Re: Remote email access
Hence there is no space-efficient way of noting an authority chain, other than entering every single IP address ever assigned, all in one big data base.
Alas, that ain't feasible.
I beg to differ. Essentially, the collective databases of the address registries are the data base that you describe. But...
At a minimum, it is essentially impossible to keep such a database up to date.
You may be right. The ARIN, RIPE and APNIC databases are filled with junk, lies, and inaccuracies. On the face of it this seems to prove that it is impossible to keep the data up to date. However, since there has never been any significant effort to ensure that the databases are accurate and up to date, this could change. If ARIN, RIPE and APNIC were to find some financial and political support, then I believe that they could provide a global authoritative database of all IP address ownership that was reasonably accurate and up to date. If this could be queried by a standard protocol such as LDAPv3 (Referral LDAP) then the distributed database could be queried in much the same way as the distributed DNS is. What would be the point? Well, if my MTA receives a connection on port 25 I could look up the source IP address in the LDAP directory to identify the owner. Since an LDAP directory can contain arbitrary information related to its entries, perhaps I could find out whether or not that source IP is registered as an SMTP server and also retrive the abuse email address of the organization who has registered this address. --Michael Dillon
On Wed, 05 Feb 2003 09:04:08 GMT, Michael.Dillon@radianz.com said:
What would be the point? Well, if my MTA receives a connection on port 25 I could look up the source IP address in the LDAP directory to identify the owner. Since an LDAP directory can contain arbitrary information related to its entries, perhaps I could find out whether or not that source IP is registered as an SMTP server and also retrive the abuse email address of the organization who has registered this address.
Somebody (Christian Huietma?) did a survey, and 30% of the sites don't even have working PTR entries in the DNS. Why should you expect enough buy-in on updating LDAP entries to make the query worth trying? www.rfc-ignorant.org has a very large database of sites that can't even get things like 'postmaster@' and 'abuse@' *email* addresses correct. So you end up penalizing sites that don't have a clue, while the clued spammers will do this: % ldap add abuse_contact mailbox="abuse@whatever.foo" % cat > ~abuse/.forward /dev/null ^D What have you won? -- Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
If ARIN, RIPE and APNIC were to find some financial and political support, then I believe that they could provide a global authoritative database of ARIN has no lack of financial resources. From my perspective, the only
On Wed, 2003-02-05 at 04:04, Michael.Dillon@radianz.com wrote: thing the ARIN lacks is respect for the wishes and needs of its members. -- Jeff S Wheeler <jsw@five-elements.com>
Michael, Wednesday, February 5, 2003, 1:04:08 AM, you wrote: MDrc> What would be the point? Well, if my MTA receives a connection on port 25 MDrc> I could look up the source IP address in the LDAP directory to identify MDrc> the owner. Since an LDAP directory can contain arbitrary information MDrc> related to its entries, perhaps I could find out whether or not that MDrc> source IP is registered as an SMTP server and also retrive the abuse email MDrc> address of the organization who has registered this address. Other folks have responded to the financial, operations and "political" issues. I'll offer some technical concerns: 1. LDAP has been around a long time and has shown no large-scale (millions of users), cross-Internet, cross-administration utility yet. Hence, making a design that has any near-term reliance on its large-scale deployment is extremely risky. 2. We know that DNS performance is acceptable for real-time use in this type of scenario, but we do not know that LDAP performance is. Slow servers have been an issue with cross-net email performance for many years. ESMTP was designed quite carefully to avoid adding even an extra round-trip to the session, for just this reason. Hence, the potential impact of a cross-net LDAP query are very, very risky. Please note the reference to "near-term". I started this thread because there is an immediate user problem. I am looking for the simplest, safest, quickest way to resolve it. That means using existing standards and deployed solutions, rather than designing new ones. That is, the task needs to be one of reducing choice, not adding to it. That is why I suggested the vehicle of a BCP, rather than a new IETF working group. d/ -- Dave <mailto:dcrocker@brandenburg.com> Brandenburg InternetWorking <http://www.brandenburg.com> t +1.408.246.8253; f +1.408.850.1850
Folks: in working on a project it has come to my attention that WorldCom doesn't seem to have a DWDM network to speak of, and reportedly has spotty DWDM coverage only in metro areas, a fact well hidden from company's marketing literature that seems to avoid talking about speeds above oc-3. Two questions -- can anyone verify/offer more insights/point to better resources on WorldCom's DWDM startegy? And -- as the rumor mill seems to suggest -- is it indeed true that despite obvious network economics SONET-based OC-12 and OC-48 circuits are indeed enjoying lower street prices than DWDM oc-12/48 circuits? Any thoughts as to why this info is indeed correct? Max
--- Max's Lists <lists@smetannikov.net> wrote: it has come to my
attention that WorldCom doesn't seem to have a DWDM network to speak of, and reportedly has spotty DWDM coverage only in metro areas, a fact well hidden from company's marketing literature that seems to avoid talking about speeds above oc-3.
Your impression is pretty much correct. WorldCom bought/obtained a large quantity of fiber before DWDM capability was widely available, and has not spent very much money on CapEX in the past couple of years. Their current focus seems to be trying to maximize the usage of their existing infrastructure.
Two questions -- can anyone verify/offer more insights/point to better resources on WorldCom's DWDM startegy?
And -- as the rumor mill seems to suggest -- is it indeed true that despite obvious network economics SONET-based OC-12 and OC-48 circuits are indeed enjoying lower street prices than DWDM oc-12/48 circuits? Any thoughts as to why this info is indeed correct?
This is also true, because a large number of providers are in a similar place to WorldCom - i.e. overprovisioned SONET gear, and don't want to upgrade to a DWDM-based system until their SONET cicuits absolutely need it. It shouldn't be all that surprising - where you'll really see a lot of DWDM is those providers who had loaded up on dark fiber, and are now starting to light them. -David Barak fully RFC 1925 compliant __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
thanks all for your input. on closer examination I found that the only two countries in Europe where WorldCom seems to sell wavelength services retail are Belgium and Luxemburg. There is some talk about selling DWDM wholesale in Spain, but I am afraid this is just boilerplate language. if anyone knows anything about how to figure out DWDM prices in those two countires ... i would be greatly appreciative ----- Original Message ----- From: "David Barak" <thegameiam@yahoo.com> To: "Max's Lists" <lists@smetannikov.net>; <nanog@merit.edu> Sent: Thursday, February 06, 2003 6:18 PM Subject: Re: WorldCom's DWDM capabilities/OC12 SONET vs DWDM
--- Max's Lists <lists@smetannikov.net> wrote: it has come to my
attention that WorldCom doesn't seem to have a DWDM network to speak of, and reportedly has spotty DWDM coverage only in metro areas, a fact well hidden from company's marketing literature that seems to avoid talking about speeds above oc-3.
Your impression is pretty much correct. WorldCom bought/obtained a large quantity of fiber before DWDM capability was widely available, and has not spent very much money on CapEX in the past couple of years. Their current focus seems to be trying to maximize the usage of their existing infrastructure.
Two questions -- can anyone verify/offer more insights/point to better resources on WorldCom's DWDM startegy?
And -- as the rumor mill seems to suggest -- is it indeed true that despite obvious network economics SONET-based OC-12 and OC-48 circuits are indeed enjoying lower street prices than DWDM oc-12/48 circuits? Any thoughts as to why this info is indeed correct?
This is also true, because a large number of providers are in a similar place to WorldCom - i.e. overprovisioned SONET gear, and don't want to upgrade to a DWDM-based system until their SONET cicuits absolutely need it. It shouldn't be all that surprising - where you'll really see a lot of DWDM is those providers who had loaded up on dark fiber, and are now starting to light them.
-David Barak fully RFC 1925 compliant
__________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
Hi, On Thursday 27 February 2003 18:16, Max's Lists wrote:
thanks all for your input.
on closer examination I found that the only two countries in Europe where WorldCom seems to sell wavelength services retail are Belgium and Luxemburg. There is some talk about selling DWDM wholesale in Spain, but I am afraid this is just boilerplate language.
WorldCom don't sell DWDM in Spain. They use capacity from other well know provideers.
if anyone knows anything about how to figure out DWDM prices in those two countires ... i would be greatly appreciative
If you need something in Spain mailme off list. Regards, Daniel
participants (7)
-
Daniel Concepcion -
Dave Crocker -
David Barak -
Jeff S Wheeler -
Max's Lists -
Michael.Dillon@radianz.com -
Valdis.Kletnieks@vt.edu