Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
4183 posts

Uber Geek

Trusted

  # 1378097 2-Sep-2015 10:22
One person supports this post
Send private message

Not really... There are plans people can still be on today that qualify for a free static IP, but they haven't applied for their free one yet... I'm confident however we word it someone would be confused.

Cheers _ N





--

 

Please note all comments are the product of my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.


17655 posts

Uber Geek

Trusted

  # 1378112 2-Sep-2015 11:08
One person supports this post
Send private message

Yep, see that. Include is the wrong word, point taken


 

Static IP's are available on all Spark Broadband Plans. Some even include a free Static IP!

 

Important to Note: Static IP's are not automatically assigned when moving onto a plan that includes a free Static IP. If you need a Static IP, just fill in the online form. You can request a Static IP at anytime.

 
 
 
 


18 posts

Geek


  # 1378444 2-Sep-2015 17:37

I recently transferred over to unlimited. Speeds are just as they were before. You may like to check my thread below.

http://www.geekzone.co.nz/forums.asp?forumid=39&topicid=177495

1381 posts

Uber Geek

Subscriber

  # 1395763 28-Sep-2015 13:59
Send private message

kawaii: The answer is no - this has been asked many times and answered many times before.


Hi,

I assume port blocking isn't included in your definition of traffic shaping?

URL to reference:
 http://www.spark.co.nz/help/internet-email/plans-services/port-25.html

It states:

 

What is Port 25 unblocking and what customers will be unsuitable due to this limitation?

 

Customers who run their own email service will need Port 25 to be unblocked. Customers who use Xtra email or POP email (e.g. gmail) or a hosted email service (e.g. Spark business mail, Office 365) are not affected by this limitation.

 

  • Port 25 is typically used by customers who send mail from their own email server
  • Spark (Xtra) routinely block Port 25 in line with best international practice as a control against spamming

And as we have regularly had to go through the mammoth task of requesting, and re-requesting port blocking removal - it is fair to say, the information is correct. Our traffic is shaped.

Also we have had multiple clients with issues contacting third party smtp  / mail servers. The only commonality is they are all on Spark.  we put them on 3G connection via another provider and the problem instantly went away. back to spark, issue is back again. They ar edoing some level of filtering somewhere.






nunz

8818 posts

Uber Geek

Lifetime subscriber

  # 1395767 28-Sep-2015 14:04
6 people support this post
Send private message

i call it security

152 posts

Master Geek


  # 1395807 28-Sep-2015 14:44
2 people support this post
Send private message

nunz:
I assume port blocking isn't included in your definition of traffic shaping?


It shouldn't be included in anyone's definition of traffic shaping.

22431 posts

Uber Geek

Trusted
Subscriber

  # 1395809 28-Sep-2015 14:46
Send private message

I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.




Richard rich.ms

 
 
 
 


2829 posts

Uber Geek

Trusted
Lifetime subscriber

  # 1395904 28-Sep-2015 17:04
Send private message

richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.





1455 posts

Uber Geek

Subscriber

  # 1395916 28-Sep-2015 17:26
Send private message

BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?




Laptop: MacBook Pro (15-inch, 2017)
Desktop: iMac (27-inch, 2017)
Smartphone: iPhone XS Max 256GB 'Space Grey'
Additional devices: Unifi Security Gateway, Unifi Switch, Unifi AP AC HD, Unifi Cloud Key, Apple Watch 4 44mm
Services: YouTube Premium, Wordpress, Skinny Mobile and Broadband

 


1381 posts

Uber Geek

Subscriber

  # 1395938 28-Sep-2015 18:04
Send private message

kawaii:
BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?



Port 25 is still the official port for INCOMING traffic - from there is it either moved onto a TLS type connection or left insecure.

That is different to an internal client ( a domain user for example) having their mail client attach to a port to send OUT GOING email. These are (now) normally 465 / 587 or another port of choice






nunz

1381 posts

Uber Geek

Subscriber

  # 1395950 28-Sep-2015 18:09
Send private message

slingynz:
nunz:
I assume port blocking isn't included in your definition of traffic shaping?


It shouldn't be included in anyone's definition of traffic shaping.


Disagree - we block (DROP) all Peer to Peer file sharing traffic as well as MS Media Server, Bonjour server, most UPNP and a range of other traffic for the purposes of preserving bandwidth.

The subtle difference between that that (shaping by dropping) and Xtra dropping port 25 is one is to police for security purposes, the other is to allow traffic to flow. If I was to get into semantics, my dropping isn't shaping either, just another form of policing. To make it shaping I would just reduce bandwidth for those protocols to 0.01kbps and let them die of natural causes (or frustration).  you say tomato, I say ToMATEo  - both end up doing the same thing.

I guess shaping is defined as allowing traffic to flow, rather than outright banning it.








nunz

17655 posts

Uber Geek

Trusted

  # 1396065 28-Sep-2015 20:30
Send private message

kawaii:
BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?


There are some NZ ISP's that don't offer SSL, only Port 25
There are old AND new MFC devices that do scan to email, and they don't support SSL
As has been said by Mr Steve many times when this pops up, SSL is 15 years old, its secure, why use Port 25.

22431 posts

Uber Geek

Trusted
Subscriber

  # 1396113 28-Sep-2015 21:17
One person supports this post
Send private message

Isp not offering port 25 - negligent at best. Misleading if they claim anything about being secure 80 their advertising materials.

MFC without SSL. If sold as supporting Internet email access then not fit for purpose under CGA. Clearly designed to only communicate with an on-lan mail server.

Person running a mail server on an Internet connection without port 25 available - buying an unsuitable Internet connection. If they must run their own mail server should buy connections to support it.




Richard rich.ms

1 | 2 
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Facebook Portal to land in New Zealand
Posted 19-Sep-2019 18:35


Amazon Studios announces New Zealand as location for its upcoming series based on The Lord of the Rings
Posted 18-Sep-2019 17:24


The Warehouse chooses Elasticsearch service
Posted 18-Sep-2019 13:55


Voyager upgrades core network to 100Gbit
Posted 18-Sep-2019 13:52


Streaming service Acorn TV launches in New Zealand with selection with British shows
Posted 18-Sep-2019 08:55


Bitcoin.com announces partnership with smartphone manufacturer HTC
Posted 16-Sep-2019 21:30


Finalists Announced for Microsoft NZ Partner Awards
Posted 16-Sep-2019 19:37


OPPO Showcases New CameraX Capabilities at Google Developer Days China 2019
Posted 15-Sep-2019 12:42


New Zealand PC Market returns to growth
Posted 15-Sep-2019 12:24


Home sensor charity director speaks about the preventable death which drives her to push for healthy homes
Posted 11-Sep-2019 08:46


Te ao Maori Minecraft world set to inspire Kiwi students
Posted 11-Sep-2019 08:43


Research reveals The Power of Games in New Zealand
Posted 11-Sep-2019 08:40


Ring Door View Cam now available in New Zealand
Posted 11-Sep-2019 08:38


Vodafone NZ to create X Squad
Posted 10-Sep-2019 10:25


Huawei nova 5T to be available 20th September
Posted 5-Sep-2019 11:55



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.