Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsSpark New Zealand (including Skinny and BigPipe)Throttling/shaping on Spark still a thing?
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
Talkiet
4819 posts

Uber Geek
+1 received by user: 3934

Trusted

  #1378097 2-Sep-2015 10:22
Send private message

Not really... There are plans people can still be on today that qualify for a free static IP, but they haven't applied for their free one yet... I'm confident however we word it someone would be confused.

Cheers _ N




Please note all comments are from my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.



tdgeek
30048 posts

Uber Geek
+1 received by user: 9455

Trusted
Lifetime subscriber

  #1378112 2-Sep-2015 11:08
Send private message

Yep, see that. Include is the wrong word, point taken


 

Static IP's are available on all Spark Broadband Plans. Some even include a free Static IP!

 

Important to Note: Static IP's are not automatically assigned when moving onto a plan that includes a free Static IP. If you need a Static IP, just fill in the online form. You can request a Static IP at anytime.

BrutusNZ
22 posts

Geek


  #1378444 2-Sep-2015 17:37

I recently transferred over to unlimited. Speeds are just as they were before. You may like to check my thread below.

http://www.geekzone.co.nz/forums.asp?forumid=39&topicid=177495



nunz
1421 posts

Uber Geek
+1 received by user: 314
Inactive user


  #1395763 28-Sep-2015 13:59
Send private message

kawaii: The answer is no - this has been asked many times and answered many times before.


Hi,

I assume port blocking isn't included in your definition of traffic shaping?

URL to reference:
 http://www.spark.co.nz/help/internet-email/plans-services/port-25.html

It states:

 

What is Port 25 unblocking and what customers will be unsuitable due to this limitation?

 

Customers who run their own email service will need Port 25 to be unblocked. Customers who use Xtra email or POP email (e.g. gmail) or a hosted email service (e.g. Spark business mail, Office 365) are not affected by this limitation.

 

  • Port 25 is typically used by customers who send mail from their own email server
  • Spark (Xtra) routinely block Port 25 in line with best international practice as a control against spamming

And as we have regularly had to go through the mammoth task of requesting, and re-requesting port blocking removal - it is fair to say, the information is correct. Our traffic is shaped.

Also we have had multiple clients with issues contacting third party smtp  / mail servers. The only commonality is they are all on Spark.  we put them on 3G connection via another provider and the problem instantly went away. back to spark, issue is back again. They ar edoing some level of filtering somewhere.

Jase2985
13735 posts

Uber Geek
+1 received by user: 6216

ID Verified
Lifetime subscriber

  #1395767 28-Sep-2015 14:04
Send private message

i call it security

slingynz
154 posts

Master Geek
+1 received by user: 53


  #1395807 28-Sep-2015 14:44
Send private message

nunz:
I assume port blocking isn't included in your definition of traffic shaping?


It shouldn't be included in anyone's definition of traffic shaping.

 
 
 
 

Shop now for Dell laptops and other devices (affiliate link).
richms
29104 posts

Uber Geek
+1 received by user: 10222

Trusted
Lifetime subscriber

  #1395809 28-Sep-2015 14:46
Send private message

I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.




Richard rich.ms

BarTender
3629 posts

Uber Geek
+1 received by user: 2572

ID Verified
Trusted
Lifetime subscriber

  #1395904 28-Sep-2015 17:04
Send private message

richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.

matisyahu
1641 posts

Uber Geek
+1 received by user: 355

Trusted

  #1395916 28-Sep-2015 17:26
Send private message

BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?




"When the people are being beaten with a stick, they are not much happier if it is called 'the People's Stick'"

nunz
1421 posts

Uber Geek
+1 received by user: 314
Inactive user


  #1395938 28-Sep-2015 18:04
Send private message

kawaii:
BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?



Port 25 is still the official port for INCOMING traffic - from there is it either moved onto a TLS type connection or left insecure.

That is different to an internal client ( a domain user for example) having their mail client attach to a port to send OUT GOING email. These are (now) normally 465 / 587 or another port of choice

nunz
1421 posts

Uber Geek
+1 received by user: 314
Inactive user


  #1395950 28-Sep-2015 18:09
Send private message

slingynz:
nunz:
I assume port blocking isn't included in your definition of traffic shaping?


It shouldn't be included in anyone's definition of traffic shaping.


Disagree - we block (DROP) all Peer to Peer file sharing traffic as well as MS Media Server, Bonjour server, most UPNP and a range of other traffic for the purposes of preserving bandwidth.

The subtle difference between that that (shaping by dropping) and Xtra dropping port 25 is one is to police for security purposes, the other is to allow traffic to flow. If I was to get into semantics, my dropping isn't shaping either, just another form of policing. To make it shaping I would just reduce bandwidth for those protocols to 0.01kbps and let them die of natural causes (or frustration).  you say tomato, I say ToMATEo  - both end up doing the same thing.

I guess shaping is defined as allowing traffic to flow, rather than outright banning it.

 
 
 
 

Want to support Geekzone and browse the site without the ads? Subscribe to Geekzone now (monthly, annual and lifetime options).
tdgeek
30048 posts

Uber Geek
+1 received by user: 9455

Trusted
Lifetime subscriber

  #1396065 28-Sep-2015 20:30
Send private message

kawaii:
BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?


There are some NZ ISP's that don't offer SSL, only Port 25
There are old AND new MFC devices that do scan to email, and they don't support SSL
As has been said by Mr Steve many times when this pops up, SSL is 15 years old, its secure, why use Port 25.

richms
29104 posts

Uber Geek
+1 received by user: 10222

Trusted
Lifetime subscriber

  #1396113 28-Sep-2015 21:17
Send private message

Isp not offering port 25 - negligent at best. Misleading if they claim anything about being secure 80 their advertising materials.

MFC without SSL. If sold as supporting Internet email access then not fit for purpose under CGA. Clearly designed to only communicate with an on-lan mail server.

Person running a mail server on an Internet connection without port 25 available - buying an unsuitable Internet connection. If they must run their own mail server should buy connections to support it.




Richard rich.ms

1 | 2 
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright