swinog

swinog@lists.swinog.ch

3 participants
2927 discussions

BGP4nerds
by Fredy Künzler 25 Dec '23

25 Dec '23

While I do know that this mailing list is not intended for product announcements, I allow myself to make an exception. In the past years we have been asked so many times "can you do a BGP4 feed via Fiber7, I have my own ASN and IP space" and my answer was always "technically we can but we need to setup a product in our ERP system first and define the implementation process. This will take a while...". To be honest it wasn't our highest priority, though. Of course we forgot meanwhile to whom we were talking and so we are unable to contact people individually. Most people are certainly from this community. Now your prayers have been answered :-) I'm happy to announce that we have now "BGP4nerds" available. Requirement is a new or existing Fiber7 connection - no BBCS (Copper7) or BBCS-F (Hybrid7) based service. We charge CHF 30 per month extra for the BGP service along with a one time fee. This offering is of course strictly limited to non-commercial use and only available to private customers. If you are interested please send a note to sales at init7 dot net with the subject "BGP4nerds" and we'll send you a spec sheet with all the details. Happy Christmas to everyone! -- Fredy Künzler Init7 (Switzerland) Ltd. Technoparkstrasse 5 CH-8406 Winterthur https://www.init7.net/ https://ftth.init7.net/

2 1

Debugging bluewin.ch emails not going through
by Maxim Samo 08 Dec '23

08 Dec '23

Hi, I'm getting "421 EHLO temporary error - PTR lookup failed" when trying to send any email to @bluewin.ch recipients. My mailserver is mail.swill.org with proper PTR records configured though: $ dig +short -t ptr 203.200-30.135.144.213.in-addr.arpa @8.8.8.8 mail.swill.org. $ telnet 195.186.120.50 25 Trying 195.186.120.50... Connected to 195.186.120.50. Escape character is '^]'. 220 mxbw.bluewin.ch vimdzmsp-mxin03.bluewin.ch Swisscom AG ESMTP server ready ehlo mail.swill.org 421 EHLO temporary error - PTR lookup failed Is there someone from bluewin.ch here that can help me work through this? best, Maxim

2 2

Contacts and Experts for Security Incidents
by Michael Righter 23 Nov '23

23 Nov '23

Hi We are creating an emergency handbook if we would have a critical security incident. Is there someone who can suggest a company which can help to find how the guys hacked the infrastructure and how to fix it? I hope we never have to use it, but be prepared is better Thanks Michael

4 3

Mails from Proton to Outlook land in spam
by Mat Kowalski 06 Nov '23

06 Nov '23

Hi all, I wonder if someone could point me in a correct direction for debugging mails between Proton and Outlook landing in spam... What happens is * my domain XXX plugged to mail.protonmail.ch. * my 2nd domain YYY plugged to mail.protection.outlook.com. * every mail sent from Proton to Outlook lands in spam * headers as seen by Outlook indicate SCL score 5 The content I use for the test is not anything synthetic but a real message. In the headers I can also see that the "basic configuration" is correct, i.e. * SPF passed * DKIM passed * DMARC passed so this gives no useful information sadly. Maybe someone here has experience with debugging Microsoft? The issue is that this makes my private mailbox unusable as whoever out there uses Outlook as their mail service is not getting my emails. Quite sick... Thanks a lot for any help, Mateusz

4 4

ip-plus.net SPF Policy invalid
by Mario Rimann 02 Nov '23

02 Nov '23

Hoi zäme One of our customers includes the SPF-Policy of ip-plus.net in his domain. Through this (and our monitoring of it), we noticed a problem that popped up this morning. If someone at ip-plus.net / Swisscom could have a look into it, that would be great. ➜ ~ dig +short TXT ip-plus.net | grep spf "v=spf1 ip4:193.222.75.178 ip4:212.243.7.144/29 ip4:194.209.127.144/29 ip4:212.243.190.136/29 ip4:164.128.36.0/24 ip4:164.128.36.32 ip4:195.65.89.0/24 ip4:164.128.223.0/24 ip4:217.192.233.192/29 " "a:mailout.ip-plus.net ip4:138.190.0.0/16 ip4:193.222.81.96/27 ip4:212.243.177.176/29 ip4:138.188.166.0/24 ip4:138.188.176.0/24 ip4:212.243.37.66" "ip4:212.243.96.74 ip4:164.128.243.19 mx -all" The problematic part is the missing space before the second-last "ip4:" block (after 212.243.37.66). Error message the SPF validator throws is: SPF Permanent Error: Invalid IP4 address: ip4:212.243.37.66ip4:212.243.96.74 Best wishes, Mario

1 0

Operational announcement: transition from NSEC3 to NSEC in the CH/LI zone
by Daniel Stirnimann 30 Oct '23

30 Oct '23

Hi list, We plan a DNSSEC signing change for the ch. and li. zone files. Introduction: Both NSEC and NSEC3 are mechanisms that provide signed DNS records as proof of non-existence for a given name or associated Resource Record Type in a DNSSEC signed zone. While they serve the same primary purpose, NSEC3 offers added features, such as not directly disclosing bounding domain name pairs and providing "opt-out support." This latter feature allows large registries to cover blocks of unsigned delegations with a single NSEC3 record, thereby only signing as many NSEC3 records as there are signed DS or other RRsets in the zone. Recent trends and developments: Since 2021, there's been a notable increase in the percentage of domain names with DNSSEC for .ch, jumping from 6% to 49% [1]. Additionally, the TLD zone files for both .ch and .li have been made publicly accessible for download in recent years [2]. These developments have rendered the argument for using NSEC3 with opt-out less compelling. Our action plan: SWITCH is set to transition from NSEC3 (utilizing opt-out) to NSEC for both the .ch and .li TLD zones. Given the high percentage of domain names already employing DNSSEC, this shift will result in only a modest increase in the size of the zone files. Importantly, transitioning to NSEC offers several benefits [3]: * Enhanced performance and reduced latency * Decreased resource utilization on both authoritative and recursive servers * Potential bolstering of resilience against specific types of DoS attacks Scheduled transition dates: .li: 10th November 2023, 8 am CET .ch: 10th November 2023, 10 am CET Impact assessment: We expect no operational impacts for end users. However, we value feedback and observations. If you have concerns or notice any anomalies related to this transition, please don't hesitate to contact us. [1] https://www.nic.ch/statistics/dnssec/ [2] https://zonedata.switch.ch/ [3] https://datatracker.ietf.org/doc/html/rfc8198 -- Daniel Stirnimann, SWITCH-CERT Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 15, direct +41 44 268 16 24 https://switch.ch https://swit.ch/linkedin https://swit.ch/twitter

1 0

Rack Cooling getting trashed?
by Steven Glogger 21 Oct '23

21 Oct '23

Hi There I’m looking for a ventilator / aka rack cooler. If someone is about to trash it, please let me know :) I’m willing to compensate in Beer, etc. :) [cid:f10ef73e-36c2-417c-bc2f-9aae0fcfc9d3@eurprd03.prod.outlook.com] greetings -steven

1 0

attn: ip-plus postmaster regarding issue on: mail.swisscom.com
by Benoit Panizzon 19 Oct '23

19 Oct '23

Hi List Trying that way. Could the ip-plus postmaster contact me off-list please: Regarding emails to Swisscom employees reproducible disappearing after being successfully received on: mail.swisscom.com. [138.188.176.225] Mit freundlichen Grüssen -Benoît Panizzon- -- I m p r o W a r e A G - Leiter Commerce Kunden ______________________________________________________ Zurlindenstrasse 29 Tel +41 61 826 93 00 CH-4133 Pratteln Fax +41 61 826 93 01 Schweiz Web http://www.imp.ch ______________________________________________________

1 0

DENOG15 in Berlin (Workshop registration open)
by Stefan Funke 18 Oct '23

18 Oct '23

Hallo SWINOG! ========= Deutsch Das jährliche DENOG Event (DENOG15) wird dieses Jahr im Estrel Congress Center (Sonnenallee 225, 12057 Berlin) stattfinden.Wie jedes Jahr möchten wir selbstverständlich auch alle Freunde, Bekannten und Kollegen aus der SWINOG Region dazu einladen! Wer an den Workshops teilnehmen möchte, sollte jetzt die Möglichkeit benutzen und den Ticketkauf mit entsprechenden Reservierungen verbinden. Die Workshops sind immer recht schnell ausgebucht und der reguläre Ticketverkauf endet in weniger als 2 Wochen, am 28. Oktober 2023. https://www.denog.de/de/meetings/denog15/workshop_registration.html https://www.denog.de/de/meetings/denog15/tickets.html Wir freuen uns euch in Berlin! ========= English DENOG15 (19.-21.11.2023) in Berlin will be held in the Estrel Congress Center (Sonnenallee 225, 12057 Berlin). We are excited about DENOG15 in November and look forward to seeing you all again. The agenda is fixed now, and we already opened workshop registrations. Since there is limited space for all workshops, please register now to have a spot! https://www.denog.de/de/meetings/denog15/workshop_registration.html Ticket sales end on October 28th. If you haven't ordered your ticket until now, please do so at: https://www.denog.de/de/meetings/denog15/tickets.html Für die DENOG Event Orga, Stefan

1 0

Free places in DNSSEC/DANE training 19./20. October in Zurich and 30./31. October in Lausanne
by Michael Hausding 10 Oct '23

10 Oct '23

Dear Swinog We are pleased to invite you to join the DNSSEC/DANE training organised by SWITCH. We offer two options: Training in Zürich 19 Oct 2023 - 20 Oct 2023 Training in Lausanne 30 Oct 2023 - 31 Oct 2023 The DNSSEC/DANE training is targeted at registrars, hosters and email providers, but might be also valuable for those who want to improve their DNS and email security. The participation is free for Swinog members. More information and registration can be found at: https://www.switch.ch/security/DNSSEC_2023/ In case of question, do not hesitate to contact petra.raszkova(a)switch.ch. Best regards Michael ------------------------------------ Michael Hausding, Competence Lead DNS & Domain Abuse SWITCH-CERT Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland phone +41 44 268 15 77, incident phone +41 44 268 15 40 michael.hausding(a)switch.ch http://securityblog.switch.ch

1 0

← Newer
1
2
3
4
5
6
7
...
293
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

swinog