A friend just told me that Cybernet told him there is a Switzerlandwide Internet Problem.
Does anybody know something?
Online Consulting AG, Michele Capobianco, System Administrator, Weststrasse 38, CH-9500 Wil
Phone +41 (0)71 913 31 31, Fax +41 (0)71 913 31 32
hopefully I do not break here a subscription-Law, so simply:
We have some Cisco parts / devices on Stock, which where nearly never
2x Firewall Cisco ASA5520-AIP20-K9
(ASA 5520 Appl w/ AIP-SSM-20, SW,300 VPN, Prs,4GE+1FE,3DES/AES)
1x Switch Cisco WS-C4507R + some modules
(2x 24 port 10/100/1000 GBE / 2x V Console / 2x power supply etc
They where bought for a project, which was frozen, and there was no
fit in other needs / projects.
If you see need, please contact me directly in english or german.
Detailed product list & photos available on request.
Condition of devices: nearly new
ASA's where tested only some hours
4507er was in use for about 2-3 months
Bougt end 2006. Used in Summer 2007
Will be sold on highest bid.
Test before possible, sold without warranty.
Device location: near to Zurich
do you know company near Zurich, which makes business with
buying/selling used hardware in this class ?
We simply want to cleanup our stock ASAP.
Mit freundlichen Grüßen
To officially talk about the "mail problems on port 25 with swisscom dsl" I would like to give you some (technical) information.
We had several needs to stop spam from our network:
- We're receiving about 30'000-100'000 abuse complaints per month (contains multiple reports per case)
- Mail filtering on our infrastructure (our mail servers) are only catching 20% of all spam sent from swisscom dsl - 80% is sent directly from the customer lines. (source: http://www.maawg.org/port25)
- About 60% to over 90% of all mails sent over residential customer lines are identified as spam. This is more than 10 millions spam emails per day (~375 terabytes per year)
The impacts are clear:
- Spam generates a quite high amount of cost within Swisscom (money, personal, time, storage, data, etc.)
- Our reputation is getting bad
- We might get listed on blacklists (-> impact on legimite traffic)
- Customers are getting blocked (e.g. in sandbox) and are not happy therefore (most of the customers are not realizing, that they are sending spam, because they are virus-/trojan-infected)
So, what we did and what are we doing?
We currently ran a pilot. The productive rollout which will affect all customers will start this week and will take around 2 months until all customers are migrated. Only (ex-)bluewin customers with dynamic adsl-lines will be affected.
Swisscom has published an official statement on http://www.swisscom.ch/p25 and modifies the error-message sent to the customer which will be more clearer.
The pilot showed very clearly that this countermeasure is very effectful in stopping outgoing spam.
Going to the technical part:
We're running a transparent proxy on port 25 (smtp) which gets communication from any customer to any port 25 (Layer 4 redirect feature).
The proxy is analyzing the email and if it detects that spam has been sent he will reject the connection by issuing an error message to the customer (the mailclient will notice: smtp-error). If the mail is a normal and legitimate email -> no problem: mail will be sent. We will even insert a "received-from:" line in the header. If a bot/trojan is trying to send emails, the customer will not notice. There are no mails beeing stored on the filter server. All decisions are made on-the-fly.
Customers, which are virus-affected are handled by the standard abuse process which we have in place (inform, quarantine in a sandbox, etc.).
The option for layer 4 redirect is activated via radius - so it can be turned off on request and the customer just has to reconnect.
For dynamic customers the option will be activated by default.
Customers are asked to authenticate their smtp session and use the mail submission port 587 (not filtered).
So, will this affect non-smtp traffic on port 25? Unfortunately, yes. This traffic will be lost. If the customer has a need to use port 25 for other purposes than email he can request turning of the redirecting feature.
If a customer usses SSL via port 25 does it work? No, it will be dropped.
Customers are kindly requested to use port 465 instead.
If a customer uses smtp auth via port 25, will this work? He will receive a smtp error like "sorry, smtp auth not possible. use 587" (error 573).
Will we start to block completely port 25 in the future? No, absolutely not.
So, I hope things are now getting clearer ,-)
Telefon +41 44 294 58 41
Mobile +41 79 277 92 35
Fax +41 86 079 277 92 35
Swisscom (Schweiz) AG
Network & IT
Network Engineering & Operations
Since midnight we are having problems sending traffic to du.ae (our
datacenter in Dubai (DIFC)). Does anyone else have problems with
communication to Dubai/DIFC/Du.ae ?
With Kind Regards
Systems & Infrastructure
Penta Consulting SA
Voice +41 22 316 1090
Direct +41 22 316 1028
Fax +41 22 316 1099
Your applications everywhere, always TM
Could someone from Cablecom contact me off-list? Its about SMTP/MX.
Thanks a lot
Nine Internet Solutions AG
044 637 40 00
-----BEGIN PGP SIGNED MESSAGE-----
Is there a technician of Xincs.eu online? Please contact me offlist, all your official contact ways are dead/not answered!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (Darwin)
-----END PGP SIGNATURE-----