Re: really amazon?

2019-07-30 Thread Jay R. Ashworth 
- Original Message -
> From: "Christoffer Hansen" 

> On 30/07/2019 01:03, Dan Hollis wrote:
>> Jul 29 09:47:27 yuri sendmail[14067]: x6TGlQe4014062:
>> to=, ctladdr=
>> (500/500), delay=00:00:01, xdelay=00:00:01, mailer=esmtp92,
>> relay=amazon-smtp.amazon.com. [207.171.188.4], dsn=5.1.1, stat=User unknown
> 
> ... :wondering: Works fine for me. If sending from $CORP e-mail account
> hosted on O365 infrastructure.

Yup; I think that was most of his point: 

POC Email addresses MUST be whitelisted ahead of/through every protection
device/software you deploy on incoming mail.

Cheers,
-- jra
-- 
Jay R. Ashworth  Baylink   j...@baylink.com
Designer The Things I Think   RFC 2100
Ashworth & Associates   http://www.bcp38.info  2000 Land Rover DII
St Petersburg FL USA  BCP38: Ask For It By Name!   +1 727 647 1274

Re: User Unknown (WAS: really amazon?)

2019-07-30 Thread Töma Gavrichenkov 
On Tue, Jul 30, 2019 at 1:20 PM Christoffer Hansen
 wrote:
> Imagine ARIN did a take from RIPE NCC [Policy Proposal Idea?] and a
> policy came into effect of validating ALL 'OrgAbuseEmail' objects listed
> in the ARIN database.

Just to be precise, such a policy (2019-04) is still in a discussion
phase in RIPE and has already seen significant resistance.

You can, however, point fingers at APNIC instead, where pretty much
the same policy proposal from the same authors (prop-125) was already
implemented in apnic-127-v006 "Internet Number Resource Policies".

I think they will be planning to reach out to ARIN with the same text
right after the RIPE process ends this way or another.

--
Töma

Re: User Unknown (WAS: really amazon?)

2019-07-30 Thread John Curran 
On 30 Jul 2019, at 6:44 AM, Scott Christopher 
mailto:s...@ottie.org>> wrote:

On 30/07/2019 11:59, Chris Knipe wrote:

Then update your ARIN records to reflect that.  Fully agree with Dan on
this one.

Imagine ARIN did a take from RIPE NCC [Policy Proposal Idea?] and a
policy came into effect of validating ALL 'OrgAbuseEmail' objects listed
in the ARIN database. And revoked the resources from those that failed
to respond after multiple attempts.

Then imagine the media attention, public outcry, corporate lawyers from Amazon, 
the pressure from Congress, and an ARIN that would no longer function as an 
independent body anymore. . .

Scott -

Alas, you have a fundamental misunderstanding about the nature of ARIN…  we 
don’t do anything other than implement policies that this community wants.  If 
the community developed a policy to require Abuse POC’s validation, and said 
policy made clear that failure to do so was to result in revocation, then ARIN 
would indeed implement the policy (and that includes revocation for those who 
ignored the policy.)

This is actually exactly the way the US Government asked us to operate in 1997 
- "Creation of ARIN will give the users of IP numbers (mostly Internet service 
providers, corporations and other large institutions) a voice in the policies 
by which they are managed and allocated within the North American region.”  
.Further, this 
support was reiterated by the USG recently in 2012 - "The American Registry for 
Internet Numbers (ARIN) is the RIR for Canada, many Caribbean and North 
Atlantic islands, and the United States. The USG participates in the 
development of and is supportive of the policies, processes, and procedures 
agreed upon by the Internet technical community through ARIN.”  


We’ve see the lawyer route as well, and I have zero doubt in both the 
enforceability of the ARIN registration services agreements and ARIN’s ability 
to operate the registry according to the community policy.

So, my advice is that this community not make policy that it doesn’t want to 
see implemented (and if you have interest or concern about ARIN policies, then 
I’d recommend get involved in their development – 
https://www.arin.net/get-involved/)

i.e. the good news is that this community gets to decide how IP addresses are 
managed in the region (as opposed to some federal agency) – the consequence is 
that we really do manage the registry as directed by this community, so please 
try to avoid self-immolation if at all possible...

Thanks!
/John

John Curran
President and CEO
American Registry for Internet Numbers

Re: really amazon?

2019-07-30 Thread Töma Gavrichenkov 
On Tue, Jul 30, 2019 at 2:15 AM Mel Beckman  wrote:
> So why not just say so?

Because at the times of USENIX the very next reply to such a message
would've been "what are the steps to reproduce your problem".

--
Töma

Not noreply autoresponder (WAS: really amazon?)

2019-07-30 Thread Christoffer Hansen 

On 30/07/2019 13:56, Robert McKay wrote:
> Even if it existed it would just be an autoresponder telling you that
> your email wasn't read and to go resubmit the report on their website.

Both yes and now. See below:*



"""
We are sorry to hear that you received unwanted email through Amazon SES.

Please note, this reporting address is only for mail sent via Amazon SES
(emails originated from 54.240.0.0/18). If you have a complaint about
other AWS abuse (e.g. EC2), please submit your complaint here:
https://aws.amazon.com/forms/report-abuse

If you did not provide the following information, please contact
email-ab...@amazon.com again with:

1. The full headers of the objectionable email message. For examples of
how to find email headers, see
https://support.google.com/mail/answer/22454?hl=en .

2. The type of abuse you are experiencing. For example, you didn't sign
up to receive emails from the sender, the sender doesn’t have an opt-out
option, etc.

Thank you for the report!

Sincerely,

The Amazon SES Team
"""



*) The contents I got back after firing Test E-mail from $CORP email
account on O365 infrastructure.

Christoffer



signature.asc
Description: OpenPGP digital signature

Re: really amazon?

2019-07-30 Thread Robert McKay 

On 2019-07-30 10:59, Chris Knipe wrote:

On Tue, Jul 30, 2019 at 11:45 AM Scott Christopher 
wrote:


Dan Hollis wrote:


RCPT To:

<<< 550 #5.1.0 Address rejected.
550 5.1.1 ... User unknown

DATA

<<< 503 #5.5.1 RCPT first


Try j...@amazon.com

--
S.C.


Then update your ARIN records to reflect that.  Fully agree with Dan
on this one.


Even if it existed it would just be an autoresponder telling you that 
your email wasn't read and to go resubmit the report on their website.


Maybe they should change it to nore...@amazon.com.

Rob

Re: really amazon?

2019-07-30 Thread Christoffer Hansen 

On 30/07/2019 01:03, Dan Hollis wrote:
> Jul 29 09:47:27 yuri sendmail[14067]: x6TGlQe4014062:
> to=, ctladdr=
> (500/500), delay=00:00:01, xdelay=00:00:01, mailer=esmtp92,
> relay=amazon-smtp.amazon.com. [207.171.188.4], dsn=5.1.1, stat=User unknown

... :wondering: Works fine for me. If sending from $CORP e-mail account
hosted on O365 infrastructure.

Christoffer



signature.asc
Description: OpenPGP digital signature

Re: User Unknown (WAS: really amazon?)

2019-07-30 Thread Matt Hoppes 
I thought it was already a requirement that the POC info had to be validated 
once a year and accurate?

> On Jul 30, 2019, at 6:44 AM, Scott Christopher  wrote:
> 
> Christoffer Hansen wrote: 
> 
>>> On 30/07/2019 11:59, Chris Knipe wrote:
>>> 
>>> Then update your ARIN records to reflect that.  Fully agree with Dan on
>>> this one.
>>> 
>> 
>> Imagine ARIN did a take from RIPE NCC [Policy Proposal Idea?] and a
>> policy came into effect of validating ALL 'OrgAbuseEmail' objects listed
>> in the ARIN database. And revoked the resources from those that failed
>> to respond after multiple attempts.
> 
> Then imagine the media attention, public outcry, corporate lawyers from 
> Amazon, the pressure from Congress, and an ARIN that would no longer function 
> as an independent body anymore. . .
> 
> -- 
> S.C.

Re: User Unknown (WAS: really amazon?)

2019-07-30 Thread Scott Christopher 
Christoffer Hansen wrote: 

> On 30/07/2019 11:59, Chris Knipe wrote:
>
> > Then update your ARIN records to reflect that.  Fully agree with Dan on
> > this one.
> > 
> 
> Imagine ARIN did a take from RIPE NCC [Policy Proposal Idea?] and a
> policy came into effect of validating ALL 'OrgAbuseEmail' objects listed
> in the ARIN database. And revoked the resources from those that failed
> to respond after multiple attempts.

Then imagine the media attention, public outcry, corporate lawyers from Amazon, 
the pressure from Congress, and an ARIN that would no longer function as an 
independent body anymore. . .

-- 
S.C.

User Unknown (WAS: really amazon?)

2019-07-30 Thread Christoffer Hansen 

On 30/07/2019 11:59, Chris Knipe wrote:
> On Tue, Jul 30, 2019 at 11:45 AM Scott Christopher wrote:
>> Dan Hollis wrote:
>>> >>> RCPT To:
>>> <<< 550 #5.1.0 Address rejected.
>>> 550 5.1.1 ... User unknown
>>> >>> DATA
>>> <<< 503 #5.5.1 RCPT first
>>
>> Try jeff () amazon
>>
> Then update your ARIN records to reflect that.  Fully agree with Dan on
> this one.
> 

Imagine ARIN did a take from RIPE NCC [Policy Proposal Idea?] and a
policy came into effect of validating ALL 'OrgAbuseEmail' objects listed
in the ARIN database. And revoked the resources from those that failed
to respond after multiple attempts.



signature.asc
Description: OpenPGP digital signature

Re: really amazon?

2019-07-30 Thread Chris Knipe 
On Tue, Jul 30, 2019 at 11:45 AM Scott Christopher  wrote:

> Dan Hollis wrote:
>
> > >>> RCPT To:
> > <<< 550 #5.1.0 Address rejected.
> > 550 5.1.1 ... User unknown
> > >>> DATA
> > <<< 503 #5.5.1 RCPT first
>
> Try j...@amazon.com
>
> --
> S.C.
>


Then update your ARIN records to reflect that.  Fully agree with Dan on
this one.


-- 

Regards,
Chris Knipe

Re: really amazon?

2019-07-30 Thread Scott Christopher 
Dan Hollis wrote: 

> >>> RCPT To:
> <<< 550 #5.1.0 Address rejected.
> 550 5.1.1 ... User unknown
> >>> DATA
> <<< 503 #5.5.1 RCPT first

Try j...@amazon.com

-- 
S.C.