[swinog] Re: How to destroy data effectively?

[Roger Schmid via swinog]

Hi Venti

that could be done the magnetic way, a very secure way is let them spin 
up and expose then this way to a magnetic strenght >2 tesla, some models 
wil be a screeching noise heard until they come to a halt, this way not 
even the tracking is readable anymore ;) .. or let them spinn up and use 
an 1kg hammer with full strengt
if the drives need to be available for other things, there are a lot of 
lowlevel formater resolving that issue but that will be timeconsuming.


but take care, if you distroy data which should be archived for 5 years 
acording the law you could be sued, pointing to your boss gave the order 
doesn't work in this case.


Just my 5 cent's

Roger


On 02.12.2022 11:51, Martin Ebnoether via swinog wrote:

Hi all.

As some of you know, I work at a money laund... financial
company. Some time ago, the question arose, how to effectively
destroy data safely and securely in an easy way?

How does your company deal with hard disks (or any media) that
needs to be decommissioned? Do you just dd a few times over it?
Or rather let a professional company shred your media to little
bits?

CU, Venty


___
swinog mailing list -- swinog@lists.swinog.ch
To unsubscribe send an email to swinog-le...@lists.swinog.ch

Re: [swinog] background migration of swisscom connection from IPv4 native to v6 + DS-Lite

[Roger Schmid]

Well i only suspecting your try to use ipsec, wich is a crazy vpn solution.
I would sugest to evaluate ssl based vpn in the future which naturally do not 
run into nat problems.

Just my five cents


Em 27 de outubro de 2017 03:00:18 AMT, WolfSec-Support  
escreveu:
>Hello,
>
>
>could be someone from swisscom so kind and contact me offlist via email
>please.
>
>our customer has a swisscom dsl connection and last week they changed
>these
>to v6.
>he already tried 3 times via swisscom helpdesk without success.
>the first level seems to have no idea about ds lite and v6... ;-/
>
>we want to go back to v4 native.
>in customer center we have deactivated v6 - but it is still online via
>v6
>and ds-lite
>
>we did all what was explained:
>- switchoff modem for an hour
>- reboot 3 times router etc
>
>effectively now the vpn is for sure not working via ds lite and carrier
>grade NAT
>
>thanks in advance
>
>Stephan
>
>
>Besten Dank.
>
>Freundliche Grüsse,
>WolfSec-Support
>
>WolfSec
>Postanschrift:
>Swiss Post Box: 104213
>Zürcherstrasse 161
>CH-8010 Zürich
>
>http://www.wolfsec.ch

-- 
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Swiss ISPs and IPv6 --- 2016 edition

[Roger Schmid]

Maybe .. But i do not spend money nor time to do some "missionary work" for 
what reason ever there is when stuff doesn't work. I've done it for years with 
spammer friendly hoster which even see the abuse box is a Spam trap,  and all 
the so called number one hoster which never take care about what there client 
do if they pay the rent.
In short if a system start to apply some exploits they are blacklisted after 
second try without notice... 
If ipv6 starts to troubling and hits my reputation because of some quirks in 
transfer .. I stop supporting it when ever  possible.
Business goes before idealism .. 

Em 20 de setembro de 2016 15:52:18 AMT, Gregor Riepl  
escreveu:
>> Unfortunately the people who misconfigure do not read RFCs, if they
>did,
>> they would not filter.
>> 
>> They do not read this list either, let alone other resources that
>they
>> should be reading. Hence... not something one can solve.
>
>BUT: If you find such a person, you can strongly urge them to read this
>RFC. ;)
>
>
>
>___
>swinog mailing list
>swinog@lists.swinog.ch
>http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Swiss ISPs and IPv6 --- 2016 edition

[Roger Schmid]

Thats why i mentuoned to train techis and your argunent was its a management 
problem :)

About mandatory how come then 
https://en.m.wikipedia.org/wiki/Path_MTU_Discovery  .. Sorry to point to 
Wikipedia .. But been on cell only i dont have the proper doc at hand


Em 20 de setembro de 2016 07:09:10 AMT, Jeroen Massar <jer...@massar.ch> 
escreveu:
>On 2016-09-20 13:00, Roger Schmid wrote:
>> Just one .. Dropping MTU handling and point to layer7 should handle
>that
>> doesnt let you feel strange ? So how could an app handle packet size
>> thru L4 ?
>
>Both IPv4 and IPv6 have this little protocol called ICMP (+ICMPv6) it
>is
>very useful and for IPv6 it is mandatory.
>
>Even Google (who force MSS to magic values) and Cloudflare had issues
>with that too:
>
>https://blog.cloudflare.com/path-mtu-discovery-in-practice/
>
>That does not make IPv6 broken though, that makes people who think they
>have to filter the wrong things broken.
>
>Misconfigurations is not something a protocol can solve.
>
>> My experience is soma pages ar crawling like a snake .. Some ar not
>> loading complete at all,
>> for me v6 is still not ready to deploy to the masses as at least the
>> mentioned flaw is a show stopper
>
>I can find many many sites in IPv4 that are brokenly configured. That
>does not make IPv4 broken.
>
>That you find weird excuses that are already solved for well over 15
>years of deployment (even 6bone as shut down 10 years ago)
>
>Maybe, as it is 2016, time to actually start deploying!?
>
>Greets,
> Jeroen

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Swiss ISPs and IPv6 --- 2016 edition

[Roger Schmid]

Just one .. Dropping MTU handling and point to layer7 should handle that doesnt 
let you feel strange ? So how could an app handle packet size thru L4 ? 

My experience is soma pages ar crawling like a snake .. Some ar not loading 
complete at all, 
for me v6 is still not ready to deploy to the masses as at least the mentioned 
flaw is a show stopper

Em 20 de setembro de 2016 02:13:39 AMT, Jeroen Massar <jer...@massar.ch> 
escreveu:
>On 2016-09-19 23:53, Roger Schmid wrote:
>> |Come on folks, it is 2016! IPv6 is
>> |*20 years* old...
>> But still not matured enough to put on public usage
>
>According to Google 10% of their traffic is IPv6.
>Apple requires it for IOS.
>
>How is it not 'mature'?
>
>> beside of some
>> design flaw it is in some cases even bad implemented
>
>Need more details.
>
>> Maybe the isp/hoster/transit provider ned some teaching how to do it
>the
>> right way.
>
>Management of companies need to be convinced. Technical folks typically
>know that they want it, but are not allowed to play with it...
>
>That is not a technical, but a political issue.
>
>Greets,
> Jeroen

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Swiss ISPs and IPv6 --- 2016 edition

[Roger Schmid]

|Come on folks, it is 2016! IPv6 is 
|*20 years* old...
But still not matured enough to put on public usage, beside of some design flaw 
it is in some cases even bad implemented

Maybe the isp/hoster/transit provider ned some teaching how to do it the right 
way.

Em 15 de setembro de 2016 06:11:44 AMT, Jeroen Massar  
escreveu:
>As there is an upcoming SwiNOG lets throw some people under the bus
>before they arrive. Or at least allow them time to come up with more
>excuses.
>
>
>Some quotes from Swiss ISPs from the Call Your ISP page:
>  https://www.sixxs.net/wiki/Call_Your_ISP_for_IPv6
>
>8<
>
>"Currently, as demand for IPv6 is very low, we have no plans to
>introduce IPv6 native.
>
>"No plans to support IPv6 for our private and SoHo clients"
>
>"The plan is to move everyone on DSLite."
>
>"Provider info: IPv6 is "planned" and soon should get a priority
>status.
>When that "soon" will be is not yet known."
>
>"They know what IPV6 is, eventually they will provide it"
>
>>8
>
>Come on folks, it is 2016! IPv6 is *20 years* old...
>
>Even Sky.uk was able to get it working[1].
>
>Oh and note: Dual-stack IPv4 + IPv6, along with a /56 per user.
>
>It is not that hard to get right and yeah, you kinda had 20 years
>already to 'plan' for this
>
>Greets,
> Jeroen
>
>
>[1]
>https://corporate.sky.com/media-centre/news-page/2016/sky-completes-roll-out-of-ipv6-becoming-the-first-major-uk-internet-provider-to-future-proof-its-service-for-customers
>
>
>___
>swinog mailing list
>swinog@lists.swinog.ch
>http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Swiss VoIP providers

[Roger Schmid]

Am 28/08/2014 21:23, schrieb Michael Horn:

On Thu, 28 Aug 2014 19:45:43 +0200 (CEST)
Ralph Krämer ralph.krae...@vable.ch wrote:


I suggest to run your own Asterisk (or Callmanager)

...or freeswitch, if you like reliability and predictable behaviour.

I've managed quite a few freeswitch deployments until now and did some
migrations from Asterisk to freeswitch due to issues with reliability or
flexibility. As an office/corporate pbx I'd select freeswitch over
asterisk any time. If something more specialized is needed, yate is
worth a try.


through a redundant SIP-Trunk to an VoIP Provider.

Curious however about recommendations for VoIP providers in .ch
there aren't that many around unfortunately. would love to hear some
suggestions (backed by experiece).

i can't confirm that  i tested intensively freeswitch

 * the weakness of clustering
 * native database connection doesnt exist, but only via odbc and
   thirdparty tool
 * this xml configuration is the blown up version of asterisk .. with
   less flexibility


there are some rumors about a native DB implementation in the Future, 
but lets see ...


actually in a  ISP environment freeswitch is no use, because of 
fundamental limit of scalability
but a loadtest was promissing and was showing at least double capacity 
compared to Asterisk.


lets wait for the next major version to see  the  housework is done the 
right way ;)


my 5 cents

Roger


cheers,
Michael





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] 3G Repeater

[Roger Schmid]

Am 31/07/2014 02:28, schrieb Miguel Elias:


First, any usage of active signal repeater is forbidden in Switzerland.
(Statement of Bakom). Any base station system or signal repeater has to
be owned / managed by an official frequency licensee. Signal repeater
used in the field, do have some sophisticated measurement and control
abilities.


very strange are there bakom aproved repeater on the market

http://www.antx.ch/repeater.php they claim to be the only aproved one
well i know the amplitec, they dont have a sufficient feedback control, 
i would question this advertisement

and:
a friend got from arp i believe, a repeater with an bakom bakom 
certification.


but as a office repeater are not really usable except overcome metalized 
office windows there is no sense to use them in outdoor cases


in an big swiss Bank are private repeater since more than 10 years in use
so i wonder about your statement.




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] 3G Repeater

[Roger Schmid]

Am 31/07/2014 04:36, schrieb Andreas Fink:

On 31 Jul 2014, at 10:26, Roger Schmid ro...@mgz.ch wrote:


Am 31/07/2014 02:28, schrieb Miguel Elias:

First, any usage of active signal repeater is forbidden in Switzerland.
(Statement of Bakom). Any base station system or signal repeater has to
be owned / managed by an official frequency licensee. Signal repeater
used in the field, do have some sophisticated measurement and control
abilities.


very strange are there bakom aproved repeater on the market

http://www.antx.ch/repeater.php they claim to be the only aproved one
well i know the amplitec, they dont have a sufficient feedback control, i would 
question this advertisement
and:
a friend got from arp i believe, a repeater with an bakom bakom certification.

note: having a CERTIFICATION means the device operates within the bounds. This 
does not automatically mean it is LICENSED to use.
For example if I buy a Radio for taxi operation, the vendor CERTIFIES it follows all the 
rules and doesnt make spurious emissions  but that doesnt mean I can operate it as I 
want. I still need a license to operate it. The tricky thing here is that the repeater 
will start to transmitt on frequencies allocated to base statiions which are licensed to 
the mobile operators. Hence Sunrise, Siwscom and Orange could use this device but you as 
an individual not. Its a bit of a grey zone in most countries as the legal question is 
who is  transmitting. Is it the original base station or is it the repeater.



maybe to clarify, an repeater is not an transmitter its technically an 
amplifier
and if there is a Bakom document which allow the usage i believe it is 
not a fake.
well over here i installed a lot of repeater, in some cases i got 
feedback from the operator how good my installation work not 
interfeering anything with clean signal, most depending how its installed.

but i know in switzerland only aprooved repeater should be used of corse.
just google for GSM REPEATER SCHWEIZ BAKOM
and you will find various offers and even docs from bakom.
to the original requestor of this thread:
i would say use an GMS router with an wlan ap and carry the inet this 
way from an position where the 3G signal is clean and without reflection.
My first post seems not arrived on the list i will send that in the next 
email.





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Fwd: Re: 3G Repeater

[Roger Schmid]

 Original-Nachricht 
Message-ID: 53d853bd.2000...@mgz.ch
Date:   Tue, 29 Jul 2014 22:09:01 -0400
From:   Roger Schmid ro...@mgz.ch
User-Agent: 	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 
Thunderbird/24.6.0

MIME-Version:   1.0
To: swinog@lists.swinog.ch
Subject:Re: [swinog] 3G Repeater
References: f0f52ca6-489f-4fdc-b0cd-c3b7088fc...@init7.net
In-Reply-To:f0f52ca6-489f-4fdc-b0cd-c3b7088fc...@init7.net
Content-Type:   text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding:  7bit




Is anyone familiar with 3G repeater gear? I'm asking for a neighbor whose 
family owns a cottage in a Swiss mountain valley with poor 3G reception.

well its not so easy to give you an definite advise, the signal is based
on reflection i believe, that has to be resolved.

you have to take into consideration  is there a point with clear view
for the next tower ?
reception based on non sight will not give any satisfaction.
3g has even more bandwith need which degrade the signal more in case of
non sight.

there are a lot of 3g enabled repeater (basically 2 way amplifier)
available from  chinese dealer.

price will  be 200-300$  and deliver arround 60db gain up to 28dbm
forgett about the cheap office repeater, those are only usable inside
office in a small range and have tendency to oscillate which will call
BAKOM on the Plan.


And you need antennas at a high pole .. for 60db you need at least 15m
between the both antennas, good cable (rg213 or better cellwave above
3/8 the antenna on top vertical yagi 16-20element.. and below
horizontal panel or even yagi.
due the different polarisation of the two antennas you win theoreticaly
20db more decoupling (real you will reach 16db)
the antenna for the user could be up to 600m far away if used an high
gain antenna.

if an higher amplification needed you need an channelselective repeater,
those are available up to 90db
but they need to be tuned onsite on the specific channel and of corse
need better cable to prevent feedback between in and out.
channelselective repeater with 90db will cost up to 2000$.  5/8 cellwave
will cost aprox 8-10$ per meter.
and dont forgett the N-Plugs for those cable .. 12-15.- each

i got only a usable system with 5/8 cellwave with up and downlink 25m
seperated  and the user antenna was below of a metal roof, the
decoupling between the two antennas was 70db

if you only need data would an 3g modem mounted near the antena with
good reception and an wlan link the better idea, more stabil more
reliable and will not reach your 1000.- limit
an 3g modem doesnt cost much, and two ubiquity nano loco on 5.8ghz for
300.- will bridge 1-4km on sight if need more distance use airgrid 5m
for the same price, they will go up to  8km.

i hope i could help a bit to give you at least an  idea




Any recommendation for gear which is easily installable, more or less 
plug-n-play, not too expensive (less than CHF 1000) and last but not least 
legal to operate would be appreciated.







___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] 3G Repeater

[Roger Schmid]

Am 31/07/2014 05:04, schrieb Rene Luria:

i believe in his case he need an complete outdoor solution,
anytone have an tendency to feedback quickly and they dont have an 
detektor for such cases at all.
you maybe not recognize that but maybe that thing creating signals 
nearby which interfere other channels or operator.
on the point short before total oszilation will be a higher sideband 
noise which degrade the signal quality a bit and possible even creating 
some spurious emission.

i changed some on existing installation to resolve such effects.


We use one baught from those guys: http://www.myamplifiers.com/
Works great and not too expensive






___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Lösung für eine SMS-Notfallalarmierung und Statuswebseite

[Roger Schmid]

Am 31/07/2014 09:42, schrieb Onlime Webhosting:
Eine Lösung mit einem Handy und  prepaid karte dürfte preislich bei dem 
kleinen volumen günstig sein
und es funktioniert auch bei totem inet.. wenn das handy auch nicht mehr 
funktionieren sollte dann haben die empfänger ebenfalls ein problem.





Hi all

Ich würde dieses Thema gerne nochmals aufgreifen. Wir überlegen uns, in Zukunft 
doch einen SMS-Gateway-Anbieter via API zu verwenden (allenfalls in Kombination 
mit Pushover, https://pushover.net/).
Hat jemand von euch Erfahrung mit einem der folgenden Anbietern gemacht?:

websms - https://websms.ch
+ kommt professionell daher
+ diverse API-Möglichkeiten
+ tiefe Kosten pro SMS: CHF 0.08/SMS
- Monatsgebühr: CHF 18.-/Mt

sms-revolution - http://sms-revolution.ch/
- sehr rudimentär und peinlicher Webauftritt, schlechte Doku
+ tiefe Kosten pro SMS: CHF 0.06/SMS
+ keine Monatsgebühr

SMSGlobal - http://smsglobal.com/
+ kommt professionell daher
+ diverse API-Möglichkeiten
+ tiefe Kosten pro SMS: CHF 0.037-0.061/SMS (je nach CH-Mobilanbieter)
+ sehr komfortables Backend
- sehr langsames Backend, generell sehr lahme Website

Leider kommt für uns ecall.ch nicht in Frage, da sich die Monatsgebühr von CHF 
50.-/Mt bei unserem Volumen (30-100 SMS/Mt) nicht auszahlt.
Bisher wäre der Favorit also SMSGlobal - aufgrund des sehr hinkenden Backends 
traue ich diesem Anbieter aber noch nicht sonderlich.

Danke für euer Feedback.
Gruss, Philip



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] 3G Repeater

[Roger Schmid]

Is anyone familiar with 3G repeater gear? I'm asking for a neighbor whose 
family owns a cottage in a Swiss mountain valley with poor 3G reception.
well its not so easy to give you an definite advise, the signal is based 
on reflection i believe, that has to be resolved.


you have to take into consideration  is there a point with clear view 
for the next tower ?

reception based on non sight will not give any satisfaction.
3g has even more bandwith need which degrade the signal more in case of 
non sight.


there are a lot of 3g enabled repeater (basically 2 way amplifier) 
available from  chinese dealer.


price will  be 200-300$  and deliver arround 60db gain up to 28dbm
forgett about the cheap office repeater, those are only usable inside 
office in a small range and have tendency to oscillate which will call 
BAKOM on the Plan.



And you need antennas at a high pole .. for 60db you need at least 15m 
between the both antennas, good cable (rg213 or better cellwave above 
3/8 the antenna on top vertical yagi 16-20element.. and below 
horizontal panel or even yagi.
due the different polarisation of the two antennas you win theoreticaly 
20db more decoupling (real you will reach 16db)
the antenna for the user could be up to 600m far away if used an high 
gain antenna.


if an higher amplification needed you need an channelselective repeater, 
those are available up to 90db
but they need to be tuned onsite on the specific channel and of corse 
need better cable to prevent feedback between in and out.
channelselective repeater with 90db will cost up to 2000$.  5/8 cellwave 
will cost aprox 8-10$ per meter.

and dont forgett the N-Plugs for those cable .. 12-15.- each

i got only a usable system with 5/8 cellwave with up and downlink 25m 
seperated  and the user antenna was below of a metal roof, the 
decoupling between the two antennas was 70db


if you only need data would an 3g modem mounted near the antena with 
good reception and an wlan link the better idea, more stabil more 
reliable and will not reach your 1000.- limit
an 3g modem doesnt cost much, and two ubiquity nano loco on 5.8ghz for 
300.- will bridge 1-4km on sight if need more distance use airgrid 5m 
for the same price, they will go up to  8km.


i hope i could help a bit to give you at least an  idea




Any recommendation for gear which is easily installable, more or less 
plug-n-play, not too expensive (less than CHF 1000) and last but not least 
legal to operate would be appreciated.






___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] cisco's try of business challange

[Roger Schmid]

Need an medical of the future be a CCNE ?

http://www.cisco.com/c/en/us/products/switches/catalyst-2950-series-switches/datasheet-listing.html




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Small VoIP PBX recommendations

[Roger Schmid]

i would recommend a out of the box solution from a company called Atcom
its a complete small low power box, able to handle up to 8 simultanous 
calls.

the box include one FXS and one FXO port.
Asterisk based of course
take a look on http://www.atcom.cn/products_ippbx.html
they even offer good quality phones and ATA
there are several dealer selling them.

i installed allready 5  of those boxes called IP02, they work like a charm.

my 5 cents of course



Am 22/08/2013 13:56, schrieb Andre Oppermann:

I'm looking for recommendations on small VoIP PBX systems with these
properties:

 - works well with Snom, Aastra, and Soft-phones
 - 10-15 phones
 - basic admin (web gui) to configure accounts and assign numbers (DDI)
 - reliable and secure operation
 - support for uplink SIP trunking (no BRI ports)
 - log for CDRs to see who cost how much

An opensource solution running on Linux/FreeBSD would be preferred,
a small and good complete hardware solution for a couple of hundred
bucks would acceptable as well.  In either case it should be relatively
straight forward and low hassle installation and operation.

What would you recommend?  Which packages would you rather avoid?

Thanks




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Replacement Fan for C2950-T-24?

[Roger Schmid]

Am 25/06/2013 14:57, schrieb Fredy Kuenzler:

Try Pusterla at Hohlstrasse. They used to have all kinds of electronic 
components a couple of years ago. Just walk in with the broken fan and ask for 
a spare part...

the entrance is kernstrasse 55..
the one which is able to help there is mr. Loosli, the one with the blue 
jacket,
avoid the one with the red jacket, he will propably mention to ask the 
manufacturer or buy a new router/switch :)


my 5 cent's


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] DDOS DNS Attack by Netgear Products caused by CNAME instead of A record?

[Roger Schmid]

 netgear tech support has confirmed there is a problem in one of the 
models and released a fixed firmware. Great! How do I tell the 
customers? Mit
redirect the http traffic for those customer to an webpage which explain 
and offer a download link on that page

maybe combine with a dns ratelimit for a while.


my 5 cents ...




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Zensur / Kobik / Sperrungen ?

[Roger Schmid]

Hat jemand dass von euch schon gelesen ?

http://www.golem.de/news/filesharing-schweiz-will-internetsperren-auf-das-urheberrecht-ausweiten-1305-99390.html 




Bedenklich das solche quellen mehr wissen als die zukünftig betroffenen.
wobei ich das kaum glauben kann, das liesst sich wie ein politiker ruf 
nach irgendwelchen sperren.
Musik wird heute via torrent oder ares und konsorten transferiert, ich 
stell mir mal vor wenn alle die millionen von torrent benutzern sperren 
müssten wie brauchbar da das internet noch ist.
torrent verkehr analysieren und die hashes mit einer blacklist 
vergleichen dürfte auch nicht einfach sein will man keine falsch 
positives in kaufnehmen.
ausserdem geht das schon in richtung generelles abhören und auswerten 
von verbindungen, also eine aushöhlung der privatspähre.
torrent tracker sperren hilft auch nicht wirklich, torrent generell 
sperren dürfte gegen ettliche punkte der verfassung verstossen ..


und ich dachte ifpi und konsorten hätten ein einsehen gehabt um sich auf 
die wahre lösung zu konzentrieren.


gruss


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] vdsl2 line gone bad - ideas ?

[roger schmid]

Hi Tobias,
maybe a look into the DSL spectrum display in the fritzbox will show 
some hint to decide its DSL related or just on the Network level
it need a bit experiences to interpret that display, but basically if 
there are gaps in the spectrum there is definitely something wrong.

could be the splitter or even the cable passing a waterfilled tube.

an simple u72  passing 4m water can cause strange effects, which you 
even will see in the spectrum.
i experienced once at a client site someone drilled holes in the wall 
for mounting speakers, he cut a bit of insulation of the cable and the 
screw was making contact to one of the wires.

Every switch off of the FL lamps in that office caused the link to retrain.

Roger


Am 25.04.2013 09:58, schrieb Tobias Oetiker:

We have this VDSL2 line at one of our customer sites, which aquired
high packet loss from one day to the other ...

we are using a fritzbox 7390 at the site and according to its log
there are no problems, also the DSL Information tab does no count
a high number of errors ...

Here are the smokeping observations of the link

  
http://oss.oetiker.ch/smokeping-demo/?displaymode=n;start=2013-01-15%2013:50;end=now;target=Customers.HorYzon

Any hints on getting this fixed.

cheers
tobi





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] ISP service management tool

[Roger Schmid]

i looking for such tool as well
i didnt get the nocproject working. The VM image seems to have an 
strange format, at least vmware doesnt like it


Roger

Am 01/11/2012 04:59, schrieb Stanislav Sinyagin:
so far, nobody has come up with something useful, so I guess I should 
start a new project from scratch. If some company wants to join the 
sponsors pool, you are particularly welcome :)



*From:* Stanislav Sinyagin ssinya...@yahoo.com
*To:* swi...@swinog.ch swi...@swinog.ch
*Sent:* Sunday, October 28, 2012 4:34 PM
*Subject:* [swinog] ISP service management tool



hi all,

I'm looking for an open-source tool for ISP service management. It
should allow documenting of all the physical network (ideally,
also the datacenter environment), and associate physical and
logical network instances with customer services and their contracts.

I looked at several tools, but they all are designed for
Enterprise IT tasks, and none of them deals with subscribers and
contracts:

http://www.opendcim.org/
http://www.i-doit.org/



The NOC project seems to be promising, I should probably invest
more time in learning it:
http://kb.nocproject.org/display/SITE/NOC


Your feedback will be appreciated.

Commercial systems would also be OK, as long as they fit the
requirements and have open API.


thanks,
stan


___
swinog mailing list
swinog@lists.swinog.ch mailto:swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog



___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Old functional hardware - where does it best go?

[Roger Schmid]

if someone somthing like DSLAM with the apropriate Patchpanel has to 
throw away, i could use such things for at least 24 Ports.

please drop me a note.

Roger

Am 07/09/2012 11:09, schrieb Martin Ebnoether:

On the Fri, Sep 07, 2012 at 03:18:22PM +0200, Jeroen Massar blubbered:

Hi Jeroen.


As such, I am asking if somebody knows what the best way is to get
effectively rid of various things like a full functioning
(network,video,audio) p100 (DEC multia), a p200 (small tower), a dual
p2-266 (tower), a dual p3-600 (qube case), nslu2's and then an assorted
list of other things like cd drives etc.

What is the best way to go with this kind of stuff? Trash is an option,
but it is not like these things are small ;)

Maybe the guys from Revamp-IT are interested?
http://www.revamp-it.ch/

CU, Venty





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Could someone from Cablecom contact me off-list

[Raffael Schmid]

Hi

Could someone from Cablecom contact me off-list? Its about SMTP/MX.

Thanks a lot
 raf

Nine Internet Solutions AG
Raffael Schmid
Albisriederstrasse 243c
8047 Zuerich
044 637 40 00
raffael.sch...@nine.ch



signature.asc
Description: Digital signature

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] Bluewin SMTP Policy

[Roger Schmid]

Dear Swinog members

Until now, we provided an authenticated smtp-server for our customers
and a separate open smtp-server for customers with email-adresses
from other providers. We would like to shut down the relaying server
and have the customers use the smtp-servers from their mail-provider
(gmx, gmail, bluewin etc.).

Now we found out that bluewin doesn't allow authenticated smtp-relay
from users outside their ip-range, so all our customers with
bluewin-mailadresses would have no smtp-server available.

I am sure that some of you had the same issue and would be interested
how other (small) isp's have resolved this problem.

Thank you,
Roger Schmid
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Bluewin SMTP Policy

[Roger Schmid]

On Fri, Jun 13, 2008 at 10:13 AM, Adrian Ulrich [EMAIL PROTECTED] wrote:
 Hi Roger,

 Now we found out that bluewin doesn't allow authenticated smtp-relay
 from users outside their ip-range, so all our customers with
 bluewin-mailadresses would have no smtp-server available.

 That's not entirely correct:

 smtpauth.bluewin.ch will relay mails from non-bluewin-ip-ranges IF the 
 mailaccount belongs
 to a non-free Bluewin/Swisscom 'Abo'.

  
 +---+
  | Pay account (= Mailaccount| - Can use mail.bluewin.ch from 
 bluewin-range  |
  | is 'attached' to an ADSL abo  | - Can use smtpauth.bluewin.ch from 
 EVERYWHERE |
  
 +---+---+
  | Free account  | - Can use mail.bluewin.ch from 
 bluewin-range (of course..)|
  |   | - Can use smtpauth.bluewin.ch from 
 bluewin-range  |
  |   | - Can NOT use smtpauth.bluewin.ch from 
 non-bluewin IPs|
  
 +---+---+


Thank you for clearing this up. So we have to give bluewin-users with
free bluewin mail-accounts an smtp-account on our servers  I think.

 Otherwise spammers would open 100th's of free accounts and use them to send 
 spam from
 non-bluewin IPs :-/

I see the problem, but perhaps something like a captcha would also be
sufficient to prevent this.




 Regards,
  Adrian
 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Bluewin SMTP Policy

[Roger Schmid]

On Fri, Jun 13, 2008 at 10:52 AM, Jeroen Massar [EMAIL PROTECTED] wrote:
 Roger Schmid wrote:
 [..]

 Otherwise spammers would open 100th's of free accounts and use them to
 send spam from
 non-bluewin IPs :-/

 I see the problem, but perhaps something like a captcha would also be
 sufficient to prevent this.

 SMTP-Captcha's? :)

;-) www-captcha's, on account-signup.


 How do you envision that?

 Greets,
  Jeroen


 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Bluewin SMTP Policy

[Roger Schmid]

On Fri, Jun 13, 2008 at 10:58 AM, Jeroen Massar [EMAIL PROTECTED] wrote:
 Roger Schmid wrote:

 On Fri, Jun 13, 2008 at 10:52 AM, Jeroen Massar [EMAIL PROTECTED] wrote:


 Just display the captcha from the signup on $pornsite, a person will fill it
 in for you, captcha bypassed. If it is interesting and cheap for then to
 abuse it, they will.

nice idea, didn't think occur to me :)
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

[swinog] mx.freesurf.ch harddisk

[Raffael Schmid]

Hello swinog!

Since about two days we get this message in our logs.
I hope that someone of sunrise/freesurf reads this list, because maybe they 
should check their harddisk?

postfix/smtp[18192]: 63E4860005: host mx.freesurf.ch[194.158.229.68] said: 421 
4.3.0 collect: Cannot write q1/df/dfm1S7B29K019747 (bfcommit, uid=10230, 
gid=1004): Read-only file system (in reply to end of DATA 
command)

Looks like there is a errors=remount-ro in their fstab ;)

Greetings

raf
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] vtx ADSL /30 subnet practice

[Roger Schmid]

nearly same story as sdsl before, 
VTX used 2 IP out of the customer /29 range  for the wan link.
Traceroute looked funny, not to mention how that improved icmp Trouble 

Cheers ...



Am 8 Jun 2007 um 1:09 hat Daniel Roethlisberger geschrieben:

Date sent:  Fri, 8 Jun 2007 01:09:56 +0200
From:   Daniel Roethlisberger [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject:Re: [swinog] vtx ADSL /30 subnet practice
Send reply to:  [EMAIL PROTECTED]
mailto:swinog-
[EMAIL PROTECTED]
mailto:swinog-
[EMAIL PROTECTED]

 Pascal Gloor [EMAIL PROTECTED] 2007-06-07:
 [snip]
  This is the normal routed case. I think this is what Daniel was
  looking for.
 
 Not quite, but oh never mind.  The point I was trying to make is the
 fact that vtx engineers explained to a customer that he would not be
 able to assign *any* address of his /30 subnet to a server behind his
 ADSL router because all of the subnet would be consumed by the link from
 the LNS to the ADSL router (I guess this hasn't come across too well
 from my message).
 
 It seems nobody can imagine how this is supposed to be the case, so I
 guess that confirms that it's probably bogus information.  Thanks anyway
 for all responses!
 
 Cheers
 Dan
 
 -- 
 Daniel Roethlisberger [EMAIL PROTECTED]
 ___
 swinog mailing list
 swinog@lists.swinog.ch
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog



csdatabrasil Ltda.
Roger Schmid
Rua Arquiteto Luiz Nunes 186
Imbiribeira
CEP: 51170-430  
Recife/ PE
BR +55 81 3422 1714
US:  +1 360 515 33 80
CH:+41 32 5110858
UK: +44 8444845331 
VOIP: [EMAIL PROTECTED]


attachment: linha.jpg
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Re: blocking ports?

[Schmid]

isn't the most spam comming via compromized Computers ? 
adsl Dynamic or  dialup user you should never trust them if the say the dont 
spam.
they have to send mail the way smtp is thought for, that means send email to 
the smtp relay next to you. prevent him to send email via any other relay.
if this would be consequent done by all ISP most of the spam would dissapear, 
and we could concentrate to prevent abusing other system for doing their 
harmfull work. 

Funny thing is one ISP is switching off his SMTP relay telling the client to 
use other smtp relay in the wild and call that a first action according to the 
stop spam campaign. 
another one is blocking port25 und force the user to use the ISP?s SMTP Relay 
and even explain this is done due to the stop spam campaign 

how to believe anything ?


confused  but still voting to block mail from dialup and adsl ranges ;-)




-- Original Message --
From: Scott Weeks [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Date:  Thu, 12 Apr 2007 11:19:56 -0700



Hello,

: So if a customer proofs that he is able from a technical 
: Point of view to operate an mail server in a secure manner 
: and assures not to abuse email for spam then it's not 
: acceptable that an ISP block anything to him.

This is what I was saying to the guys here at my work.  We just need a small 
proof that the customer isn't a spammer and we open it up.  However, most of 
our customers are less-technical savy home folks.  Did you have to prove to 
your ISP that you weren't spamming?  If so, how did they have you do that?

Thanks,
scott


--- [EMAIL PROTECTED] wrote:

From: Peter Bickel [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Re: [swinog] Re: blocking ports?
Date: Thu, 12 Apr 2007 12:03:28 +0200

Scott Weeks schrieb:


 : You'd be amazed how many companies operate their own 
 : mail servers, even behind dynamic addresses

 I'm speaking with guys in my company on an issue and part of the discussion 
 has to do with me saying no one runs a mail server from behind a dynamic IP 
 addresses.  Other than just your experiences, does anyone have pointers to 
 data on folks that do this?

 scott

Hi Scott

we do exactly this for IDV  Network Consulting. We operate our own 
Mailserver
(Solaris with sendmail and iamp) in our internal Network which is 
connected to
Cablecom (DHCP ;-)) In addition we have some Maschines in a hosting 
environment
which have of corse fixed IP addresses which we use to relay to the outside.
All hosts use Solaris and sendmail and are protected with IPFilter with very
restrictive Rules. Incomming email is going through the external hosts and
an IPIP Tunnel directly to the internal mail server.

We really don't want to be dependend on an ISPs email SETUP. DNS is the
same which helped me in the past a lot where several customers weren't able
to use the net everything worked for us. So if a customer proofs that he
is able from a technical Point of view to operate an mail server in a
secure manner and assures not to abuse email for spam then it's not 
acceptable
that an ISP block anything to him.




 --- [EMAIL PROTECTED] wrote:

 From: Markus Wild [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Subject: Re: [swinog] Re: blocking ports?
 Date: Wed, 11 Apr 2007 19:26:39 +0200

 Jonathan,

 Sorry but I disagree with Per.  ISPs have a duty to prevent email
 Spam which is a terrible curse for us all.  If they decide that
 blocking port 25 outbound will help then they should do it.

 If you are a user, why can't you use the ISPs relay server? If you
 are a provider you ought to have your own mail server on a fixed IP
 address.

 You'd be amazed how many companies operate their own mail servers, even
 behind dynamic addresses (in which case they usually use some mailbox
 polling mechanism to feed their server from mail from the outside), but
 send outgoing mail directly with SMTP.

 Of course, one day we need a better protocol than SMTP (*Simple* Mail 
 Transfer Protocol) which was never meant as a global email solution.  
 But until then we have to do something to stop people abusing it.

 But by killing the payload, not the messenger, please... 

 Cheers,
 Markus
 ___
 swinog mailing list
 [EMAIL PROTECTED]
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


 ___
 swinog mailing list
 [EMAIL PROTECTED]
 http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog


-- 


Gruss
Pitsch

__

Peter Bickele-mail:  [EMAIL PROTECTED]
IDV  Network ConsultingTelefon: +41  1 853 24 16
Gumpenwiesenstrasse 38  Fax: +41  1 853 27 04
CH-8157 Dielsdorf   Mobile:  +41 79 666 15 50

__

Re: [swinog] RE: swinog Digest, Vol 26, Issue 2

[Schmid]

empfangt ihr denn die email via handy ? dann währs klar *g*

just a joke ;-)

-- Original Message --
From: Krucker, Louis [EMAIL PROTECTED]
Reply-To: swinog@swinog.ch
Date:  Tue, 6 Mar 2007 12:55:46 +0100

hallo,

Ich bekomme keine Mails, läuft derueiz nichts oder werden die Mails vielleicht 
bei uns geblockt?



Louis Krucker
Engineer Network

sunrise
TDC Switzerland AG
Network
P.O. Box
8050 Zurich
Phone:  +41 58 777 67 37
Mobile: +41 76 777 67 37
Fax:+41 58 777 66 99
[EMAIL PROTECTED]
www.sunrise.ch

Privileged/confidential information may be contained in this message. If you 
are not the addressee indicated in this message (or responsible for delivery 
of the message to any such person), you may not copy or deliver this message 
to anyone. In such case, you should destroy this message and kindly notify the 
sender by reply e-mail. Please advise immediately if you or your employer does 
not consent to the receipt of Internet e-mail for messages of this kind. 
Opinions, conclusions and other information in this message that do not relate 
to the official business of the company shall be understood as neither given 
nor endorsed by it.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL 
PROTECTED]
Sent: Tuesday, March 06, 2007 12:00 PM
To: swinog@lists.swinog.ch
Subject: swinog Digest, Vol 26, Issue 2

Send swinog mailing list submissions to
   swinog@lists.swinog.ch

To subscribe or unsubscribe via the World Wide Web, visit
   http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
or, via email, send a message with subject or body 'help' to
   [EMAIL PROTECTED]

You can reach the person managing the list at
   [EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific than Re: 
Contents of swinog digest...


Today's Topics:

   1. SwiNOG #14 - save the date (Fredy Kuenzler)
   2. stuff to give away ([EMAIL PROTECTED])
   3. RE: stuff to give away ([EMAIL PROTECTED])
   4. sFlow (Daniel Lorch)


--

Message: 1
Date: Mon, 05 Mar 2007 16:38:58 +0100
From: Fredy Kuenzler [EMAIL PROTECTED]
Subject: [swinog] SwiNOG #14 - save the date
To: swinog@swinog.ch
Message-ID: [EMAIL PROTECTED]
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

SwiNOG #14 is approching ... please save the date: Wednesday May 23, 2007, 
again in Bern Altes Tramdepot. http://www.altestramdepot.ch/

Hopefully it's gonna be nice and we can enjoy the beer in the garden.

If you have a presentation to share, please let us know at swinog-core at 
swinog dot ch, thanks.

F.


--

Message: 2
Date: Mon, 5 Mar 2007 18:00:42 +0100
From: [EMAIL PROTECTED]
Subject: [swinog] stuff to give away
To: swinog@swinog.ch
Message-ID:
   [EMAIL PROTECTED]
Content-Type: text/plain;  charset=us-ascii

hi all

after our office relocation to altstetten we have a lot of technical stuff, we 
don't need anymore. we would like to give this stuff away to people who can 
use this. i dont know, if verythink is fully functional working or complete, 
but the most should be:

- a lot of schmid watson 3 modems (x.21 interface) incl. cables
- a lot of schmid watson 4 modems (x.21 interface) incl. cables
- 1x skynet laser link pair
- 5x 19 targa professional 1996A SL monitor (sorry, no TFT)
- 1x blackbox microNTU G.703 converter
- 3x ISDN Zyxel 2864i modem (some without power adapter)
- 2x ascend TNT access server
- some cisco V.35 cables
- 2x lucent portmaster 3 (1- and 2-pri version; with k56flex modules)
- IMC power chassis + ipMux TP/5 card (10mbit)
- some very old cisco routers (805, 877, 1600, ...)
- some small video cameras for CCTV
- skycache stuff (for sat. ip feed)
- some colt modems
- a lot of zyxel prestige 600series and 780series
- at lot of differnt cables (dont ask me what kind of ... ,- ))
- some keyboards (non-US)
- a console switch (with db-25 ports, but i've not found yet the cables)
- 2x cisco 500 cache engines

maybe there are some furnitures or so someone can use (desks, etc.).

we're asking nothing for this equipment, but i think it would be fair if you 
sponsor something for our team (can be money, beer, cakes, presents,
etc...)

please drop me an email, if you're interested in.
if so, i will be in the old office thursay (8. march) from 16:00 to 18:30 
o'clock.

address: Schaffhauserstrasse 560, CH-8052 Zurich (Zurich-Seebach)


greetings

-steven


--

Message: 3
Date: Mon, 5 Mar 2007 18:08:29 +0100
From: [EMAIL PROTECTED]
Subject: RE: [swinog] stuff to give away
To: swinog@swinog.ch
Message-ID:
   [EMAIL PROTECTED]
Content-Type: text/plain;  charset=us-ascii

wow, never got so many mails soo fast.

something additional to say: i'm not doing any reservation. it's first come, 
first serve.  you have to pick it up yourselves ,-)

-steven


-Original Message-
From

Re: [swinog] to SPF or not to SPF

[Schmid]

Well to use other SMTP relay than the one from the used ISP is not allways 
possible, and should be prevented anyway. 
nearly 100% of the spam is caused by direct senders, very seldom they use the 
ISP's Relay. 
so lets close that big spamfriendly hole.

My opinion of corse


-- Original Message --
From: Bernard Dugas [EMAIL PROTECTED]
Reply-To: swinog@swinog.ch
Date:  Fri, 16 Feb 2007 08:47:44 +0100

Hi,

Jean-Pierre Schwickerath wrote:
 If you consider SPF to be the solution against all kinds of SPAMs then
 you will indeed be disapointed. SPF is meant to prevent the abuse of
 your domain as mail envelope from address. 
 There are still worms out there that use harvested e-mail addresses as
 sender. And when the people receiving this kind of spam come back to
 you, you can at least tell them: hey, we published spf records to show
 you which IPs are allowed to send mail with this envelope address. if
 you don't check it and accept the obvious forgery, then it's your
 problem. 

And in complement to that, if we give to our customers some outgoing 
smtp servers with authentification they can use from any hotel/wifi in 
the world, there is no more reason that any email with your domain-names 
are sent from other smtp servers than ours, published with SPF in DNS.

And the customer is happy because he doesn't have to change smtp server 
each time he travels :-)

Best regards,
-- 

  __ Bernard DUGAS 
| |
|  Technoparc Pays de Gex  mailto:[EMAIL PROTECTED] |
|  30 Rue Auguste Piccard   Tel.: +33 615 333 770 |
| FR 01630 St Genis Pouilly Fax : +33 450 205 106 |
|_|

___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

 





Sent via the WebMail system at mgz.ch


 
   
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] to SPF or not to SPF

[Schmid]

-- Original Message --
From: Bernard Dugas [EMAIL PROTECTED]
Date:  Fri, 16 Feb 2007 10:22:25 +0100

Schmid wrote:
 Well to use other SMTP relay than the one from the used ISP is not allways 
 possible, and should be prevented anyway. 

Why ? there is no risk if encryotion/authentication is used.
Where do you enforce authentication is there a directsender ? 

i was not send direct email from an ogo device as well, somewhere port 25 
getting lost between my ogo and the relay. i'm just able to use bluewin's relay 
.. 
init7 prevent even port 25 out of dialup range 
a lot more do the same .. 


 nearly 100% of the spam is caused by direct senders, very seldom they use 
 the ISP's Relay. 
 so lets close that big spamfriendly hole.

This is why SPF + authentication on outgoing smtp should avoid this 
direct senders spam origin.
authentication is no security as most email client use chaching passwords to 
authenticate, at least outlook have a interface to use this mechanissm to send 
email from third party programm.


anyway ..  blackholing outbound port 25 will let all the complicated be 
obsolete .. and cost's nothing. 
and blacklisting of Dynamic ranges is very effective, but some ISP do not 
follow RFC in namingconvention of PTR's and will be detected as Dynamic. even 
they dont care after getting noted about the reason why some servers are not 
able to send email because of listesd as dynamic IP.

Sad as high prized Admins just ignoring the real world and dreaming about some 
expensive and timeconsuming construction about analyzing the content.. and 
doing some strange other things to prevent spamer's 





Best regards,
-- 

  __ Bernard DUGAS 
| |
|  Technoparc Pays de Gex  mailto:[EMAIL PROTECTED] |
|  30 Rue Auguste Piccard   Tel.: +33 615 333 770 |
| FR 01630 St Genis Pouilly Fax : +33 450 205 106 |
|_|


 





Sent via the WebMail system at mgz.ch


 
   
___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Re: [swinog] Cablecom Internet Port 25

[Roger Schmid]

jawohl.. den smtp von CC verwenden, alles andere soll eh nicht sein ;-)

schoene weihnachten

Roger


-- Original Message --
From: Xaver Aerni [EMAIL PROTECTED]
Reply-To: swinog@swinog.ch
Date:  Fri, 23 Dec 2005 14:00:54 +0100

Hallo,
Ich stell die Frage schnell auf Deutsch.
Hat die Cablecom den Ausgang auf für SMTP raus neu gesperrt. Wir haben
diverse Hispeed Kunden, die Mails nicht mehr per SMTP über unsere Server
senden können. Zur Zeit sind es 3 Reklamationen alles CC Kunden
(Cabelmodem). Andere Kunden ADSL haben keine Probleme.

Sollte dies der Fall sein, gibt es irgendwelche Work Orrounds???
Gruss Xaver

Xaver Aerni
Xariffusion Informatik  Telecom
Zürichstrasse 10a
8340 Hinwil
Tel. 043 843 78 78
Fax  043 843 78 70


___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog




__ __ __ __
Sent via the WebMail system at mgz.ch





___
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog