unix mailbox format

In his latest post, dds is working with the traditional unix mailbox format in order to extract some analytics on his email usage. With all its deficiencies, for 30+ years mbox remains the most portable email format in use. While other formats like mbx, maildir, etc have been invented, and although its use has changed over the years, it refuses obsolescence and for some 5 years now, it is also described in an RFC.

Simplicity at its best.

€1.60

Μου μεταφέρθηκε από αναγνώστη του blog: Έχει δύο μπουκαλάκια με νερό στο χέρι και πάει να πληρώσει:

– Ουάν-σίξτυ
– Πως είπατε;
– Έλληνας είσαι φιλαράκι; Ένα και είκοσι.

Default και πάλι default!

Q: ITU botnet mitigation toolkit?

This was sitting in my drafts folder for quite some time. It seems that ITU has (had?) and effort to create a botnet mitigation toolkit. As the web page says:

The first draft of the background material for the project was made available in December 2007 with pilot tests planned in a number of ITU Member States in 2008 and 2009.

It is 2010 now, so does anyone have any more information on the toolkit’s progress?

The Dataverse Network Project

Μια και αρκετοί πια μιλάνε (και γράφουν) για ανοιχτά δεδομένα και κυβερνήσεις, διεθνείς οργανισμοί κ.ο.κ. ανοίγουν την πρόσβαση προς τα δεδομένα που παράγουν, μια ματιά στο Dataverse project είναι χρήσιμη.

[via]

“v=spf1 mx -all”

It seems that a lot of web hosting providers are now using SPF in an effort to minimize spam that may seem to originate from their clients. Unfortunately many of them seem to use a default setup of “v=spf1 mx -all”. This configuration is interpreted as follows:

  • v=spf1 This identifies the TXT record as an SPF string.
  • mx The MX servers for the domain are allowed to send email that originates from the domain.
  • -all No other servers are allowed to send mail originating from the domain.

To the uninformed user this setup creates delivery problems, unless he is provided with a port 587/tcp submitting email option by his webhosting / email provider. For when the user tries to send email using his ISP’s outgoing SMTP server, anyone honoring SPF records drops the email. And yes the hosting provider never hears about that because the user calls the first level support of the ISP who clearly cannot help him.

-all is a good idea only when you provide your customer with a port 587/tcp sending email option.

Note: This post was triggered by my frustration because of a similar case and the timely request of a reader of this blog to write something about SPF. To be honest, I do not consider SPF as an antispam solution since a spammer can have (and in fact many do) perfectly legal SPF records for domains that they own.

REX – the RIPE NCC Resource Explainer

Another gem from Thursday’s and Friday’s training course: REX – the RIPE NCC Resource Explainer. Historical data on IP space allocated to you by RIPE NCC, reverse DNS stuff, inclusion to blacklists and other interesting data is there. Highly useful when you need to document certain decisions or recommendations to higher management since they come from an unbiased trusted third party. The kind of stuff you expect RIPE NCC to give back to its members.

IPv6: an exercise

Today’s RIPE training course included a very interesting exercise:

We will run out of available IPv4 addresses before we run out of the need for IPv4. But we may be able to make more efficient use of the IPv4 addresses we already hold.

Within your group, think of areas in your network where you could reclaim IPv4 addresses. This can be done by changing some parts of your network to use private IPv4 address space, or you could change the way you have subnetteed, or some other way entirely…

Also think of which networks can already be completely migrated to IPv6 (not dual stacked!) without any problems.

You and your group have 10 minutes to come up with all reclaimable IPv4 addresses in your networks.

For each area, we’d like to know:

  • advantages
  • disadvantages
  • feasibility
  • amount of address space/time it will provide

Within these 10 minutes I was able to locate about 3 (maybe 4) /24 networks that could be reclaimed and I am sure that discussions with our routermasters will reveal some more. The time to act for IPv6 is now.