headers
Alessandro Vesely | 1 Aug 17:39
Picon
Favicon

Q: An API to report network abuse locally

Hi all,
I'm wondering whether there is anything better than parsing log 
files to get specific types of abuse.

Dictionary attacks, netbot spam, and similar bad behavior can be 
diagnosed by the relevant application. It responds a suitable error 
code, and usually writes a log line. It is CPU intensive to parse 
the log files in order to extract the relevant IP address and take 
appropriate action. (The specific action, e.g. block port 25 using 
iptables for the next 10 minutes, is obviously part of local 
system/network policies.)

Isn't it possible to configure what agent should get what notices 
without parsing log files? Would that be part of SNMP, GSS, STREAMS 
or what? Any idea?

TIA
Permalink | Reply | 0 comments |
headers
Julian Reschke | 10 Aug 14:21
Picon
Picon

Call for feedback on HTML5 spec on "predefined vocabularies"

Hi,

(cross-posted to IETF apps-discuss, plus vcarddav and calsify mailing lists)

the W3C HTML Working Group is currently preparing a new Working Draft 
for HTML5. This will be based on the current Editor's Draft at 
<http://dev.w3.org/html5/spec/Overview.html>).

A significant change since the last Working Draft is the introduction of 
"microdata", a way to augment the markup with semantics, similar to and 
competing with RDFa and microformats in general (see 
<http://dev.w3.org/html5/spec/Overview.html#microdata>).

As part of introducing microdata, the spec also defines several 
"predefined vocabularies". Some of them are based on IETF formats (and 
this is why I'm writing this particular email).

One of these vocabularies is "vcard" (see 
<http://dev.w3.org/html5/spec/Overview.html#vcard>). As far as I can 
tell, the HTML spec more or less duplicates information from RFC 2426, 
and while doing so also introduces specific compliance criteria. It does 
*not* refer to 
<http://tools.ietf.org/html/draft-ietf-vcarddav-vcardrev-08>, so, as far 
as I can tell, it would hardwire the vocabulary to a soon-to-be-outdated 
version of the spec, and also removes the inherent extensibility model.

Another predefined vocabulary is "vevent" (see 
<http://dev.w3.org/html5/spec/Overview.html#vevent>), to which similar 
observations apply.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Alfred E. Heggestad | 10 Aug 21:40

Re: WGLC: draft-ietf-behave-turn-uri-02

Dan Wing wrote:
> BEHAVE is starting a 3 week working group last call (WGLC), ending August 19,
> for 
> 
>   draft-ietf-behave-turn-uri-02
>   "Traversal Using Relays around NAT (TURN) Uniform Resource Identifiers"
> 
> 
> *** Review by folks familiar with URIs are encouraged.  ***
> 
> 
> Please send technical comments to the BEHAVE list, and editorial comments to
> the authors.
> 

I have done a WGLC review of the document draft-ietf-behave-turn-uri-02.

 
The document looks good, it is quite easy to read, and it should be
quite easy to implement from reading the text.
I do not have any major comments.

/alfred
Permalink | Reply | 0 comments |
headers
Julian Reschke | 11 Aug 15:46
Picon
Picon

ietf-charsets archive gone?

Hi,

it was just pointed out to me that it's hard (impossible?) to find the 
archive for the ietf-charsets mailing list.

<http://www.iana.org/assignments/charset-info> points to 
<http://mail.apps.ietf.org/ietf/charsets/maillist.html>, but that 404s 
(maybe just recently?).

<https://datatracker.ietf.org/list/nonwg/> mentions the list, but 
doesn't point to an archive (I did find a copy at lists.w3.org, but it 
stops in 2004).

What's going on here?

BR, Julian
Permalink | Reply | 5 comments |
headers
Ravi shankar | 13 Aug 12:56
Picon

Feasibility research request: POP3 and IMAP4 extension to send mail

Hi All,
 
Need your valuable inputs on the subject of ability to extend the POP3 and IMAP4 to send mails, in addition to retrieving mails.
 
I'm currently doing a research on this topic and would like to have your valuable feedbacks on the possibility and probably hinderance in terms of any step in the process.
 
Appreciate your help!
 
Regards,
Ravi
 
_______________________________________________
Apps-Discuss mailing list
Apps-Discuss <at> ietf.org
https://www.ietf.org/mailman/listinfo/apps-discuss
Permalink | Reply | 5 comments |
headers
Al Costanzo | 13 Aug 16:02
Favicon

Re: Feasibility research request: POP3 and IMAP4 extension to send mail

Ravi,
 
Your email does not give us much to go with to respond. I worked on one or two  RFC in my day.
 
Why would you want to extend protocols that are not intended for this purpose?
 
Have a look at the RFCs for SMTP and explain why you would want to do this so the IETP could respond to you.
 
 
 
Regards,
 
Al Costanzo
----- Original Message -----
Sent: Thursday, August 13, 2009 5:56 AM
Subject: Feasibility research request: POP3 and IMAP4 extension to send mail

Hi All,
 
Need your valuable inputs on the subject of ability to extend the POP3 and IMAP4 to send mails, in addition to retrieving mails.
 
I'm currently doing a research on this topic and would like to have your valuable feedbacks on the possibility and probably hinderance in terms of any step in the process.
 
Appreciate your help!
 
Regards,
Ravi
 

_______________________________________________
Apps-Discuss mailing list
Apps-Discuss <at> ietf.org
https://www.ietf.org/mailman/listinfo/apps-discuss
_______________________________________________
Apps-Discuss mailing list
Apps-Discuss <at> ietf.org
https://www.ietf.org/mailman/listinfo/apps-discuss
Permalink | Reply | 2 comments |
headers
Tony Hansen | 13 Aug 15:26
Picon
Favicon

Re: Feasibility research request: POP3 and IMAP4 extension to send mail

There was a non-standard extension made to POP3 many years ago to do 
this. It fell on the wayside and no one uses XTND XMIT any more. People 
are expected to use the Submission protocol these days (RFC 4409).

	Tony Hansen
	tony <at> att.com

Ravi shankar wrote:
> Need your valuable inputs on the subject of ability to extend the POP3 
> and IMAP4 to send mails, in addition to retrieving mails.
>  
> I'm currently doing a research on this topic and would like to have your 
> valuable feedbacks on the possibility and probably hinderance in terms 
> of any step in the process.
Permalink | Reply | 0 comments |
headers
Ravi shankar | 13 Aug 15:49
Picon

Re: Feasibility research request: POP3 and IMAP4 extension to send mail

Hi Al,
 
Much appreciate your reply. I have been doing this feasibility study to see how blocking port25 from client computers would affect botnets and their dynamics.
 
Before i jump in to the pool, thought if someone had similar ideas and their thoughts of how practical it is.
 
Regards,
Ravi

On Thu, Aug 13, 2009 at 7:32 PM, Al Costanzo <al <at> akc.com> wrote:
Ravi,
 
Your email does not give us much to go with to respond. I worked on one or two  RFC in my day.
 
Why would you want to extend protocols that are not intended for this purpose?
 
Have a look at the RFCs for SMTP and explain why you would want to do this so the IETP could respond to you.
 
 
 
Regards,
 
Al Costanzo
----- Original Message -----
Sent: Thursday, August 13, 2009 5:56 AM
Subject: Feasibility research request: POP3 and IMAP4 extension to send mail

Hi All,
 
Need your valuable inputs on the subject of ability to extend the POP3 and IMAP4 to send mails, in addition to retrieving mails.
 
I'm currently doing a research on this topic and would like to have your valuable feedbacks on the possibility and probably hinderance in terms of any step in the process.
 
Appreciate your help!
 
Regards,
Ravi
 

_______________________________________________
Apps-Discuss mailing list
Apps-Discuss <at> ietf.org
https://www.ietf.org/mailman/listinfo/apps-discuss


_______________________________________________
Apps-Discuss mailing list
Apps-Discuss <at> ietf.org
https://www.ietf.org/mailman/listinfo/apps-discuss
Permalink | Reply | 1 comment |
headers
Leif Johansson | 13 Aug 22:41
Picon
Gravatar

Re: Feasibility research request: POP3 and IMAP4 extension to send mail

On Thursday 13 August 2009 15.49.01 Ravi shankar wrote:
> Hi Al,
>
> Much appreciate your reply. I have been doing this feasibility study to
> see how blocking port25 from client computers would affect botnets and
> their dynamics.
>

Given that botnets seem to use twitter now the answer is probably "not
much". ISPs do block port 25 which is why SMTP submission with SMTP
aiuth on port 587 is a good solution which both exists and is widely deployed 
afaik.

	Cheers Leif
Permalink | Reply | 0 comments |
headers
Ravi shankar | 13 Aug 23:29
Picon

Re: Feasibility research request: POP3 and IMAP4 extension to send mail

Leif,
 
Actually botnets spread on the end-user computers and they inturn are used for spreading spam mails.
 
Spammers still use IRC servers as C & C servers and spread the payload or commands to the bot malware.
 
If you can share any documents regarding port 25 blocking by ISPs would  be helpful for me in my work.
Regards,
Ravi
On Fri, Aug 14, 2009 at 1:50 AM, Leif Johansson <leifj <at> sunet.se> wrote:
On Thursday 13 August 2009 15.49.01 Ravi shankar wrote:
> Hi Al,
>
> Much appreciate your reply. I have been doing this feasibility study to
> see how blocking port25 from client computers would affect botnets and
> their dynamics.
>

Given that botnets seem to use twitter now the answer is probably "not
much". ISPs do block port 25 which is why SMTP submission with SMTP
aiuth on port 587 is a good solution which both exists and is widely deployed
afaik.

       Cheers Leif




_______________________________________________
Apps-Discuss mailing list
Apps-Discuss <at> ietf.org
https://www.ietf.org/mailman/listinfo/apps-discuss
Permalink | Reply | 1 comment |

Gmane