Just press 1 then who ever takes the call can put you on to the right person;) Regards Adam Fenech www.dreamnet.co.nz ----- Original Message ----- From: "Lesley Walker" To: Sent: Saturday, December 04, 2004 3:16 PM Subject: Re: [nznog] Viruses originating from Xtra network

Andrew Walters wrote:

...

Have you called them? 0800 289 987

"If you are an existing Xtra customer, press 1" No, I'm not. "If you want to talk to a salesdroid, press 2" No, I don't.

So I press 0. They know about that trick, and I get the same message again.

I press various numbers, eventually get a "press 3 for anything else", so I press 3 and get a message saying there's going to be a long delay due the popularity of something or other.

I don't have time for this nonsense! Anyone got a better number?

-- Lesley Walker, Wellington, New Zealand LRW(a)clear.net.nz http://home.clear.net.nz/pages/lrw http://walkinguphills.blogspot.com/

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

Anyone you speak to within Xtra Tech Support will tell you 'email logs to abuse(a)xtra.co.nz'. Noone you talk to over the telephone is going to give you real time support on a virus infection issue. The Possible Exception may be the Complex Tech Support team who are on 0800 BUSINESS (287 463). + tech support IVR option. They are however a tech team and not a security team, so don't be suprised if they give you the same canned response. Their security team do deal with all valid emails to abuse@ even if they don't acknowledge them directly. Also please bear in mind that nomatter what ISP is involved, all customers need time to be warned, and get fixed, before theyll have their accounts nuked. Its a tough call to take someone off the internet when their only hope is software that needs to be downloaded _from_ the internet... Disclaimer: I don't represent Xtra or Telecom or anyone else except yours truly. This is based on my experiences as an Xtra customer and someone who has reported virus to Xtra Abuse Team many times! PS: The 'Dial 0' trick is a cop out. With a company as big as Xtra, you can't realistically expect them to leave a Dial 0 option in there _and then_ expect to keep call durations down - you wont get the answer you want from a receptionist, will you?. If their support staff are busy, theyre busy. Sit on hold, try again later, or email them. (And hope that they realise their Queues are busy (and they will, theres enough software there tracking their Queue stats) and modify staffing levels as a result (also standard callcentre practise.) Mark. On Sat, 4 Dec 2004, Juha Saarinen wrote:

Lesley Walker wrote:

...

"If you are an existing Xtra customer, press 1" No, I'm not. "If you want to talk to a salesdroid, press 2" No, I don't.

So I press 0. They know about that trick, and I get the same message again.

;)

...

I press various numbers, eventually get a "press 3 for anything else", so I press 3 and get a message saying there's going to be a long delay due the popularity of something or other.

I don't have time for this nonsense! Anyone got a better number?

No, but try asking the person exhorting you to fire up Intarweb Exploder to check if your Bonzi Buddy is working to put you through to "Complex Support". Be prepared to wait for a while though.

-- Juha

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

blakjak(a)babylon:~$ telnet smtp.xtra.co.nz 25 Trying 203.96.92.131... Connected to smtp.xtra.co.nz. Escape character is '^]'. 220 mta1-rme.xtra.co.nz ESMTP server ready Sat, 4 Dec 2004 17:55:38 +1300 helo xtra.co.nz 250 mta1-rme.xtra.co.nz mail from: blakjak(a)mydomain 250 Sender Ok rcpt to: abuse(a)xtra 250 Recipient Ok data 354 Ok Send data ending with <CRLF>.<CRLF> Test. . 250 Message received: 20041204045549.WBZG56.mta1-rme.xtra.co.nz(a)xtra.co.nz Seems to work ok Here. (the above deliberately mangled so that web crawlers wont pick up the addresses. The message was delivered and hasnt bounced.) Mark. (PS: heaven forbid, if worst comes to worst, you could email their helpdesk with 'i tried to send this to your abuse team, but there was an error, could you forward this on' or something to that effect) :-) On Sat, 4 Dec 2004, Mike Cooper wrote:

Reporting-MTA: dns; desire.actrix.co.nz Arrival-Date: Tue, 2 Nov 2004 10:42:16 +1300 (NZDT) Final-Recipient: rfc822; abuse(a)xtra.co.nz Action: failed Status: 5.0.0 Diagnostic-Code: X-Postfix; host mta.xtra.co.nz[203.96.92.132] said: 550 Invalid recipient: (in reply to RCPT TO command)

That's of course when the address is actually functioning.

Mark Foster wrote:

...

Their security team do deal with all valid emails to abuse@ even if they don't acknowledge them directly. Also please bear in mind that nomatter what ISP is involved, all customers need time to be warned, and get fixed, before theyll have their accounts nuked. Its a tough call to take someone off the internet when their only hope is software that needs to be downloaded _from_ the internet...

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

On Sun, 2004-12-05 at 09:05 +1300, Glen Eustace wrote:

As one would expect, Xtra get a fair few notifications and I must admit that I was more than a little surprised to find that their 'abuse team' are the most responsive of all the ISPs in NZ !! They acknowledge the notifications by automated return mail and as each incident is closed we get a closure report. I spoke with them by phone when we were getting the system setup and they were very supportive and helpful.

I echo Glen's comments. As security officer for another large university I have had to deal with most of the NZ ISPs at one time or another and have always found Xtra's abuse folk responsive. I normally get an automated response on receipt and on the odd occasion that I have had to follow up I have had response on closure. As someone (Mark ?) pointed out don't expect anything to happen for a day or two. ISPs have to give customers a reasonable amount of time to get their act together before taking drastic action like suspending the account. Cheers, Russell --

Joe Abley wrote:

If any Telecom netops people come to the NZNOG meeting in February, I hereby promise to buy them beer.

It appears 2day.com is sponsoring dinner drinks, so we will pay for everybody elses beer :-) regards -- Peter Mott Chief Engineer 2DAY INTERNET LIMITED http://www.2day.com "It's kind of fun to do the impossible!" Walt Disney