Re: Uptick in spam
On 2015-10-27 13:08, Ian Smith wrote: But that's not how SPF works. In SPF, the domain of the envelope header sender address is checked against that domain's sender policy. Since jdlabs.fr has no policy specified, a strict SPF policy at the NANOG server would have prevented this small issue. No sane system rejects email based on the lack of a SPF policy. If the domain had a policy ending in "-all" and the spam wasn't coming from a source allowed by the policy then it should be marked as failing, held for moderator review, or rejected. -- “Simply stated, we have a new formula for Coke.” --- Roberto C. Goizueta, Company Chairman, Coca-Cola
Re: Does no one monitor the list on weekends?
On 2015-10-26 18:17, Jim Mercer wrote: On Sun, Oct 25, 2015 at 09:59:40PM -0400, Robert Webb wrote: This spam is ridiculous! it should be noted that it has been flowing all weekend, and nobody really complained or even commented on it until this morning. so, yeah, maybe the list is on auto-pilot, which is totally understandable. however, all the members seemed to be on auto-pilot as well. (or maybe enjoying their weekend) --jim Complaining was happening. Check the timestamp of the email you replied to as well as the archives: https://mailman.nanog.org/pipermail/nanog/2015-October/. The outbound mail queue was full of spam so the complaints were delivered late -- “Simply stated, we have a new formula for Coke.” --- Roberto C. Goizueta, Company Chairman, Coca-Cola
Re: Question re session hijacking in dual stack environments w/MacOS
On 2015-09-27 03:34, Dovid Bender wrote: But when you're seeing the same session being used from two wildly different places (in this case, IPv4 and IPv6) at the SAME TIME, that does seem rather suspicious in the absence of other information. iOS 9 has a new feature called "Wi-Fi Assist" that will "automatically use cellular data when Wi-Fi connectivity is poor". This will most likely cause those pesky IP checks to fail (even if you use a /24 or AS check). Geolocation checks will also fail in some cases. My geolocation when connected to WiFi and when using cellular data are widely different. WiFi reports the city I'm in while cellular reports the city that their HQ is in. -- “Simply stated, we have a new formula for Coke.” --- Roberto C. Goizueta, Company Chairman, Coca-Cola
Re: ARIN Region IPv4 Free Pool Reaches Zero
On 2015-09-26 22:56, Seth Mattinen wrote: What's worked for me is not signing or renewing or buying things that lack IPv6 support. While you're demanding better technology you may also want to include things like crypto in there. I've gotten proposals for things that support IPv6 but only work with SSLv2/SSLv3 with a weak cipher and with MD5 or SHA1 only. I've even had ones that didn't implement certificate verification at all or say they did but then it turned out not to work at all. Disgusting and unacceptable. (But they did support IPv6!) -- “Simply stated, we have a new formula for Coke.” --- Roberto C. Goizueta, Company Chairman, Coca-Cola
Re: Extraneous "legal" babble--and my reaction to it.
On 2015-09-06 19:18, Scott Weeks wrote: It could be much easier. Folks that care about the mailing list rules, want to be courteous to list folks and want to use their company email, rather than one that inserts no disclaimer, could put 15 lines of blank as part of their signature. This would force all the crap far enough down the page that it wouldn't be bothersome. scott Everyone: Honestly.. the best method is to not let it bug you anymore. It's only a seething issue to you because you let it be. You're suggesting that one use 15 blank lines just so that you don't have to see any of these self-inflicted transgressions. It would be much simpler and less taxing on all involved to simply not let it bother you anymore. "Impossible!" you may cry.. but I don't believe so. I used to be the same. It's easily beatable. You could send twenty paragraphs of so-called 'legal text' suffixed to your email and I wouldn't so much as bat an eye. It may take some personal effort but you need to learn to 'let it go'. This is a non-issue in the scope of things and you've made a mountain out of this grain of sand. Brush it aside and move on. It isn't worth your time.
