Sprint overcharged my small (US) company for over $50,000.00. We caught them doing it and now they refuse to refund the over-payments. You can read the full story at http://www.sprint-really-sucks.com/
I also wrote an open letter to Dan Hesse the Chairman and CEO of Sprint Nextel. It is a good read so please consider reading the letter.
http://www.sprint-really-sucks.com/open-letter-dan-hesse.aspx
I have never heard of of an ISP charging to add a simple reverse DNS PTR record for an IP, it takes like 1/2 second to add one to a DNS record. If they have assigned you a static IP address you should be able to get the reverse record added for nothing as it is just a DNS update.
I have long suspecting shill bidding going on at eBay. I have purchased college football tickets there in the past and near the end a new user (only a day or so old) comes in and ups the bidding. I still got the tickets at good prices but a bit more than i really wanted to spend, they tickets were indded what I was expecting. Still shill bidding happens all the time, and if you think about it, shill bidding is to eBay's advantage as they make more on the auction is the end of auction price is higher. And of course many believe all the tripe eBay posts about not allowing shill bidding. eBay is full of it, they are only interested in the profit margin not the users.
with SMTP, it depends on the mail server software and what you set it up to do, most modern mail software you can set options on incoming (SMTP) and outgoing (POP) mail. For instance we use Alt-N Mdaemon mail server software and it has several excellent options you can set on SMTP connection, one of which is to drop SMTP connections with no reverse record. Nearly all legitimate mail server (probably 99.9% of them) have reverse DNS PTR records, because without them mail would fail a good bit without a reverse look-up, as would other services like WWW services. I will have to give credit to most large ISP's, that they do not create reverse PTR for dynamic IP ranges like dial-up, DSL, etc., which is a good thing as most end users (read home users) do not have services running that require reverse DNS. Also creating reverse DNS for every single IP on a network would be an arduous job, so it is a good practice to only assign reverse for IP's that actually have services that rely on reverse DNS. I would consider a networks admin to think that only having reverse DNS setup for IP that had legitimate services to be a "Best Practice" and also a time saver for DNS administrators.
sending a syn packet to port 25 only verifies that a service is indeed running on that port, it won't tell you if it is a legitimate mail server or other SMTP service. While of course a reverse DNS record doesn't tell you either it does reduce the amount of SMTP connections from non legitimate sources. SPF records can help along with reverse DNS to weed out BotNet and Trojaned PC traffic as well as spammer operations as they rarely have reverse DNS records either, due to the fact that they move around so much trying to avoid blocking via RBL's and the like.
The whole point is to limit reverse DNS PTR records to only IP address (i.e.: servers, gateways, routers, etc.) that have legitimate services running like: email, DNS, email, WWW, FTP, SQL, etc. End users and small business do not need (read: should not have) reverse DNS records unless they are running in-house services such as those mentioned above.
It definitely would make for a great block list for mail servers and security appliances. One simple thing email admins can do to stop BotNet traffic is to drop SMTP connections that do not have a reverse PTR DNS record, generally ISP's only assign reverse DNS to IP addresses that have services running on them (i.e.: email, web, ftp, etc.). Although I have seen quite a few IP's ordinating in Asia that have reverse DNS PTR. We drop traffic with no reverse dns and it stopped a huge number (about 85%) of dynamic IP's and end user IP connections without causing any problems for legitimate SMTP traffic. The flood became a trickle...
By default it is turned on, however it slows down page loads tremendously. As soon as I load IE the first time on a Vista Machine off goes the phishing filter. I don't recommend home users that are clueless to turn it off (they need all the help they can get). But for savvy Internet users that insist on using IE7 then my best recommendation to is turn it off. I guess it is a love it or hate it kind of thing.
The only good thing really about the phishing filter is the fact that Microsoft (finally) is attemtping to protect less than savvy Internet users.
Slashdot Mirror
Sprint overcharged my small (US) company for over $50,000.00. We caught them doing it and now they refuse to refund the over-payments. You can read the full story at http://www.sprint-really-sucks.com/ I also wrote an open letter to Dan Hesse the Chairman and CEO of Sprint Nextel. It is a good read so please consider reading the letter. http://www.sprint-really-sucks.com/open-letter-dan-hesse.aspx
I have never heard of of an ISP charging to add a simple reverse DNS PTR record for an IP, it takes like 1/2 second to add one to a DNS record. If they have assigned you a static IP address you should be able to get the reverse record added for nothing as it is just a DNS update.
Good idea, I do limit what I am going to spend on an item in advance and I never go past that amount, however your ideas has many merits.
I have long suspecting shill bidding going on at eBay. I have purchased college football tickets there in the past and near the end a new user (only a day or so old) comes in and ups the bidding. I still got the tickets at good prices but a bit more than i really wanted to spend, they tickets were indded what I was expecting. Still shill bidding happens all the time, and if you think about it, shill bidding is to eBay's advantage as they make more on the auction is the end of auction price is higher. And of course many believe all the tripe eBay posts about not allowing shill bidding. eBay is full of it, they are only interested in the profit margin not the users.
with SMTP, it depends on the mail server software and what you set it up to do, most modern mail software you can set options on incoming (SMTP) and outgoing (POP) mail. For instance we use Alt-N Mdaemon mail server software and it has several excellent options you can set on SMTP connection, one of which is to drop SMTP connections with no reverse record. Nearly all legitimate mail server (probably 99.9% of them) have reverse DNS PTR records, because without them mail would fail a good bit without a reverse look-up, as would other services like WWW services. I will have to give credit to most large ISP's, that they do not create reverse PTR for dynamic IP ranges like dial-up, DSL, etc., which is a good thing as most end users (read home users) do not have services running that require reverse DNS. Also creating reverse DNS for every single IP on a network would be an arduous job, so it is a good practice to only assign reverse for IP's that actually have services that rely on reverse DNS. I would consider a networks admin to think that only having reverse DNS setup for IP that had legitimate services to be a "Best Practice" and also a time saver for DNS administrators.
sending a syn packet to port 25 only verifies that a service is indeed running on that port, it won't tell you if it is a legitimate mail server or other SMTP service. While of course a reverse DNS record doesn't tell you either it does reduce the amount of SMTP connections from non legitimate sources. SPF records can help along with reverse DNS to weed out BotNet and Trojaned PC traffic as well as spammer operations as they rarely have reverse DNS records either, due to the fact that they move around so much trying to avoid blocking via RBL's and the like.
The whole point is to limit reverse DNS PTR records to only IP address (i.e.: servers, gateways, routers, etc.) that have legitimate services running like: email, DNS, email, WWW, FTP, SQL, etc. End users and small business do not need (read: should not have) reverse DNS records unless they are running in-house services such as those mentioned above.
It definitely would make for a great block list for mail servers and security appliances. One simple thing email admins can do to stop BotNet traffic is to drop SMTP connections that do not have a reverse PTR DNS record, generally ISP's only assign reverse DNS to IP addresses that have services running on them (i.e.: email, web, ftp, etc.). Although I have seen quite a few IP's ordinating in Asia that have reverse DNS PTR. We drop traffic with no reverse dns and it stopped a huge number (about 85%) of dynamic IP's and end user IP connections without causing any problems for legitimate SMTP traffic. The flood became a trickle...
By default it is turned on, however it slows down page loads tremendously. As soon as I load IE the first time on a Vista Machine off goes the phishing filter. I don't recommend home users that are clueless to turn it off (they need all the help they can get). But for savvy Internet users that insist on using IE7 then my best recommendation to is turn it off. I guess it is a love it or hate it kind of thing. The only good thing really about the phishing filter is the fact that Microsoft (finally) is attemtping to protect less than savvy Internet users.