Re: Route Policy Database/Filters
This is were a neutral third party like a University may be of assistance as it should have no particular commercial barrow to push in terms of Internet services.
- Given that we use the Merit RADB, who would handle disputes in entries in that database, if we used our own who would set policy there and resolve disputes ?
Thanks and best regards Warwick **************************************************** Warwick Glendenning NZCE REA, Dip.Mgt.St. Team Leader, Networks and Operations Centre Information and Technology Services Division University of Waikato, Hamilton NZ Tel:07-8384363 Fax: 07-8384066 Mobile: 025-356121 Email:warwickg(a)waikato.ac.nz --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Wed, 3 Jun 1998, Warwick Glendenning wrote:
This is were a neutral third party like a University may be of assistance as it should have no particular commercial barrow to push in terms of Internet services.
- Given that we use the Merit RADB, who would handle disputes in entries in that database, if we used our own who would set policy there and resolve disputes ?
I believe (although I need to check) that the RPSL spec allows for
supernets to be maintained by a specific maintainer object, and that
sub-delegations can inherit the protection that the supernet object enjoys
in terms of unauthorised updates (by password, PGP signed request, etc).
I think. I haven't checked though.
If this is the case, then the policy and protection against unauthorised
updates would be more or less automatic using the existing merit rr.
Joe
--
Joe Abley
Warwick Glendenning wrote:
This is were a neutral third party like a University may be of assistance as it should have no particular commercial barrow to push in terms of Internet services.
- Given that we use the Merit RADB, who would handle disputes in entries in that database, if we used our own who would set policy there and resolve disputes ?
Can I suggest that we might want to include ISOCNZ as a possible arbiter in these issues? It fits with their role in governance of thr 'nz' name space. andy -- Mailto:Andy.Linton(a)netlink.co.nz Tel: +64 4 916 5312 Post: Netlink, PO Box 5358, Lambton Quay, Wellington, New Zealand PGP public key: http://www.pgp.com/keyserver/pks-lookup.cgi -- --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
Warwick Glendenning wrote:
This is were a neutral third party like a University may be of assistance as it should have no particular commercial barrow to push in terms of Internet services.
- Given that we use the Merit RADB, who would handle disputes in entries in that database, if we used our own who would set policy there and resolve disputes ?
Can I suggest that we might want to include ISOCNZ as a possible arbiter in these issues? It fits with their role in governance of thr 'nz' name space.
andy
Would ISOCNZ be interested in playing police man in this case? Their other policies seem to be `first come first served - and let the courts sort it out'. But if they want to take it on then no worries Dean -- ---------------------------------------------------------------------- Dean Pemberton BSC(Compsci) | email: dean.pemberton(a)natlib.govt.nz| Datacommunications Analyst |cphone: +64-21-633-434 | National Library of NZ |All opinions contained within this | PGP key avail from keyserver |email are purely my own. | ---------------------------------------------------------------------- --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Thu, Jun 04, 1998 at 12:22:20AM +0000, Andy Linton wrote:
Can I suggest that we might want to include ISOCNZ as a possible arbiter in these issues? It fits with their role in governance of thr 'nz' name space.
And in doing so alienate have on the 'net community? Where possible, I would keep this very separate from ISOCNZ. -Chris --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
And in doing so alienate have on the 'net community?
Oh damn, that should read "half on the 'net community" of course. -Chris --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Thu, 4 Jun 1998, Chris Wedgwood wrote:
And in doing so alienate have on the 'net community?
Oh damn, that should read "half on the 'net community" of course.
Oh, that makes more sense. You certainly raised an exception on my parser.
Joe
--
Joe Abley
Joe Abley wrote:
On Thu, 4 Jun 1998, Chris Wedgwood wrote:
And in doing so alienate have on the 'net community?
Oh damn, that should read "half on the 'net community" of course.
Oh, that makes more sense. You certainly raised an exception on my parser.
I'd have gone for 'half of the net community' if I were saying it. (:-) I'm curious as to why the body that administers the 'nz' namespace should be perceived as a controversial choice. I'm not suggesting that they run anything, merely act as arbitrators in the event of dispute. At least each of the members of this list and/or their employers have the option of joining ISOCNZ and voting in a council to formulate policy. I'd throw down the gauntlet to the members of this list to join and change ISCONZ if they don't like how it's run. If ISOCNZ isn't a suitable candidate then can we hear some other suggestions. I'd say the University of Waikato aren't an impartial observer in this and the ISPs have no say in who would make up the members of an arbitration panel from that source. Of course, we could form YANONZ (Yet Another Networking Organisation in NZ) and waste even more time trying to raise funds and have meetings. -- Mailto:Andy.Linton(a)netlink.co.nz Tel: +64 4 916 5312 Post: Netlink, PO Box 5358, Lambton Quay, Wellington, New Zealand PGP public key: http://www.pgp.com/keyserver/pks-lookup.cgi -- --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Thu, Jun 04, 1998 at 05:57:58AM +0000, Andy Linton wrote:
Joe Abley wrote:
I'd have gone for 'half of the net community' if I were saying it. (:-)
Irk... I'm having a bad keyboard day.
I'm curious as to why the body that administers the 'nz' namespace should be perceived as a controversial choice.
[This is my pet subject at times, if you only want to flame, go right ahead, but to me, not the list. OTOH if I'm telling big lies, then its only reasonable for those replies to go to the list] DomaiNZ != ISOCNZ Domainz => A fairly good registry authority, although it seems (but isn't necessarily) a tad over run by marketroids, but they must make gobs of money so they need marketroids to spend it all. Contrast www.domainz.net.nz and Internic. Which one is best suited to marketroids, which on to techoids? ISOCNZ => A self appointed group of bureaucrats who so far haven't done anything remarkable in their two years (?) of existence, aside form domainz, which seems to more Waikato uni. anyhow. Of course, I could be wrong - I often am.
I'm not suggesting that they run anything, merely act as arbitrators in the event of dispute.
And have the powers to do what?
At least each of the members of this list and/or their employers have the option of joining ISOCNZ and voting in a council to formulate policy.
I'd throw down the gauntlet to the members of this list to join and change ISCONZ if they don't like how it's run.
I'm only in partial agreement. I'm not an ISOCNZ member, and I don't like how they are run. I didn't ask for ISOCNZ or agree to them in the first place. They just appeared and said we are here and this is what we will do. Noone else had a say. Anyhow, I'm not going to argue about that - its probably easier for me to join ISOCNZ and make trouble^W^Waddress issues that way....
If ISOCNZ isn't a suitable candidate then can we hear some other suggestions.
YANONZ. (Anyone for www.yanonz.org.nz). Seriously, this is a good point, if we aren't to form a new organisation, then perhaps choosing the lesser of many evils is a better way to approach things.
I'd say the University of Waikato aren't an impartial observer in this and the ISPs have no say in who would make up the members of an arbitration panel from that source.
Very true, but maybe its time that NZ ISP looked at actually trying to get along better with each other. I know its never worked before, but maybe it is worth trying again. Something a bit like ISPANZ was supposed to be, only not just fo ISPs, but for the industry as a whole.
Of course, we could form YANONZ (Yet Another Networking Organisation in NZ) and waste even more time trying to raise funds and have meetings.
Meetings... meetings are really hard because most ISPs are either in Auckland or Wellington, perhaps some other non-physical medium should be looked at at some point. (Oh, please, not IRC though). I don't see why a network organisation can't have meetings over the 'net. -Chris --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
Here's an extract from a recent messaage we got about one of our customers from someone at an NZ ISP.
The above server was detected trying to deliver mail from known bogus addresses to our servers and subsequently tested positive to a basic spam relaying check.
As an open spam relay, it has been added to the rbl.shub-inter.net DNS blackhole, used by a few dozen ISPs worldwide and around 10 ISPs within NZ. This will already be affecting your connectivity.
The Shub-inter.net blackhole was created as an adjunct to the rbl.maps.vix.com blachole, which is used by approximately 10,000 servers worldwide. Its purpose is to provide filtering against sites which are open relays, but which have not made it into the vix.com list.
Addition to the vix.com list is only a matter of time if the server is left as-is.
Removal from the shub-inter.net list is only achieved by fixing the open server.
I have a number of questions for the group: 1) Is anyone here part of this arrangement? 2) Are people here happy that a group of individuals, ISPs etc are operating in this way? I'd prefer to see 'offenders' being approached and given the opportunity to mend their ways before unilateral action is taken. 3) Has anyone any opinion on whether a group acting in this way forms a cartel which restrains trade? I feel it might well do. Repsonses on a postcard to ... -- Mailto:Andy.Linton(a)netlink.co.nz Tel: +64 4 916 5312 Post: Netlink, PO Box 5358, Lambton Quay, Wellington, New Zealand PGP public key: http://www.pgp.com/keyserver/pks-lookup.cgi -- --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Sun, 5 Jul 1998, Andy Linton wrote:
I have a number of questions for the group:
1) Is anyone here part of this arrangement?
We are not.
2) Are people here happy that a group of individuals, ISPs etc are operating in this way? I'd prefer to see 'offenders' being approached and given the opportunity to mend their ways before unilateral action is taken.
This is more like Paul Vixie's crew's approach; you only get onto the MAPS RBL if you've repeatedly refused to respond to e-mail from them, or you refuse point-blank to modify your SMTP relays to, well, stop them relaying. I would be interesting in finding out who else is using this alternative RBL zone though.
3) Has anyone any opinion on whether a group acting in this way forms a cartel which restrains trade? I feel it might well do.
% nznog | state_opinions -v -exec sendmail -fjabley(a)clear.co.nz \;
state_opinions: question 3 has insufficient technical aspects to allow
opinion to be formed - substituting geek joke
%
Joe
--
Joe Abley
On Sun, Jul 05, 1998 at 10:44:15PM +0000, Andy Linton wrote:
Here's an extract from a recent messaage we got about one of our customers from someone at an NZ ISP.
The above server was detected trying to deliver mail from known bogus addresses to our servers and subsequently tested positive to a basic spam relaying check.
As an open spam relay, it has been added to the rbl.shub-inter.net DNS blackhole, used by a few dozen ISPs worldwide and around 10 ISPs within NZ. This will already be affecting your connectivity.
The Shub-inter.net blackhole was created as an adjunct to the rbl.maps.vix.com blachole, which is used by approximately 10,000 servers worldwide. Its purpose is to provide filtering against sites which are open relays, but which have not made it into the vix.com list.
Addition to the vix.com list is only a matter of time if the server is left as-is.
Removal from the shub-inter.net list is only achieved by fixing the open server.
I have a number of questions for the group:
1) Is anyone here part of this arrangement?
Yes. Several NZ sites use this, probably affecting over a thousand or so NZ domains (the later is guess extrapolated from what I know and what I assume so could be completely bullshit, it may in fact be half of this value or considerable greater).
2) Are people here happy that a group of individuals, ISPs etc are operating in this way? I'd prefer to see 'offenders' being approached and given the opportunity to mend their ways before unilateral action is taken.
I used to like the gentle approach (ie. Paul Vixies rbl.vix.com) - except the spam is a very time consuming expensive issue to deal with. If your not clue less, you won't get bitten. If you are clue less, and have been bitten by this, and can't resolve the problems, then do the world a favour and take your self out of the gene pool. [Yes, a bit harsh, but I'm sick of dealing with spam these days]
3) Has anyone any opinion on whether a group acting in this way forms a cartel which restrains trade? I feel it might well do.
Use of rbl.shub-inter.net is voluntary, as as many other spam blocking systems. To date, I've had no complaints and a significant amount of praise since using rbl.shub-inter.net, so I'm currently of the opinion that is more of a win than a loss. However, if this - or any other system, looks like it going to restrict freedom more than spam presently does, then I for one will discontinue using it. -Chris --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
Chris,
If your not clue less, you won't get bitten.
This particular case has arisen because an NZ ISP came to the incorrect conclusion that domain XXXX.co.nz was relaying, and then advocated their inclusion in the block list. The domain wasn't well-configured mail wise, but wasn't relaying. The ISP concerned thought that XXXX.co.nz was using a totally different MTA than they actually were, and was generally confused about how XXXX.co.nz worked. XXXX.co.nz wasn't relaying. XXXX.co.nz got bitten. I support the eradication of spam, and I also support giving relaying sites a good swift kick up the rear - but this case is a result of an over-zealous ISP not being as careful as they should be when acting as judge and jury ... Daniel. ------------------------------------------------------------------------------ Daniel Ayers, B.Sc (Hons), M.Sc Email: daniel.ayers(a)netlink.co.nz Network Security Specialist DDI Phone: +64-4-916-5622 Netlink Fax: +64-4-916-5300 23 Waring Taylor St, PO Box 5358 Mobile: +64-21-387-334 Wellington, New Zealand URL: http://www.netlink.co.nz --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
XXXX.co.nz wasn't relaying. XXXX.co.nz got bitten.
Mistakes do happen - perhaps this one was miss-diagnosed? I did discuss this issue with someone not long (a week maybe) ago and was left with the impression that candidates for rbl.shub-inter.net are thoroughly checked. If there was a mistake, then please contact the relevant people and have them remove you from the list. Also, please let them know there was an error on their part and hopefully additional checks will be made in future to prevent (or minimise) any further problems. No body is trying to be unreasonable or do anything to restrict legitimate activities of any other 'net users.
I support the eradication of spam, and I also support giving relaying sites a good swift kick up the rear - but this case is a result of an over-zealous ISP not being as careful as they should be when acting as judge and jury ...
If that is indeed the case, then somebody owes someone an apology - mistakes can and do happen. If possible, could you (in private email) send me the name of the domain in question please? -Chris --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Mon, 6 Jul 1998, Chris Wedgwood wrote:
No body is trying to be unreasonable or do anything to restrict legitimate activities of any other 'net users.
That makes me feel a whole lot better. ;-) I'll let our customers know this next time they suspect foul play. --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Mon, Jul 06, 1998 at 12:34:25PM +1200, Jamie Clark wrote:
That makes me feel a whole lot better. ;-)
In a perfect world - people perhaps wouldn't make mistakes, but, then its not a perfect world. Its also not clear, whether or not a mistake has been made, or there is a good reason for a specific site to have been blacklisted. I'm not trying to defend a system which is controlled by 'over zealous administrators with a chip on their shoulder' - because I don't believe that is what we are dealing with. rbl.shub-inter.net is harsh, very harsh, especially when compared to rbl.maps.vix.com - whether or not it does more harm than good is perhaps the issue, and my personally experience so far (after only a week or two of using it I admit) is that is does indeed do a lot of good, and negligible harm.
I'll let our customers know this next time they suspect foul play.
Your customers suspect foul play a lot huh? -Chris --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Sun, 5 Jul 1998, Andy Linton wrote:
1) Is anyone here part of this arrangement?
Not us.
2) Are people here happy that a group of individuals, ISPs etc are operating in this way? I'd prefer to see 'offenders' being approached and given the opportunity to mend their ways before unilateral action is taken.
I tend to agree. The intent of RBL (to help eradicate spam) is OK, but its implementation leaves much room for abuse. IMO the clueless are not as much a problem as the zealots with half a clue and perhaps a chip on their shoulder.
3) Has anyone any opinion on whether a group acting in this way forms a cartel which restrains trade? I feel it might well do.
Pass. -Jamie --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
1) Is anyone here part of this arrangement?
Not I.
2) Are people here happy that a group of individuals, ISPs etc are operating in this way? I'd prefer to see 'offenders' being approached and given the opportunity to mend their ways before unilateral action is taken.
I agree with a number of the other people who have replied to this message. While Paul Vixie's approach to adding people to the RBL is the safest, it does however not address the narrow timewindow that you have to stop SPAM from being a problem. I think that for an anti-SPAM system to be effective you need to add sites the the list as soon as possible. A system that added people to the list if there were `resonable grounds' while allowing ISPs to remove themselves from the list if they can show that their addition was in error seems to be the best solution. Afterall this is what happens with our current justice system. If there are resonable grounds to suspect that I have commited a crime then I can be arrested on the spot. It is then up to me to convince the authorities that I am innocent. This allows us to get the truly guilty people off the streets in the minimum ammount of time, by sacrificing a small amount of convienience for those people who are falsly accused. Is this how we want to run the Internet SPAM Problem???? Who knows? I dont make the rules! =)
3) Has anyone any opinion on whether a group acting in this way forms a cartel which restrains trade? I feel it might well do.
# grep -i lawyer deancv # Nope Dean -- ---------------------------------------------------------------------- Dean Pemberton BSC(Compsci) | email: dean.pemberton(a)natlib.govt.nz| Datacommunications Analyst |cphone: +64-21-633-434 | National Library of NZ |All opinions contained within this | PGP key avail from keyserver |email are purely my own. | ---------------------------------------------------------------------- --------- To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz where the body of your message reads: unsubscribe nznog
On Mon, 6 Jul 1998, Dean Pemberton wrote:
I agree with a number of the other people who have replied to this message. While Paul Vixie's approach to adding people to the RBL is the safest, it does however not address the narrow timewindow that you have to stop SPAM from being a problem.
Surely the point is that as time goes by you get closer and closer to the utopia where you accept no mail (ever) from a promiscuous relay machine? The RBL is only intended to cut down untraceable mail posted through promiscuous relays, I thought. There will always be a danger from people posting spam from a real address. I don't really see where the narrow time window comes into it; spam will flood out from a relay until it is blocked. Then no more spam will flow. Although I think that flowing spam is pushing the metaphor to extremes.
Afterall this is what happens with our current justice system. If there are resonable grounds to suspect that I have commited a crime then I can be arrested on the spot. It is then up to me to convince the authorities that I am innocent. This allows us to get the truly guilty people off the streets in the minimum ammount of time, by sacrificing a small amount of convienience for those people who are falsly accused.
Well, that might be how it works in Wellington :) I thought it was up to the prosecutor to prove guilt...
Is this how we want to run the Internet SPAM Problem????
Who knows? I dont make the rules! =)
That's more or less the key issue, isn't it? Nobody does.
3) Has anyone any opinion on whether a group acting in this way forms a cartel which restrains trade? I feel it might well do.
# grep -i lawyer deancv #
# which grep
/tmp/.ho-ho-ho/joes-trojan
#
That'll teach you to run untrustworthy, obscure software as root :)
Joe
--
Joe Abley
participants (7)
-
Andy Linton -
Chris Wedgwood -
Daniel Ayers -
Dean Pemberton -
Jamie Clark -
Joe Abley -
Warwick Glendenning