Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


View this topic in a long page with up to 500 replies per page Create new topic
1 | ... | 5 | 6 | 7 | 8 | 9 | 10 | 11
Affiliate link
 
 
 

Affiliate link: NordVPN allows you to securely access the Internet, encrypt your connection and keep your browsing history private.
mattwnz
18651 posts

Uber Geek


  #983300 10-Feb-2014 13:41
Send private message

freitasm: Just received:


An additional encryption setting called ‘Secure Sockets Layer’ (or ‘SSL’), will soon be the new standard default connection for all Yahoo Xtra mail accounts and Telecom will be assisting users who access the service via a ‘third party’ email client, such as Microsoft Outlook for PCs or Android for mobiles, to update their settings.



I don't see how that is going to solve this particular problem, as those email addresses are already out in the wild. Also weren't they hacked last year from the webmail platform? And that had nothing to do with people outlook connection. I know that my address was hacked, and I only ever used webmail for my xtra yahoo address/ SSL has been around for donkeys years, and has been the standard with most providers for years.  They really need  to use SPF.I guess they have to be seen to be doing something.

Glassboy
848 posts

Ultimate Geek

ID Verified
Trusted

  #983336 10-Feb-2014 14:26
Send private message

So they're saying the solution to the Yahoo problem is to implement a 20yo protocol that has had serious known vulnerabilities for most of its life?

Spong
905 posts

Ultimate Geek

Trusted

  #983528 10-Feb-2014 18:20
Send private message

Most, but not all XTRA customers using email clients have been using POP/SSL Port 995 and SMTP/SSL Port 465 for ages.

These users, and even those still using insecure ports POP/110 and SMTP/25 who don't use webmail at all, will not have had any addresses in their webmail address books.

How on earth do Telecom think these people are more at risk than those users of Yahoo Webmail who have unknowingly provided a wealth of email addresses from their hacked webmail address book?

Telecom or their Spin Doctors  seem to be missing the point altogether.....




Tivo upgrades to operate with the new OzTivo EPG, support and service. Over 400 performed here so far. See: www.hillcrest.net.nz




  #983888 11-Feb-2014 09:33
Send private message

Another round this morning I see. Noticed that several of them are definitely addresses I've seen before. I guess we are just going to have to get used to this...

DigiDog
51 posts

Master Geek


  #983893 11-Feb-2014 10:11
Send private message

Five so far today and counting. Maybe someone from Telecom could explain why they refuse to implement SPF?

plambrechtsen
1948 posts

Uber Geek
Inactive user


  #983990 11-Feb-2014 12:07
Send private message

Just a heads up on the SSL change folks.

This is related to Telecom's desire to shutdown smtp.xtra.co.nz which has a cleartext SMTP port 25 that Telecom customers can use to send outbound SMTP email.

Telecom are going and proactively engaging customers saying we are switching off the cleartext port and moving to pure SSL only through an authenticated connection.

This has nothing to do with a SPF or DKIM or further spam protection on the xtra.co.nz domain. Those are being investigated but I can't comment further on that.

richms
25155 posts

Uber Geek

Trusted
Subscriber

  #983994 11-Feb-2014 12:08
Send private message

Good job shutting that old server down. IMO offering clear text authenticated services is negligent




Richard rich.ms



Spong
905 posts

Ultimate Geek

Trusted

  #984011 11-Feb-2014 12:39
Send private message

plambrechtsen: Just a heads up on the SSL change folks.

This is related to Telecom's desire to shutdown smtp.xtra.co.nz which has a cleartext SMTP port 25 that Telecom customers can use to send outbound SMTP email.

Telecom are going and proactively engaging customers saying we are switching off the cleartext port and moving to pure SSL only through an authenticated connection.

This has nothing to do with a SPF or DKIM or further spam protection on the xtra.co.nz domain. Those are being investigated but I can't comment further on that.



Good idea, but I do know a lot of Telecom broadband customers who rely on smtp.xtra.co.nz to send email out from their "non-xtra" accounts. Those people will need to authorise those accounts by adding them to their Yahoo/Xtra accounts before they can use send.xtra.co.nz SSL/465, a process that Joe Public often has difficulty with.

Maybe Telecom could simplify this process.





Tivo upgrades to operate with the new OzTivo EPG, support and service. Over 400 performed here so far. See: www.hillcrest.net.nz


richms
25155 posts

Uber Geek

Trusted
Subscriber

  #984012 11-Feb-2014 12:41
Send private message

No those people should be using their mail providers servers for sending out not telecom or yahoos server.




Richard rich.ms

Allanhall
47 posts

Geek


  #984027 11-Feb-2014 12:51
Send private message

richms: No those people should be using their mail providers servers for sending out not telecom or yahoos server.


If we are paying for Telecom as an ISP we are should be allowed to use this service. They are already blocking a range of ports that our host uses for SMTP.  Which is why we do use  SMTP.xtra.co.nz on a range of our machines. 

This is painful news to me.  

 Good idea, but I do know a lot of Telecom broadband customers who rely on smtp.xtra.co.nz to send email out from their "non-xtra" accounts. Those people will need to authorise those accounts by adding them to their Yahoo/Xtra accounts before they can use send.xtra.co.nz SSL/465, a process that Joe Public often has difficulty with.


Sorry I think that this is not a good idea.  I NEVER use my  Yahoo/Xtra accounts  now we have to login to this unsecure accounts and actually use them. 

Can anybody from Telecom clarify this? I was about to sign up to a 2 year VDSL contract and if SMTP is not longer a service without jumping through hoops. 

Ok I can see I am going to get fried for this post.

richms
25155 posts

Uber Geek

Trusted
Subscriber

  #984032 11-Feb-2014 12:55
Send private message

You are paying for the use of an xtra.co.nz email address not for a smtp relay service. A proper smtp relay service is something you should source elsewhere if your mail provider is too inept to allow ssl authenticated smtp on an alternate port.

People using is smtp servers for non is addresses is the source of most false positives in spam filters IME. Sooner this is stopped the better.




Richard rich.ms

Spong
905 posts

Ultimate Geek

Trusted

  #984036 11-Feb-2014 12:59
Send private message

richms: No those people should be using their mail providers servers for sending out not telecom or yahoos server.


The problem is that if you have say a Vodafone email address, or one of many that don't allow access to their smtp server from outside their network, because they don't support SSL or authentication, you're pretty well stuffed. That's why many of Telecom's customers use smtp.xtra.co.nz because at least when you're on their network, mail will go out, or at least until this latest announcement. It will piss a lot of people off for sure. 




Tivo upgrades to operate with the new OzTivo EPG, support and service. Over 400 performed here so far. See: www.hillcrest.net.nz


Allanhall
47 posts

Geek


  #984040 11-Feb-2014 13:03
Send private message

richms: if your mail provider is too inept to allow ssl authenticated smtp on an alternate port.


It's when that port gets block with zero prior notice that frustrates me. We host websites with 10 different companies for various reasons and this creates a HUGE  admin headache. 

Its just easier to move to another ISP that offers SMTP services for me.  Can someone at Telecom Clarify when this is coming into effect so I can be moved before the fact. ?

Thanks.

 Spong It will piss a lot of people off for sure. 
  Yes you can take that to the bank.  Me for one. 

richms
25155 posts

Uber Geek

Trusted
Subscriber

  #984044 11-Feb-2014 13:04
Send private message

They should direct their anger at vodafone for that. Allowing unencrypted mail from outside their network is stupid. Look at that thing the banking ombudsman said about someone's mail being "hacked" on a free wifi connection. couldn't have come at a better time for telecom to discontinue offering insecure mail IMO.




Richard rich.ms

Lazarui
136 posts

Master Geek


  #984119 11-Feb-2014 14:09
Send private message

Allanhall:
richms: No those people should be using their mail providers servers for sending out not telecom or yahoos server.


If we are paying for Telecom as an ISP we are should be allowed to use this service. They are already blocking a range of ports that our host uses for SMTP.  Which is why we do use  SMTP.xtra.co.nz on a range of our machines. 

This is painful news to me.  

 Good idea, but I do know a lot of Telecom broadband customers who rely on smtp.xtra.co.nz to send email out from their "non-xtra" accounts. Those people will need to authorise those accounts by adding them to their Yahoo/Xtra accounts before they can use send.xtra.co.nz SSL/465, a process that Joe Public often has difficulty with.


Sorry I think that this is not a good idea.  I NEVER use my  Yahoo/Xtra accounts  now we have to login to this unsecure accounts and actually use them. 

Can anybody from Telecom clarify this? I was about to sign up to a 2 year VDSL contract and if SMTP is not longer a service without jumping through hoops. 

Ok I can see I am going to get fried for this post.
The only port telecom block is port 25, and you can request for this to be unblocked if you wish, it's about a if you have a legitimate use for having port 25 unblocked they'll do it, heres a link: http://help.telecom.co.nz/app/answers/detail/a_id/1218 port 25 filtering is normal accross most ISP's nothing unusual here its a network protection issue, otherwise the ISP gets blocks of IP's on RBL's all over the place.

**edit removal of rubish

1 | ... | 5 | 6 | 7 | 8 | 9 | 10 | 11
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

D-Link G415 4G Smart Router Review
Posted 27-Jun-2022 17:24


New Zealand Video Game Sales Reaches $540 Million
Posted 26-Jun-2022 14:49


Github Copilot Generally Available to All Developers
Posted 26-Jun-2022 14:37


Logitech G Introduces the New Astro A10 Headset
Posted 26-Jun-2022 14:20


Fitbit introduces Sleep Profiles
Posted 26-Jun-2022 14:11


Synology Introduces FlashStation FS3410
Posted 26-Jun-2022 14:04


Intel Arc A380 Graphics First Available in China
Posted 15-Jun-2022 17:08


JBL Introduces PartyBox Encore Essential Speaker
Posted 15-Jun-2022 17:05


New TVNZ+ streaming brand launches
Posted 13-Jun-2022 08:35


Chromecast With Google TV Review
Posted 10-Jun-2022 17:10


Xbox Gaming on Your Samsung Smart TV No Console Required
Posted 10-Jun-2022 00:01


Xbox Cloud Gaming Now Available in New Zealand
Posted 10-Jun-2022 00:01


HP Envy Inspire 7900e Review
Posted 9-Jun-2022 20:31


Philips Hue Starter Kit Review
Posted 4-Jun-2022 11:10


Sony Expands Its Wireless Speaker X-series Range
Posted 4-Jun-2022 10:25









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.