’t in China, you nitwit. Fix it or I, the CFO, will go have a word

Re: Detecting Attacks

Is your aim to generate attack traffic? Or rather a mix of normal and attack traffic. That's one part. Googling ddos simulator will get you lots of results you can evaluate Logging it appropriately and capturing the logs, storing them in a db is the next. --srs > On 11-Jun-2016, at 10:52

Re: [tld-admin-poc] Fwd: Re: .pro whois registry down?

Worst comes to worst there's a python based whois client called pwhois that lets you dump whois data into json --srs > On 10-Mar-2016, at 6:50 AM, Royce Williams wrote: > > I'm not affiliated, but there are a couple of companies that normalize > whois data. It's a

Re: de-peering for security sake

Well, at least she's here rather than sprinkling eggnog and brandy flavoured pixie dust on our gear over the Christmas break. --srs > On 25-Dec-2015, at 9:08 AM, Owen DeLong wrote: > > Yes… Isn’t it impressive just how persistent the bad idea fairy can be? > > Owen

Re: de-peering for security sake

Hmm, has anyone at all kept count of the number of times such a discussion has started up in just the last year, and how many more times in the past 16 or so years? Mind you, back in say 2004, this discussion would have run to 50 or 60 emails at a bare minimum, in no time at all. --srs On

Re: Google IMAP (with k9mail)

Not protocols as much as less secure ssl ciphers is my guess --srs > On 23-Oct-2015, at 9:50 PM, Jay Ashworth wrote: > > - Original Message - >> From: "Christopher Morrow" > >> Incoming settings >> IMAP server: imap.gmail.com >> Port: 993

Re: Google IMAP

Right now imap.gmail.com appears down for me from at least two local networks in India, just saying I guess that's what the original poster wanted to ask about. On Wednesday, October 21, 2015, Jason Hellenthal wrote: > $ dig @8.8.8.8 imap.gmail.com > > ; <<>> DiG 9.10.3

Re: /27 the new /24

Besides which more than one provider filters by a minimum prefix length per /8 - wasn't Swisscom or someone similar doing that? So multi homing with even a /24 is somewhat patchy in terms of effectiveness --srs > On 02-Oct-2015, at 8:54 PM, William Herrin wrote: > >> On

Re: /27 the new /24

<b...@herrin.us> wrote: > > On Fri, Oct 2, 2015 at 11:55 AM, Suresh Ramasubramanian > <ops.li...@gmail.com> wrote: >> Besides which more than one provider filters by a minimum prefix length >> per /8 - wasn't Swisscom or someone similar doing that? So multi >>

Re: Quick Update on the North American BCOP Efforts

Late to the party but which best current practices were these and - as the board asked - how much of it reinvents the several other best practice wheels around? --srs > On 30-Sep-2015, at 8:47 PM, Mike Hammett wrote: > > If NANOG isn't developing and publishing BCOPs,

Re: free Tools to monitor website performance

Nagios will do it at a pinch but only from one location. But if you want professional URL monitoring from across multiple locations worldwide, you need Gomez, Neustar Webmetrics etc. Not quite cheap. On 05-Aug-2015, at 7:23 PM, sathish kumar Ippani sathish.kumar.ipp...@gmail.com wrote:

Re: Working with Spamhaus

It's what they call a free country Those that don't use it don't use it, and those who do are free to do so --srs On 31-Jul-2015, at 4:56 PM, Ricky Beam jfb...@gmail.com wrote: On Fri, 31 Jul 2015 17:28:34 -0400, Jaren Angerbauer jarenangerba...@gmail.com wrote: I work for Proofpoint --

Re: Working with Spamhaus

delurk They come to M3AAWG on a regular basis and there’s the M3AAWG hosting SIG that you might want to participate in. NANOG doesn’t always have a mail abuse (and not very many network abuse) session on the agenda, plus just how many people doing routing or DNS seem to even care what their

Re: Working with Spamhaus

Er - a couple of ways 1. If you run a farm of mail servers, something like splunk for your logs is kind of necessary. How difficult is it going to be to trigger a splunk alert on whatever looks like an administrative block? Either by a large provider, or by a DNS block list. 2. You can

Re: Route leak in Bangladesh

I have sent this to a contact at another Bangladeshi ISP that should be able to reach the right person for this ASAP. On 30-Jun-2015, at 1:57 pm, Grzegorz Janoszka grzeg...@janoszka.pl wrote: We have just received alert from bgpmon that AS58587 Fiber @ Home Limited has hijacked most of our

Re: World's Fastest Internet™ in Canadaland

Parkinson's law of sorts? Use expanding to fill the bandwidth available One kid with a torrent downloading random stuff, streaming hd and music off the internet etc and a family of four can make decent inroads into gigabit or so I would have thought Don't even start counting say a gb here and

Re: World's Fastest Internet™ in Canadaland

Like Peter Lothberg's mother's home :) --srs On 27-Jun-2015, at 12:22 am, Mikael Abrahamsson swm...@swm.pp.se wrote: And yes, fastest Internet in the world is pure BS, gigabit ethernet access to peoples homes have been around for years in other places

Re: vendor spam OTD

Given we’re going down this “what is spam” rathole again, spam is generally defined as unsolicited BULK email As the email appears to be one to one, though a remarkably persistent one to one, I would suggest procmail, unless you know he’s harvested nanog and is sending the same offer mail

Re: vendor spam OTD

Having seen my share of pesky vendors - though not this one .. Yeah idle speculation it is. Informed idle I hope. :) --srs On 28-Apr-2015, at 9:00 am, Rob Seastrom r...@seastrom.com wrote: Have you gotten a copy too, or are you just idly speculating here?

M3AAWG 34 in Dublin - public call for papers

fyi From: Alec Peterson a...@messagesystems.com To: techni...@mailman.m3aawg.org techni...@mailman.m3aawg.org Date: Tue, Mar 3, 2015 11:32 PM Subject: [Technical] M3AAWG 34 Call for Papers The 34th General Meeting of the Messaging Malware Mobile Anti-Abuse Working Group (M3AAWG) will be

Large Ontario DC busted for hosting petabytes of child abuse material

18 million dollars revenue in three months so certainly pretty large sized. Any idea which DC this is? http://motherboard.vice.com/en_ca/read/police-could-charge-a-data-center-in-the-largest-child-porn-bust-ever

Re: AOL Postmaster

You think every accountant, realtor, coffee shop etc uses their own domain? On Feb 26, 2015 3:12 AM, Bill Patterson billpatterso...@gmail.com wrote: That was my first response as well. But that response was frowned upon by my customer service reps. On Feb 25, 2015 8:56 AM, Ken Chase

Re: AOL Postmaster

And how many users do you have, again? On Feb 24, 2015 6:29 PM, Colin Johnston col...@gt86car.org.uk wrote: block aol like china blocks with no engagement of comms as justification colin Sent from my iPhone On 24 Feb 2015, at 12:36, Rich Kulawiec r...@gsp.org wrote: On Tue, Feb 24,

Re: gmail spam help

they are running entirely self-contained. On 02/12/2015 07:04 PM, Suresh Ramasubramanian wrote: Please. Gmail isn't ever likely to use long dead hobbyist block lists. On Feb 12, 2015 9:38 PM, Daniel Taylor dtay...@vocalabs.com mailto: dtay...@vocalabs.com wrote: Possibly related: http

Re: gmail spam help

Please. Gmail isn't ever likely to use long dead hobbyist block lists. On Feb 12, 2015 9:38 PM, Daniel Taylor dtay...@vocalabs.com wrote: Possibly related: http://www.ahbl.org/content/changes-ahbl We had to manually remove it from spamassassin for our local installation, and I am pretty sure

Re: Facebook outage?

It is back now fwiw On Jan 27, 2015 12:18 PM, Damien Burke dam...@supremebytes.com wrote: Facebook outage? Everyone panic! https://twitter.com/search?q=facebooksrc=typd -Damien

Re: Transparent hijacking of SMTP submission...

Yes. Till that hotspots IP space gets blackholed by a major freemail because of all the nigerians and hijacked devices emitting bot traffic through stolen auth credentials. There's other ways to stop this but they take actual hard work and rather more gear than a rusted up old asa you pull out of

Re: Transparent hijacking of SMTP submission...

No. He is a comcast customer. And some third party wifi access point blocked his smtp submission over TLS by setting up an asa device to inspect 587 as well. On Nov 28, 2014 6:16 AM, William Herrin b...@herrin.us wrote: On Thu, Nov 27, 2014 at 2:54 PM, joel jaeggli joe...@bogus.com wrote: I

Re: Transparent hijacking of SMTP submission...

= 2qlcvb29i07oax-...@mail.gmail.com , Suresh Ramasubramanian writes: Yes. Till that hotspots IP space gets blackholed by a major freemail because of all the nigerians and hijacked devices emitting bot traffic through stolen auth credentials. Why would it black hole the address rather than

Re: Level3 rwhois broken

, 2014 2:50 PM To: Suresh Ramasubramanian Cc: nanog@nanog.org Subject: Re: Level3 rwhois broken It's nice to see someone is using RWHOIS. Back when I wrote the RWHOIS daemon for HE I spoke with Mark Kosters (one of the authors of RFC 2167). I wish I still had the emails because at the time he

Level3 rwhois broken

Anybody? Makes it a pain to perform surgical spam blocking when this happens :) suresh@samwise 01:52:24 ~ $ telnet rwhois.level3.net 4321 Trying 209.244.1.179... ^C -- Suresh Ramasubramanian (ops.li...@gmail.com)

Re: Inside China GFW - basic dedicated server or cloud instance

The other thing is, it is pretty much useless to measure connectivity speed, or path through the gfw from a colo box when your users in the mainland are using broadband or maybe dedicated leased lines. On Nov 11, 2014 10:37 PM, Grant Ridder shortdudey...@gmail.com wrote: You can try AWS China,

Re: Shipping bulk hardware via freight

If you are planning to scrap it after retiring it from production, talk to nsrc @ uoregon, they'll pick it up and ship it to developing countries that could use it. On Nov 6, 2014 4:45 AM, Jason 8...@tacorp.us wrote: I'm interested in talking with someone who has experience shipping hardware

  1   2   3   4   5   6   >