[swinog] Advice after hoax
Hey mates, Sorry for off topic, but I've just got hoaxed by someone by adding one of my email addy to quite a number of newsletter lists, manually. Though most of them are on opt-in nicely. Seems like I've tread on someones toes lately. However, I am quite curious who it was or, at least, how far infos can be discovered. I know, that a legal complaint must be opened that information can be disclosed. But what is the reason for the complaint? Rather not "Urkundenfälschung" I guess, but what? Anyone has similar experience and is able to share? Or an advice for the complaint? Thanks for your PM. Best regards, - Dan PS: None of the "Welcome" mails disclose the source IP in any part of the message. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Zukunft von Abuse Desks
On 19.03.2016 22:35, Gregor Riepl wrote: Oder ein Script basteln das das Captcha löst und automatisiert das Abuse-Formular ausfüllt... Yes!! Automatically spamming Hotmail Abuse Desk with IP removal requests for 127.0.0.0/8. Go ahead please! Regards, - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Bluewin MX Protocol Errors
Many thanks to Marcel Gschwandl, we are still investigating together the root cause for these problems. For a workaround, try to disable TLS for @bluewin.ch and @bluemail.ch Postfix/main.cf smtp_tls_policy_maps = hash:/etc/postfix/tls_policy # cat tls_policy bluewin.ch none bluemail.ch none Bests, - Dan On 03.11.2015 09:43, Skwar Alexander wrote: > Hallo > > Ja, wir haben da seit dem 2. November auch ein paar. > > > > (ep01-zcs-prod ) 0 # egrep > 'relay=mxbw.lb.bluewin.ch.*status=bounced.*Protocol error' /var/log/maillog | > wc -l > 27 > (ep01-zcs-prod ) 0 # bzegrep > 'relay=mxbw.lb.bluewin.ch.*status=bounced.*Protocol error' > /var/log/maillog.0.bz2 | wc -l > 71 > (ep02-zcs-prod ) 0 # egrep > 'relay=mxbw.lb.bluewin.ch.*status=bounced.*Protocol error' /var/log/maillog | > wc -l > 24 > (ep02-zcs-prod ) 0 # bzegrep > 'relay=mxbw.lb.bluewin.ch.*status=bounced.*Protocol error' > /var/log/maillog.0.bz2 | wc -l > 63 > (ep03-zcs-prod ) 0 # egrep > 'relay=mxbw.lb.bluewin.ch.*status=bounced.*Protocol error' /var/log/maillog | > wc -l > 24 > (ep03-zcs-prod ) 0 # bzegrep > 'relay=mxbw.lb.bluewin.ch.*status=bounced.*Protocol error' > /var/log/maillog.0.bz2 | wc -l > 64 > (ep04-zcs-prod ) 0 # egrep > 'relay=mxbw.lb.bluewin.ch.*status=bounced.*Protocol error' /var/log/maillog | > wc -l > 10 > (ep04-zcs-prod ) 0 # bzegrep > 'relay=mxbw.lb.bluewin.ch.*status=bounced.*Protocol error' > /var/log/maillog.0.bz2 | wc -l > 45 > > > Von insgesamt: > > (ep01-zcs-prod ) 0 # egrep 'relay=mxbw.lb.bluewin.ch.*status=sent' > /var/log/maillog | wc -l > 140 > (ep01-zcs-prod ) 0 # bzegrep 'relay=mxbw.lb.bluewin.ch.*status=sent' > /var/log/maillog.0.bz2 | wc -l > 602 > (ep02-zcs-prod ) 0 # egrep 'relay=mxbw.lb.bluewin.ch.*status=sent' > /var/log/maillog | wc -l > 149 > (ep02-zcs-prod ) 0 # bzegrep 'relay=mxbw.lb.bluewin.ch.*status=sent' > /var/log/maillog.0.bz2 | wc -l > 582 > (ep03-zcs-prod ) 0 # egrep 'relay=mxbw.lb.bluewin.ch.*status=sent' > /var/log/maillog | wc -l > 122 > (ep03-zcs-prod ) 0 # bzegrep 'relay=mxbw.lb.bluewin.ch.*status=sent' > /var/log/maillog.0.bz2 | wc -l > 625 > (ep04-zcs-prod ) 0 # egrep 'relay=mxbw.lb.bluewin.ch.*status=sent' > /var/log/maillog | wc -l > 138 > (ep04-zcs-prod ) 0 # bzegrep 'relay=mxbw.lb.bluewin.ch.*status=sent' > /var/log/maillog.0.bz2 | wc -l > 584 > > > > > Wir nutzen: > > (ep01-zcs-prod ) 0 # pkg info | grep postfix > postfix-2.11.3_3,1 Secure alternative to widely-used Sendmail > > Grüsse > Alexander > > > > ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Bluewin MX Protocol Errors
Do any other also got troubles in messaging @bluewin.ch customers? Nov 2 14:32:54 postfix/smtp[8102]: : to=, relay=mxbw.lb.bluewin.ch[195.186.99.50]:25, delay=0.07, delays=0/0/0.03/0.03, dsn=5.5.0, status=bounced (Protocol error: host mxbw.lb.bluewin.ch[195.186.99.50] said: 250 2.0.0 RCPT TO accepted (in reply to DATA command)) TIA - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] www.bluewin.ch not on DNS. Monitored from 2 locations. Anyone else?
Uhu! On 06.04.2014 02:48, Matthias Hertzog wrote: $ ping www.bluewin.ch ping: cannot resolve www.bluewin.ch: Unknown host The authoritative nameserver do not answer: adnso1.bluewin.ch [195.186.196.180] adnso2.bluewin.ch [195.186.196.190] adnsz1.bluewin.ch [195.186.145.180] adnsz2.bluewin.ch [195.186.145.190] So that's why a customers VPN tunnel vanished. Another possibility to wake up techie collegues... Regards, - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Blocking Malware distribution sites
Dear Serge On 11/11/2010 08:22 AM, Serge Droz wrote: From different third parties we receive a fairly large number of URLs in .ch/.li ccTLDs which distribute malware. We're talking a few hundred URLs per week. In a first step SWITCH verifies that this claim is true. On the first glance, this seems to be a neat thing. But then again, who decides if 'something' is considered to be malware or not? This actually could be mistreated to a cencorship on DNS level. My 0.02€. Regards, - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Blocking Malware distribution sites
On 11/11/2010 11:01 AM, Martin Jaggi wrote: You did mention AEFV SR784.104. Art 14bis requires Switch to do this: Die Registerbetreiberin muss einen Domain-Namen blockieren und die diesbezügliche Zuweisung zu einem Namenserver aufheben: a. wenn der begründete Verdacht besteht, dass dieser Domain-Name benutzt wird: 1. um mit unrechtmässigen Methoden an schützenswerte Daten zu gelangen, oder 2. um schädliche Software zu verbreiten, und b. wenn eine in der Bekämpfung der Cyberkriminalität vom BAKOM anerkannte Stelle die Blockierung beantragt hat. Source: http://www.admin.ch/ch/d/sr/784_104/a14bist.html Neither Serge nor Martin is noticing the next paragraph: 2 Wenn die Bedingungen gemäss Absatz 1 Buchstabe a erfüllt sind, aber der Antrag auf Blockierung einer Stelle gemäss Absatz 1 Buchstabe b fehlt, kann die Registerbetreiberin für höchstens fünf Werktage einen Domain-Namen blockieren und die diesbezügliche Zuweisung zu einem Namenserver aufheben. Nach Ablauf der festgelegten Frist hebt sie jede Massnahme auf, die nicht durch einen Antrag einer Stelle gemäss Absatz 1 Buchstabe b bestätigt wird. So this is only a temporary blockage of at max 7 days. After this periode, the zone file must be delegated again. If DNS caches are not flushed or overriden within this time, this non-delegation is futile. But what really makes me angry is, that Swiss parliament agreed in self judgement of a third party company. It really seems, that our parliament needs more technical understanding. - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Internet connectivity maps for 2000 from Sunrise and (gasp) Nextra
Hi Thomas, After some googling, I've found it: David Meyers BGP archive for University of Oregon: * http://www.routeviews.org/ * http://archive.routeview.org/ The 'sh ip bgp' archive goes back to 1997'. HTH - Dan Am 5/18/10 4:17 PM, schrieb Thomas Kernen: Hi Dan, Sure if you do I would love to. I'm using Geoff Huston's BGP data for the time being, but other pointers could be useful. Thanks T On 5/18/10 2:50 PM, Daniel Kamm wrote: Hello Thomas, are you looking for BGP tables back on 2000? I remember I was using some online BGP table archive for a study work of mine, but I cant remember the name. Are you interested to have me search in my old studies archive? Regards, - Dan Am 5/18/10 1:06 PM, schrieb Thomas Kernen: For the presentation I'm building for the next SwniNOG meeting, I'm trying to find old Internet connectivity maps from back in 2000. Unfortunately Google has failed to provide me with the source to that data. I'm specifically looking for some from Sunrise and Nextra that that era. If someone still has them in their archive folder, please unicast them to me, to not spoil the fun. Thanks Thomas ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Performance Problems today...
Am 5/7/10 10:39 AM, schrieb Pascal Gloor: Yet again a fantastic FAIL of an ALL-IN-ONE-CAN-ALSO-DO-COFFEE firewall. As long as it doesn't fail to brew coffee, I thing that device is still doing it's duty. scnr, - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] ProLiant Debian
Am 2/21/10 10:49 AM, schrieb Alexandre Suter: You can find 2.5 trays on e-bay though (look for the corresponding Sun part number). For HP ProLiant users, that one could be very handy: http://www.pcp.ch/product-1a15080534.htm?parnr=12832879 Cheerz, - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Debian vs. Ubuntu
Hi Benjamin Am 1/28/10 4:51 PM, schrieb Benjamin Schlageter: Just running normal ISP services like dhcp, dns, webserver and so on. Main focus is the long support, maybe I'll wait for 10.04 LTS - so I got support to the year 2015:) I run several Ubuntu Server boxes. For the services you meantioned, you can use Ubuntu without troubles. You even have more hardware support, which is essential if you use newer server hardware. However, dist-upgrading might be a PITA with Ubuntu, since they change concepts more frequently than Debian (f.e. upstart and udev). Cheerz, - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Greylisting
Stanislav Sinyagin wrote: last AprilMartin Blapp has presented a nice concept at SwiNOG: instead of greylisting, the SMTP server delays the first OK response to HELO/EHLO for 30 seconds. That is usually enough for the vast majority of spambots to give up. On a heavy traffic mail server, you probably run into a max session problem when you try to hold many idle connections for 30 seconds. - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] SWITCH Sourceforge mirror available again
Pascal, Pascal Gloor wrote: It should be Note that, like mirror.switch.ch and many other of our services, this is reachable over IPv4 in addition to IPv6 As long as IPv6 is not availabe for the end user *by default* (and I mean that as a broad hint for all the big xDSL and Cable providers), situation will not be like that. Cheerz, - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] F*ing Spammers and stupid customer code...
Mike Kellenberger wrote: totally correct, thanks! Looks like I'm the stupid SysAdmin as well... :-) Actually, this problem is known since ages. I wonder, why you fall into that right now. But what I really realise is, that this list is populated by Swiss Hosting Sysadmins from all important hosters. But they don't really share their experience and their actual problems. I mean in my old hosting days, I was glad to have some direct connections (for example per IRC), where I just could point out some troubles and solve them quickly. So Hosting-Sysadmins, please get together and share your mind! This list is very network related and this is good so. Probably an other list would suit better for all hosters. Cheerz, - Dan PS: If I still was with a hoster, I would now take care of that. So maybe someone else can take the initiative. ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] IP Management Tool
On Thu, 2008-11-13 at 11:39 +0100, Viktor Steinmann wrote: alternative to managing IP addresses on a Spreadsheet... I personally prefer any Wiki to a Spreadsheet. It's able to handle multiple users at a time, searchable, versionised and has about the same clarity. - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] RBL's (again) (Was: Anyone from Green here?)
On Oct 15, 2008, at 11:01 AM, Marco wrote: we made the experience that not greylisting itself is the problem. the problem are miss configured mailservers with wrong queue times or servers interpreting the greylisting temp error code as an error. There are times, where the sending MTAs queue size is far to big for the MTA to meet the queue times. I saw such problems multiple times. When graylisting is configured for too short acceptance time, you will have messages, which won't be transmitted. My 0.015€. - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] bluewin ADSL ... everything okay?
On Mar 12, 2008, at 9:08 AM, Matthias Hertzog wrote: Does anyone else in here receives phone calls, that websites and mailservers cannot be reached from bluewin ADSL? Yes, we too. Customers report, that instead of our company site they receive a my-space site with our logo on it. Cheerz - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: AW: [swinog] Large IP Block at Akamai?
I've tested some connections I have access to with a pretty interesting result: - Two BB accesses within AS8404, one got access to [1], the other one not! - One ADSL behind AS21494 works fine. - Upstream traffic over AS13030 works fine. To me it seems like a large IP block on Akamai spread over several AS, rather than an routing issue. Here some traces: [AS8404 doesn't work] [EMAIL PROTECTED]:/home/dkamm# traceroute -I akamai.com traceroute to akamai.com (124.40.41.103), 30 hops max, 40 byte packets 1 gw.office.hostpoint (192.168.0.1) 0.303 ms 0.300 ms 0.301 ms 2 10.167.128.1 (10.167.128.1) 120.307 ms 120.408 ms * 3 * * * 4 * * * 5 * * * 6 * * * 7 * us-was02a-rd1-pos-1-0.aorta.net (213.46.160.106) 114.573 ms 119.279 ms 8 213.46.190.10 (213.46.190.10) 200.485 ms 200.502 ms * 9 * * * 10 * * * 11 * * * 12 * * * 13 * 124.40.41.103 (124.40.41.103) 312.662 ms 316.452 ms [AS8404 works] (09:40:28 AM) cal: antarctica:root # traceroute -I akamai.com traceroute: Warning: akamai.com has multiple addresses; using 212.23.33.16 traceroute to akamai.com (212.23.33.16), 64 hops max, 72 byte packets 1 10.167.128.1 (10.167.128.1) 8.226 ms 8.688 ms 6.696 ms 2 * * * 3 * * * 4 194.42.48.74 (194.42.48.74) 6.537 ms 6.785 ms 6.881 ms 5 PO6-0.zrh-jos-access-1.interoute.net (212.23.43.225) 16.112 ms 25.241 ms 16.107 ms 6 PO10-0.fra-006-core-1.interoute.net (212.23.43.214) 16.478 ms 84.129 ms 25.999 ms 7 Gi7-0-0.fra-006-access-2.interoute.net (212.23.42.138) 16.246 ms 24.443 ms 15.907 ms 8 212.23.33.16 (212.23.33.16) 19.111 ms 14.429 ms 19.147 ms [AS21494 works] [EMAIL PROTECTED]:~$ sudo traceroute -I akamai.com [sudo] password for dani: traceroute to akamai.com (84.53.136.81), 30 hops max, 40 byte packets 1 fritz.fonwlan.box (10.0.36.1) 0.855 ms 4.834 ms 4.838 ms 2 zh1-lns01-lo1.noc.green.ch (80.254.161.230) 8.915 ms 10.382 ms 12.629 ms 3 zh1-cor01-vlan200.noc.green.ch (80.254.161.49) 14.818 ms 16.788 ms 18.450 ms 4 gi2-2.213.core01.zrh01.atlas.cogentco.com (130.117.243.173) 20.958 ms 22.591 ms 24.788 ms 5 po6-0.core01.str01.atlas.cogentco.com (130.117.0.53) 75.911 ms 75.915 ms * 6 te1-4.ccr01.str01.atlas.cogentco.com (130.117.0.190) 35.711 ms 35.550 ms 37.915 ms 7 te7-1.mpd02.fra03.atlas.cogentco.com (130.117.3.81) 42.448 ms 14.337 ms 15.682 ms 8 te3-1.ccr01.ams03.atlas.cogentco.com (130.117.2.202) 25.273 ms 20.738 ms 22.565 ms 9 amsix-ams5.netarch.akamai.com (195.69.144.168) 25.149 ms 21.283 ms 23.363 ms 10 84.53.136.81 (84.53.136.81) 25.686 ms 27.271 ms 28.730 ms [AS29097 works] [EMAIL PROTECTED]:/home/dani# traceroute -I akamai.com traceroute to akamai.com (84.53.136.81), 30 hops max, 40 byte packets 1 pcore01-vl100.zrh01.hostpoint.ch (217.26.49.3) 10.322 ms 14.252 ms 14.386 ms 2 edge-02-0-2.zrh01.hostpoint.ch (217.26.48.3) 13.865 ms 14.036 ms 14.145 ms 3 gw-hostpoint.init7.net (82.197.163.17) 14.509 ms 14.654 ms 14.775 ms 4 r1.core.init7.net (213.144.128.1) 14.887 ms 15.017 ms 15.136 ms 5 r1ams.ce.init7.net (82.197.168.97) 24.252 ms 24.446 ms 24.563 ms 6 amsix-ams5.netarch.akamai.com (195.69.144.168) 24.692 ms 19.390 ms 19.849 ms 7 84.53.136.81 (84.53.136.81) 19.575 ms 19.739 ms 20.112 ms Last hop of the one who doesn't work is within NTT in Japan. HTH - Cheerz - Dan [1]: I've tested sf.tv, microsoft.com, dell.ch and yahoo.com ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
RE: AW: [swinog] Large IP Block at Akamai?
On Tue, 2008-01-29 at 01:05 -0800, Christian Jouas wrote: 8404 has some Akamai servers inhouse This is it! Changed nameserver to AS8404 nameservers, Sites had been available again. So it seems that Akamai traffic is not allowed to cross AS8404 but has to be loaded from the Akamai servers within AS8404. Is that a likeley setup or a configuration failure? Am I bound to change my resolvers? Cheerz - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
RE: AW: [swinog] Large IP Block at Akamai?
On Tue, 2008-01-29 at 01:05 -0800, Christian Jouas wrote: 8404 has some Akamai servers inhouse And we are using our own name servers which are not behind 8404 access network. That could be the reason. Stdby... - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: Re: [swinog] The truth about UCEPROTECT-Blocklists
Dear Claus On Thu, 2008-01-17 at 02:41 +0100, Claus v. Wolfhausen wrote: we have Level 1 listed the IP 195.162.162.159 spamming the list with it's stupid autoresponder, so if swinog uses UCEPROTECT-Level 1 the loop should be broken now. Tell me, that you are not really blocking IPs because of some email domains behind are throwing automatically created reponses back? You are really comparing apple to pears. You should block email domains but not IPs. Let's say you have a load balanced environment with let's say 100'000 domains and 1 mio email addresses, using a /24 for email services. The collateral damage you are taking in account if one single address is throwing back automated responses is immense. Not to mention if you are blocking one IP - you then have a lottery if email will get transmitted. Sorry, but that gets me upset. Cheerz - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
RE: [swinog] Windows-Pizza
On Mon, 2007-11-26 at 14:39 -0800, Scott Weeks wrote: Lynx says it all: ** Bad HTML!! ...snipped stuff here... No wonder: Taken out of 'the real site' shown in msie: !-- index.php Start von shop-pizza.novalku.com äöü 07.10.01 -- !DOCTYPE HTML PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN http://www.w3.org/TR/html4/loose.dtd; html head I don't call that correct HTML code. :-) And by the way, they also blame Firefox (which they do not know to spell right) if you're using Opera, Konqueror or Safari. The only thing was, that my collegues Safari was hanging when the java script pop-up appear. What a joker! - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
RE: [swinog] UCEProtect Blacklist -- join the club
On Wed, 2007-11-07 at 10:54 +0100, Per Jessen wrote: commercial Nah, leave the spam-filtering to us :-) The user and the ISP both have better things to do. /commercial :-D - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
RE: [swinog] UCEProtect Blacklist -- join the club
On Wed, 2007-11-07 at 12:29 +0100, Charles Buckley wrote: The provider moved instantaneously to identify the offender and kick them out. The compromised SMTP account is now closed. But, just as Sunrise, they are not willing to pay the fee to SORBS to change the status on the list. As ISP you don't have to pay a fee for delisting at SORBS. Simply mail to [EMAIL PROTECTED] and tell them your ASN. Without ASN your mail will be dropped. Cheerio - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] UCEProtect Blacklist
On Fri, 2007-11-02 at 21:46 +0100, Marco Meile wrote: We have some Problems with the UCEProtect.net blacklist. We considered UCEprotect as absolutely unreliable and unprofessional and are ignoring listings there. And I think so are 'the big swiss ones'. And for sure, it's impossible to handle all those RBL which are online. IMO any postmaster who blockes mails upon one blacklist entry is ... (what was that polite description of moron?) ;) Cheers - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
RE: [swinog] Candid Aeby is out of the office.
On Thu, 2007-10-04 at 15:41 +0200, [EMAIL PROTECTED] wrote: So what is your proposal? there are several solutions: a. quit the company b. fire / mob the mcma (mentally challenged mail admin) c. install your own mailexchanger and forward all mails to that one d. slap the mcma until he changes the mail software e. get rid of mcma and apply for his job f. get a way to lower the budget for mailapplications ,-) -- install g. use a private mail address, where you don't have to put stupid ooo messages. Additionally you don't have to change all mailing-list memberships when you get a new business card. ;) Have funn! - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] smtp attacks
On Mon, 2006-11-27 at 17:58 +0100, Rene Luria wrote: It is due to bounces coming from everywhere. Spamers using fake email addresses from domains for which we are the MX. The amount of such emails (which we almost all reject, user unknown, etc.. because of the fake email addresses) is enormous compared to normal traffic (like 10 times what we have in general). I can confirm such behaviour, thus here it's not that heavy like the end of last year. Any catch-all is horrible in such cases. In my opinion, this is tactically used to 'find' valid email addresses for later use. But no proof of that. On Mon, 2006-11-27 at 18:45 +0100, Daniel Lorch wrote: What's really funny is when you set the MX of the domain to 127.0.0.1, so the mails bounce back to the postmaster of the offending server(s). Sure, you don't want to receive _any_ email? You will get rid of a lot of customers like that, Daniel. You rather limit the connection per host simultanously and - if possible - add more mx servers. Graylisting possibly helps as well. Cheerz - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: AW: [swinog] Sunrise network issues?
On Fri, 2006-09-22 at 15:07 +0200, Gunther Stammwitz wrote: Some performance measurements from Frankfurt: Back to our studies, we tried to implement a system, that periodically stores traceroutes from looking glass servers to some other endpoints. The main goal was to display a map which shows which provider uses wich route and detect routing changes (well, this had never been reached). If someones interessted, leave me a PM. Have a nice weekend! - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Formmailer-Scripts and Spam
On Tue, 2006-08-15 at 17:35 +0200, Matthias Hertzog wrote: We're facing a growing amount of automatically generated HTTP POST requests, all containing spamvertising links We are also struggling with this issue, but not only since a few days or weeks. I get 3-6 abused forms each day! IMO it's the 'programmers' fault, who should parse the rubbish, which his form receives. Here two cool links (sorry, in german): http://www.heise.de/security/artikel/66815 http://forum.jswelt.de/tutorials-php/28074-spam-ueber-kontakt-formulare-verhindern.html Cheerz - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Out-of-Office Policies?
EHLO On Wed, 2006-07-26 at 08:21 +0200, Viktor Steinmann wrote: - We all agree OoO should not be sent to Mailinglists. This can usually be achieved by checking for precedence bulk and not replying to those. The easiest way to achieve that, is to use a separate mail box to handle mailing list mails. Of course, this mail box does not have a OoO turned on ;) On Tue, 2006-07-25 at 20:13 +0200, Matthias Leisi wrote: 1. Does your organisation allow OoO to external recipients? Since our external customer contact is handled by a ticketing system, our personal email addresses are mainly for internal use. We do not have any regulations set up for OoO and there is no need for OoO here anyway. Greez - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] good and bad blacklists?
Hi Marco On Tue, 2006-02-28 at 11:28 +0100, Marco Balmer wrote: Has everyone experiences with good and bad blacklists for mail-servers? For the moment I use the following three: relays.ordb.org sbl-xbl.spamhaus.org bl.spamcop.net What about dnsrbl.swinog.ch? :-D or: dnsbl.sorbs.net is another reliable address. On Tue, 2006-02-28 at 11:34 +0100, Benoit Panizzon wrote: I wouldn't use Blacklist for direct blocking anymore. Just combine scores of blacklists in Spamassassin and if multiple blacklists match, then you could block. If you are only serving your private mail, you can block everything exept SpamCop's entries. SpamCop is definetly the fastest one in blocking everything. If you are serving email services for customer purpose, please just score the mails (Spamassassin makes a very good job!). All our Abuse-Desks will appreciate that! :-) Cheers - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] swisscom dsl down?
On Fri, 2005-07-15 at 10:00 +0200, Martin Ebnoether wrote: Even here at GPS Technik AG, customers do call in. We don't sell ADSL or do ADSL but people complain anyway. Also here customers called in saying I can't reach... Cheers - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Visit of Billag AG at home !
On Fri, 2005-04-22 at 15:20 +0200, Willy van Gulik wrote: [...] I own a car and didn't plugged the antenna so I m unable to receive any FM Radio and so on. My building hasn't any antenna connection to cable or whatever. [...] Sorry, this might be fully OT, but never mind. Let's back up the whole 'Billag' thing. About 60% has got and/or: - radio receivers in the house or in the car or incl in the handy - tv receivers (incl. UMTS handy receivers) - broadband access with installed media players So there might be around 2-5% of swiss households who doesn't have any media receivers according to the actual law. In early days there had been more, ok, but their getting fewer and fewer (also because more and more receivers are taxable). So why don't we/they stop the whole thing and make everyone liable to pay those taxes? We could safe much administration expense, e.g. all the wages of those ppl who are checking our hoseholds. And this will finally lower those taxes and make them affordable for everyone. Any drawback? This will raise the unemployment. Just an idea... Have a nice weekend - Dan ___ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog