Hello Barry,
Thanks for your blog.
I plan to block some ports on our router, which are shown in your blog.
> Step 1 on the list …. Deploy Exploitable Port Filtering on the edge of
> your network ….
>
Some of our routers use Linux as the operating system, so I plan to use
nftables to make some
21, 2023 at 8:00 AM wrote:
>
>> Message: 19
>> Date: Mon, 20 Mar 2023 16:24:09 -0400
>> From: ay...@august.tw
>> To: Collider
>> Cc: nanog@nanog.org
>> Subject: Re: Spamhaus flags any IP announced by our ASN as a
>> crim
;
> >
> > Regards
> > George
> >
> > On Tue, Mar 21, 2023 at 8:00 AM wrote:
> >
> >> Message: 19
> >> Date: Mon, 20 Mar 2023 16:24:09 -0400
> >> From: ay...@august.tw
> >> To: Collider
> >> Cc: nanog@nan
by
one or more network operators... single routing policy"
Regards
George
On Tue, Mar 21, 2023 at 8:00 AM wrote:
Message: 19
Date: Mon, 20 Mar 2023 16:24:09 -0400
From: ay...@august.tw
To: Collider
Cc: nanog@nanog.org
Subject: Re: Spamhaus flags any IP announced by our ASN as a
crimina
00
> From: ay...@august.tw
> To: Collider
> Cc: nanog@nanog.org
> Subject: Re: Spamhaus flags any IP announced by our ASN as a criminal
> network
> Message-ID: <5b7ed1b1fbff65dfc63d188c2e1f9...@august.tw>
> Content-Type: text/plain; charset=UTF-8; format=flowed
>
>
:15:08 -0700
> > From: Randy Bush
> > Subject: Re: Spamhaus flags any IP announced by our ASN as a criminal
> network
> >
> (...)
> >
> > we reject automagically on spamhaus, mail-abuse.org, and sorbs. really
> > appreciate their services.
> >
> &g
Hi Brandon,Your next actions are to level up the security of your network, your organization, and your team. I’ll craft up a post with a checklist you can use. If you don’t do this, then people on your team, your company, and your customers will continue to be “danger do not go there” listed.
> Date: Mon, 20 Mar 2023 14:15:08 -0700
> From: Randy Bush
> Subject: Re: Spamhaus flags any IP announced by our ASN as a criminal network
>
(...)
>
> we reject automagically on spamhaus, mail-abuse.org, and sorbs. really
> appreciate their services.
>
> randy
>
Sorbs? Really? *doh*
#m
this company(s) is in the business of spam. they're just trying to
game nanog. discussing further a waste of pixels.
ranady
On Mon, Mar 20, 2023 at 7:08 PM Brandon Zhi wrote:
>
> Our person in charge has consulted with their previous person in charge, and
> their response is this.
you are talking up the discussion with the wrong folks, really.
Please go see the spamhaus folk directly.
Our person in charge has consulted with their previous person in charge,
and their response is this.
"problem began long before February 18th. The problem was that in 2022
they added our prefix 87.251.79.0/24 to the black list, and said that if
there were no complaints for 30-60 days, the record
>> I don't think any ISP would reject an IP that is on the Spamhaus
>> list.
> you, clearly, have been living under several rocks for a very long
> time.
we reject automagically on spamhaus, mail-abuse.org, and sorbs. really
appreciate their services.
randy
well that explains a lot.
For their own sake I hope they shape up - but I doubt they will.
On 20 March 2023 20:24:09 UTC, ay...@august.tw wrote:
>Several Huize ASNs, e.g. AS47158 and AS141011, were revoked due to RIR policy
>violations, which include prohibited sharing of ASNs with third
Several Huize ASNs, e.g. AS47158 and AS141011, were revoked due to RIR
policy violations, which include prohibited sharing of ASNs with third
parties, IP hijacking, and malicious path prepending.
Given this history, it is not surprising that Spamhaus would blacklist
IP addresses associated
Why do two different companies with what should be independent networks share
an AS number?
On 20 March 2023 18:20:08 UTC, Aaron Wendel wrote:
>The solution to your problem is to terminate the customer causing the abuse,
>in this case 62yun.com. Once you do that I'm sure Spamhaus will stop
The solution to your problem is to terminate the customer causing the
abuse, in this case 62yun.com. Once you do that I'm sure Spamhaus will
stop listing all your IPs.
Aaron
On 3/20/2023 6:54 AM, Brandon Zhi wrote:
It seems you've reached the point that they ignore specific
Brandon Zhi writes:
> Well, those prefixes are not for their VPS hosting service (which cause a
> lot of complaint). Just like there are many IP addresses under the
> telecommunication company, the entire ASN cannot be "blocked" just because
> there is a complaint on one IP address
April came
On Mon, Mar 20, 2023 at 7:56 AM Brandon Zhi wrote:
> Well, those prefixes are not for their VPS hosting service
> (which cause a lot of complaint). Just like there are many IP
> addresses under the telecommunication company, the entire
> ASN cannot be "blocked" just because there is a complaint
>
gt;
>> <https://www.linkedin.com/company/midwest-internet-exchange>
>> <https://twitter.com/mdwestix>
>> The Brothers WISP <http://www.thebrotherswisp.com/>
>> <https://www.facebook.com/thebrotherswisp>
>> <https://www.youtube.com/channel/UCXSd
rothers WISP <http://www.thebrotherswisp.com/>
>> <https://www.facebook.com/thebrotherswisp>
>> <https://www.youtube.com/channel/UCXSdfxQv7SpoRQYNyLwntZg>
>> --
>> *From: *"Brandon Zhi"
>> *To: *"Christopher Morrow&
LwntZg>
> ------
> *From: *"Brandon Zhi"
> *To: *"Christopher Morrow"
> *Cc: *nanog@nanog.org
> *Sent: *Monday, March 20, 2023 9:43:19 AM
> *Subject: *Re: Spamhaus flags any IP announced by our ASN as a criminal
> network
>
&
n Zhi"
To: "Christopher Morrow"
Cc: nanog@nanog.org
Sent: Monday, March 20, 2023 9:43:19 AM
Subject: Re: Spamhaus flags any IP announced by our ASN as a criminal network
Yes, for those prefixes are used to hosting service have been listed for a long
time. However, for those new prefixes tha
Yes, for those prefixes are used to hosting service have been listed for a
long time. However, for those new prefixes that we rented.. We just
announced it.. even though it's unreachable... They just listed to this
list.
On 2023年3月20日周一 下午10:34 Christopher Morrow wrote:
> On Mon, Mar 20,
On Mon, Mar 20, 2023 at 9:51 AM Brandon Zhi wrote:
> I don't think any ISP would reject an IP that is on the Spamhaus list.
you, clearly, have been living under several rocks for a very long time.
- Original Message -
From: "Brandon Zhi"
To: "Tim Burke"
Cc: nanog@nanog.org
Sent: Monday, March 20, 2023 6:54:41 AM
Subject: Re: Spamhaus flags any IP announced by our ASN as a criminal network
It seems you've reached the point that they ignore specific pre
>
>
> It seems you've reached the point that they ignore specific prefixes and
> set every prefix you are advertising as criminal.
Our sponsor (LIR) 62yun.com, they have 2 prefixes for VPS/Dedicated Server
using our ASN.
62yun did receive a lot of complaints, but as far as I know they have been
Have you received complaints from Spamhaus in the past? If so, have you acted
on them in a timely manner?
Based on my past experiences, Spamhaus is rather gracious at first, but if you
ignore them, they will start blocking you en masse. About 10 years ago, I
worked for a datacenter/NSP and
On Sat, Mar 18, 2023 at 10:35 PM Brandon Zhi wrote:
> We even haven't started to use, we just announced that... They marked it's a
> criminal network
They do that once they decide you've been broadly inattentive to abuse
reports. It stops folks from shuffling IP addresses to evade
filtering.
afaik, spamhaus starts to mark a whole AS as criminal, if there is to
much abuse.
It seems you've reached the point that they ignore specific prefixes and
set every prefix you are advertising as criminal.
Am 19.03.2023 um 06:35 schrieb Brandon Zhi:
However, for those prefixes
However, for those prefixes
https://www.spamhaus.org/sbl/listings/azeronline.net
We even haven't started to use, we just announced that... They marked it's
a criminal network
On 2023年3月19日周日 上午4:26 Tom Beecher wrote:
> Given the list of things on these two prefixes alone, I would venture to
Given the list of things on these two prefixes alone, I would venture to
guess it's not a misjudgement.
https://check.spamhaus.org/listed/?searchterm=5.178.2.1
https://check.spamhaus.org/listed/?searchterm=80.66.64.1
On Sat, Mar 18, 2023 at 3:47 PM Brandon Zhi wrote:
> Hello guy,
>
> We
Hi,
Contact the SBL team via the Lookup form at https://check.spamhaus.org/
The form says 'IP or Domain' but it will also look up ASNs so just put your ASN
in. That will allow you to create a ticket with the right team and the issue
should then get dealt with fairly quickly.
Regards,
Steve
It's not.
The ASN was assigned by RIPE in Sep 2019.
On Fri, Jul 23, 2021 at 3:20 PM Suresh Ramasubramanian
wrote:
> This is probably an ex afrinic stolen block?
>
> In which case it’s for afrinic to sort out and reclaim
>
> --srs
> --
> *From:* NANOG on behalf of
>
It's ASN, not IPv4 prefix.
From: NANOG On Behalf Of Suresh
Ramasubramanian
Sent: Friday, July 23, 2021 3:21 PM
To: Siyuan Miao ; North American Network Operators' Group
Subject: Re: Spamhaus ASN-DROP list
This is probably an ex afrinic stolen block?
In which case it's for afrinic to sort
This is probably an ex afrinic stolen block?
In which case it’s for afrinic to sort out and reclaim
--srs
From: NANOG on behalf of Siyuan
Miao
Sent: Friday, July 23, 2021 12:38:16 PM
To: North American Network Operators' Group
Subject: Spamhaus ASN-DROP list
On 16/10/2015 22:07, Jason Baugher wrote:
I felt I should mention, Spamhaus was quick to respond to my email and gave
me excellent information on what was triggering the blacklisting.
Can you please share about it?
Eliezer
>WAIT A MINUTE! "CBL" is not "Spamhaus", is it?!
>
>http://www.abuseat.org/
Yes, it is. Informally it was for a very long time via the Spamhaus
XBL. Now it's explicit.
There's not much practical difference, and the same people are running
it.
R's,
John
I felt I should mention, Spamhaus was quick to respond to my email and gave
me excellent information on what was triggering the blacklisting.
On Thu, Oct 15, 2015 at 1:29 PM, Larry Sheldon wrote:
> On 10/15/2015 13:27, Larry Sheldon wrote:
>
>> On 10/15/2015 12:32, Larry
On 10/15/2015 00:27, Jason Baugher wrote:
Sorry to clutter up this list with an email issue, but hopefully someone is
here from Spamhaus that can contact me off-list. I have a customer whose IP
keeps getting listed in the CBL, and even after doing packet captures of
everything in and out of
On 10/15/2015 12:32, Larry Sheldon wrote:
On 10/15/2015 00:27, Jason Baugher wrote:
Sorry to clutter up this list with an email issue, but hopefully
someone is
here from Spamhaus that can contact me off-list. I have a customer
whose IP
keeps getting listed in the CBL, and even after doing
On 10/15/2015 13:27, Larry Sheldon wrote:
On 10/15/2015 12:32, Larry Sheldon wrote:
On 10/15/2015 00:27, Jason Baugher wrote:
Sorry to clutter up this list with an email issue, but hopefully
someone is
here from Spamhaus that can contact me off-list. I have a customer
whose IP
keeps getting
When all it says is, "spam-sending trojan, malicious link, or some type of
botnet", it's not a lot to go on. I've seen examples where their lookup
tool provides more details, but in this case, the response is generic.
In fact, usually when this happens to a customer, they're able to figure
out
At dnswl.org http://dnswl.org/ we check our data against the DROP list every
once in a while. The overlap of DROP with legitimate sources of SMTP traffic is
very, very small: a low single-digit number, and most of them are crappy to
start with (so we don’t publish them, but only keep them in
On Sun, May 17, 2015 at 7:50 AM, Mike Lyon mike.l...@gmail.com wrote:
Any ISPs out there (big or small) ever used the Spamhaus BGP feed to
prevent against botnet, spam, etc? If so, how has your experience been? Is
it worthwhile? Has it helped? On / off list responses are appreciated in
How much false positives (i.e. blackholing traffic users want to reach)?
On 18.05.15 21:04, Marco d'Itri wrote:
On May 17, Mike Lyon mike.l...@gmail.com wrote:
Any ISPs out there (big or small) ever used the Spamhaus BGP feed to
prevent against botnet, spam, etc? If so, how has your
In article 555b8313.5080...@netassist.ua you write:
How much false positives (i.e. blackholing traffic users want to reach)?
Very little. The DROP list, which is what's in the BGP feed, is a
small subset of the SBL, and only includes blocks that send no
legitimate traffic at all.
On 18.05.15
On May 17, Mike Lyon mike.l...@gmail.com wrote:
Any ISPs out there (big or small) ever used the Spamhaus BGP feed to
prevent against botnet, spam, etc? If so, how has your experience been? Is
it worthwhile? Has it helped? On / off list responses are appreciated in
advance.
We use Spamhaus
On 12/18/2010 5:15 PM, Marshall Eubanks wrote:
I get nothing from wikileaks.org, although the DNS is active :
$ host wikileaks.org
wikileaks.org has address 64.64.12.170
Doesn't it seem vaguely suspicious that whois was just updated?
Domain ID:D130035267-LROR
Domain Name:WIKILEAKS.ORG
claims can be publicly
refuted?
Kind regards,
Frank
-Original Message-
From: Jack Bates [mailto:jba...@brightok.net]
Sent: Saturday, December 18, 2010 3:00 PM
To: nanog@nanog.org
Subject: Re: Spamhaus under DDOS from AnonOps (Wikileaks.info)
On 12/18/2010 6:58 AM, Steve Linford wrote
wikileaks.info's claims can be publicly
refuted?
Kind regards,
Frank
-Original Message-
From: Jack Bates [mailto:jba...@brightok.net]
Sent: Saturday, December 18, 2010 3:00 PM
To: nanog@nanog.org
Subject: Re: Spamhaus under DDOS from AnonOps (Wikileaks.info)
On 12/18/2010 6:58 AM
On Dec 19, 2010, at 8:06 AM, Joe Greco wrote:
On 12/18/2010 5:15 PM, Marshall Eubanks wrote:
I get nothing from wikileaks.org, although the DNS is active :
$ host wikileaks.org
wikileaks.org has address 64.64.12.170
Doesn't it seem vaguely suspicious that whois was just updated?
On Sun, Dec 19, 2010 at 12:46:33PM -0600, Frank Bulk - iName.com wrote:
While I tend to trust Steve and Spamhaus because of their built up
reputation, it would be helpful if some concrete facts were published about
the more than 40 criminal-run sites operating on the same IP address as
additional evidence
http://www.malwaredomainlist.com/mdl.php?search=41947colsearch=Allquantity=50inactive=on
On Sun, Dec 19, 2010 at 2:25 PM, Rich Kulawiec r...@gsp.org wrote:
On Sun, Dec 19, 2010 at 12:46:33PM -0600, Frank Bulk - iName.com wrote:
While I tend to trust Steve and Spamhaus
On 19/12/10 18:51, Paul Ferguson wrote:
Not for nothing, but Spamhaus wasn't the only organization to warn about
Heihachi:
http://blog.trendmicro.com/wikileaks-in-a-dangerous-internet-neighborhood/
All the domains listed by Trend Micro as neighbours appear to be down.
Have to say as someone
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Sun, Dec 19, 2010 at 12:29 PM, Simon Waters sim...@zynet.net wrote:
On 19/12/10 18:51, Paul Ferguson wrote:
Not for nothing, but Spamhaus wasn't the only organization to warn about
Heihachi:
On 12/19/2010 08:33 PM, Ned Moran wrote:
additional evidence
http://www.malwaredomainlist.com/mdl.php?search=41947colsearch=Allquantity=50inactive=on
On Sun, Dec 19, 2010 at 2:25 PM, Rich Kulawiec r...@gsp.org wrote:
On Sun, Dec 19, 2010 at 12:46:33PM -0600, Frank Bulk - iName.com wrote:
announcement was not so clear.
Frank
-Original Message-
From: Paul Ferguson [mailto:fergdawgs...@gmail.com]
Sent: Sunday, December 19, 2010 12:52 PM
To: frnk...@iname.com
Cc: Jack Bates; nanog@nanog.org
Subject: Re: Spamhaus under DDOS from AnonOps (Wikileaks.info)
-BEGIN PGP SIGNED
On 12/18/2010 6:58 AM, Steve Linford wrote:
For trying to warn about the crime gangs located at the wikileaks.info mirror
IP, Spamhaus is now under ddos by AnonOps. The criminals there do not like our
free speech at all.
It appears that wikileaks.org is operational again and redirecting to
On Dec 18, 2010, at 4:00 PM, Jack Bates wrote:
On 12/18/2010 6:58 AM, Steve Linford wrote:
For trying to warn about the crime gangs located at the wikileaks.info
mirror IP, Spamhaus is now under ddos by AnonOps. The criminals there do not
like our free speech at all.
It appears that
On 12/18/2010 5:15 PM, Marshall Eubanks wrote:
I get nothing from wikileaks.org, although the DNS is active :
$ host wikileaks.org
wikileaks.org has address 64.64.12.170
$ telnet 64.64.12.170 80
Trying 64.64.12.170...
Connected to 64.64.12.170.
Escape character is '^]'.
GET / HTTP/1.1
Host:
On Sun, Feb 21, 2010 at 10:59:08PM -0600, James Hess wrote:
But if the origin domain has not provided SPF records, there are some
unusual cases left open, where a bounce to a potentially fake address
may still be required.
Third time: SPF plays no role in mitigating this. Nothing stops an
On Wed, Feb 24, 2010 at 8:21 AM, Rich Kulawiec r...@gsp.org wrote:
On Sun, Feb 21, 2010 at 10:59:08PM -0600, James Hess wrote:
But if the origin domain has not provided SPF records, there are some
unusual cases left open, where a bounce to a potentially fake address
may still be required.
On 2/22/2010 12:40 AM, Suresh Ramasubramanian wrote:
Is it your position that, as a vendor of antispam services, nobody
else should offer their services for a fee?
That would be strange indeed
Actually I can sympathize with Barracuda on this one:
Bob's Widgets is running thier own mail
On Sun, 21 Feb 2010 14:57:31 GMT, Paul Vixie said:
Rich Kulawiec r...@gsp.org writes:
We're well past that. Every minimally-competent postmaster on this
planet knows that clause became operationally obsolete years ago [1], and
has configured their mail systems to always reject, never
On 2/22/2010 1:40 PM, Dave Sparro wrote:
On 2/22/2010 12:40 AM, Suresh Ramasubramanian wrote:
Is it your position that, as a vendor of antispam services, nobody
else should offer their services for a fee?
That would be strange indeed
Actually I can sympathize with Barracuda on this one:
On Mon, 2010-02-22 at 14:40 -0500, Dave Sparro wrote:
Their list, their rules; but it is indeed strange to me.
Not too strange: Little Bobby probably does one or two jobs and goes
away, leaving the system to run by itself. the SpamAssassin people
receive nothing from his choice of software.
If
On 2/22/10 11:40 AM, Dave Sparro wrote:
Actually I can sympathize with Barracuda on this one:
Bob's Widgets is running thier own mail server for their 25 employees.
They decide the need better spam filters.
They can hire Bob's nephew to drop in a Linux server running Postfix and
On Sun, 2010-02-21 at 06:27 +, John Levine wrote:
In my experience, they're pretty reasonable. I would talk to them (or
one of their datafeed sales agents) before assuming that they won't
sell you the service you need.
They are indeed. In my day job, a large group of related members of
Jon Lewis wrote:
The original question, what do you do (or have you done) when DNSBL-X
approaches you saying that your network is hitting their public NS's
too hard and wants you to pay for continued access? is something I'd
like to see some answers to. Despite the Subject:, Spamhaus is
[ This discussion really needs to move to spam-l. ]
On Sat, Feb 20, 2010 at 03:53:55PM -0500, William Herrin wrote:
I don't know what your spam intake looks like but in mine, 5% to 10%
can't be ranked high confidence until checked by an eyeball mark 1.
In my system, that fraction is a
Rich Kulawiec r...@gsp.org writes:
On Fri, Feb 19, 2010 at 08:20:36PM -0500, William Herrin wrote:
Whine all you want about backscatter but until you propose a
comprehensive solution that's still reasonably compatible with RFC
2821's section 3.7 you're just talking trash.
We're well past
Paul Vixie wrote:
so, a uucp-only site should have upgraded to real smtp by now, and by not
doing it they and their internet gateway are a joint menace to society?
that seems overly harsh. there was a time (1986 or so?) when most of the
MX RR's in DNS were smtp gateways for uucp-connected
On Sun, 21 Feb 2010, Jon Lewis wrote:
On Sun, 21 Feb 2010, Michelle Sullivan wrote:
As a matter of interest, who are the other current DNSBL's to do it?
To the best of my knowledge, MAPS was the first to do it. Uribl.com currently
does it
And SURBL.org.
Tony.
--
f.anthony.n.finch
On Sun, Feb 21, 2010 at 9:10 AM, Rich Kulawiec r...@gsp.org wrote:
Hint: nothing stops the spammers from pointing the MX records for their
throwaway domains at somebody else's mail servers. Among other things.
MANY other things, unfortunately.
Rich,
Clearly I shouldn't respond to any packets
On Sat, Feb 20, 2010 at 7:10 PM, Joel Jaeggli joe...@bogus.com wrote:
s/mime detached signatures rooted in some ca that you trust are actually
a rather good way of identifying the sender.
Joel,
Unfortunately signatures are more effective at confirming authenticity
than they are at refuting it.
Jon Lewis wrote:
On Sun, 21 Feb 2010, Michelle Sullivan wrote:
As a matter of interest, who are the other current DNSBL's to do it?
To the best of my knowledge, MAPS was the first to do it. Uribl.com
currently does it (and does the sort of query aggregation across your
entire? network)
Am 21.02.10 10:25, schrieb Michelle Sullivan:
As a matter of interest, who are the other current DNSBL's to do it?
dnswl.org currently does not do it, but bandwidth suckers are a pain.
The work is considerable: log aggregation, log review, trying to find a
responsible for the IPs and
On Sun, 21 Feb 2010, Michelle Sullivan wrote:
To the best of my knowledge, MAPS was the first to do it. Uribl.com
currently does it (and does the sort of query aggregation across your
entire? network) that I mentioned.
Can you access MAPS without a subscription at all?
At this point, I
On Sat, Feb 20, 2010 at 7:25 PM, Jon Lewis jle...@lewis.org wrote:
IMO, the original question in this thread was on-topic, but
unfortunately it
got very little discussion
I like spamhaus, they run a quality list, but they want between $1900
and $19000 per year for their rsync service and
On 2/21/2010 12:32 PM, Jon Lewis wrote:
On Sun, 21 Feb 2010, Michelle Sullivan wrote:
To the best of my knowledge, MAPS was the first to do it. Uribl.com
currently does it (and does the sort of query aggregation across your
entire? network) that I mentioned.
Can you access MAPS without a
On Feb 21, 2010, at 1:01 PM, William Herrin wrote:
On Sun, Feb 21, 2010 at 9:10 AM, Rich Kulawiec r...@gsp.org wrote:
Hint: nothing stops the spammers from pointing the MX records for their
throwaway domains at somebody else's mail servers. Among other things.
MANY other things,
On Mon, Feb 22, 2010 at 12:08 AM, Joel M Snyder joel.sny...@opus1.com wrote:
but the false positive count jumped by 112 messages per 10,000 (because
APEWS was somehow having a lousy month).
In general, the more reputation services you include, the more likely it is
you're going to have false
On Sun, Feb 21, 2010 at 1:16 PM, Patrick W. Gilmore patr...@ianai.net wrote:
You should not randomly respond to packets at arbitrary rates. If you do,
you are being a bad Netizen for exactly this reason. See things like
amplification attacks for why. ...
--
Whether it's SMTP, TCP, or
-Original Message-
From: William Herrin [mailto:b...@herrin.us]
Sent: Sunday, February 21, 2010 10:02 AM
To: Rich Kulawiec
Cc: nanog@nanog.org
Subject: Re: Spamhaus...
On Sun, Feb 21, 2010 at 9:10 AM, Rich Kulawiec r...@gsp.org wrote:
Hint: nothing stops the spammers from
-Original Message-
From: Patrick W. Gilmore [mailto:patr...@ianai.net]
Sent: Sunday, February 21, 2010 11:17 AM
To: NANOG list
Subject: Re: Spamhaus...
On Feb 21, 2010, at 1:01 PM, William Herrin wrote:
On Sun, Feb 21, 2010 at 9:10 AM, Rich Kulawiec r...@gsp.org wrote:
Hint
Is it your position that, as a vendor of antispam services, nobody
else should offer their services for a fee?
That would be strange indeed.
On Fri, Feb 19, 2010 at 5:41 AM, Dean Drako dr...@barracuda.com wrote:
With respect to Barracuda Networks and Spamhaus.
I expect, but I do not know,
On Fri, Feb 19, 2010 at 08:20:36PM -0500, William Herrin wrote:
Whine all you want about backscatter but until you propose a
comprehensive solution that's still reasonably compatible with RFC
2821's section 3.7 you're just talking trash.
We're well past that. Every minimally-competent
On Fri, 19 Feb 2010 21:28:41 -0800
Scott Howard sc...@doc.net.au wrote:
On Fri, Feb 19, 2010 at 5:20 PM, William Herrin b...@herrin.us wrote:
On Fri, Feb 19, 2010 at 3:30 PM, Rich Kulawiec r...@gsp.org wrote:
Barracuda's engineers apparently think
that using SPF stops backscatter -- and it
On Feb 20, 2010, at 12:28 AM, Scott Howard wrote:
On Fri, Feb 19, 2010 at 5:20 PM, William Herrin b...@herrin.us wrote:
On Fri, Feb 19, 2010 at 3:30 PM, Rich Kulawiec r...@gsp.org wrote:
Barracuda's engineers apparently think
that using SPF stops backscatter -- and it most emphatically does
On Feb 20, 2010, at 8:08 AM, Rich Kulawiec wrote:
On Fri, Feb 19, 2010 at 08:20:36PM -0500, William Herrin wrote:
Whine all you want about backscatter but until you propose a
comprehensive solution that's still reasonably compatible with RFC
2821's section 3.7 you're just talking trash.
I don't know WTH is up with your large Cc: list but I've removed it to keep the
conversation here, where it started. More below --
On Feb 19, 2010, at 12:53 PM, Dean Anderson wrote:
So you should think that its ok for blacklists to charge money for
things they got for free?
In the case of
On Sat, 20 Feb 2010 09:51:33 EST, Daniel Senie said:
Instead of saying well, it's obvious to everyone, do something about it.
*brrring... bring...brrriiing...*
Cluephone. It's for you.
5321 Simple Mail Transfer Protocol. J. Klensin. October 2008. (Format:
TXT=225929 bytes) (Obsoletes
On Sat, 20 Feb 2010 09:46:21 EST, Daniel Senie said:
I don't know when this was that they didn't do validation.
So they validate...
The Barracuda boxes will accept mail for domains they know about but
without validating the email address in the event the target mail server
is down. And yes,
On Feb 20, 2010, at 10:01 AM, Marc Powell wrote:
On Feb 19, 2010, at 12:53 PM, Dean Anderson wrote:
So you should think that its ok for blacklists to charge money for
things they got for free?
In the case of Spamhaus, yes, I find it acceptable to pay them for the
service they are
'' page, in the Spam Bounce (NDR)
Configuration section.
Frank
-Original Message-
From: Scott Howard [mailto:sc...@doc.net.au]
Sent: Friday, February 19, 2010 11:54 PM
To: William Herrin
Cc: nanog@nanog.org
Subject: Re: Spamhaus...
On Fri, Feb 19, 2010 at 9:28 PM, Scott Howard sc
On Sat, Feb 20, 2010 at 8:08 AM, Rich Kulawiec r...@gsp.org wrote:
On Fri, Feb 19, 2010 at 08:20:36PM -0500, William Herrin wrote:
Whine all you want about backscatter but until you propose a
comprehensive solution that's still reasonably compatible with RFC
2821's section 3.7 you're just
On 2/20/2010 9:06 AM, valdis.kletni...@vt.edu wrote:
On Sat, 20 Feb 2010 09:51:33 EST, Daniel Senie said:
Instead of saying well, it's obvious to everyone, do something about it.
*brrring... bring...brrriiing...*
Cluephone. It's for you.
5321 Simple Mail Transfer Protocol. J.
On 2/20/2010 10:36 AM, William Herrin wrote:
They didn't exactly fix it. What they did is reinforce the importance
of generating a bounce message by keeping the existing must language
from 2821 but adding:
A server MAY attempt to verify the return path before using its
address for delivery
Scott Howard wrote:
On Fri, Feb 19, 2010 at 5:20 PM, William Herrin b...@herrin.us wrote:
On Fri, Feb 19, 2010 at 3:30 PM, Rich Kulawiec r...@gsp.org wrote:
Barracuda's engineers apparently think
that using SPF stops backscatter -- and it most emphatically does not.
Reject
We don't expose our selves with finger and .plan and a number of other
things that work in a world of friends and neighbors--the world has changed
It's changed all right. Finger is now called IM presence, and .plan is
called Facebook.
Given that the world now has dozens of alternate channels
1 - 100 of 171 matches
Mail list logo