Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
4159 posts

Uber Geek

Trusted

  # 1378097 2-Sep-2015 10:22
One person supports this post
Send private message

Not really... There are plans people can still be on today that qualify for a free static IP, but they haven't applied for their free one yet... I'm confident however we word it someone would be confused.

Cheers _ N





--

 

Please note all comments are the product of my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.


17348 posts

Uber Geek

Trusted

  # 1378112 2-Sep-2015 11:08
One person supports this post
Send private message

Yep, see that. Include is the wrong word, point taken


 

Static IP's are available on all Spark Broadband Plans. Some even include a free Static IP!

 

Important to Note: Static IP's are not automatically assigned when moving onto a plan that includes a free Static IP. If you need a Static IP, just fill in the online form. You can request a Static IP at anytime.

 
 
 
 


18 posts

Geek


  # 1378444 2-Sep-2015 17:37

I recently transferred over to unlimited. Speeds are just as they were before. You may like to check my thread below.

http://www.geekzone.co.nz/forums.asp?forumid=39&topicid=177495

1378 posts

Uber Geek

Subscriber

  # 1395763 28-Sep-2015 13:59
Send private message

kawaii: The answer is no - this has been asked many times and answered many times before.


Hi,

I assume port blocking isn't included in your definition of traffic shaping?

URL to reference:
 http://www.spark.co.nz/help/internet-email/plans-services/port-25.html

It states:

 

What is Port 25 unblocking and what customers will be unsuitable due to this limitation?

 

Customers who run their own email service will need Port 25 to be unblocked. Customers who use Xtra email or POP email (e.g. gmail) or a hosted email service (e.g. Spark business mail, Office 365) are not affected by this limitation.

 

  • Port 25 is typically used by customers who send mail from their own email server
  • Spark (Xtra) routinely block Port 25 in line with best international practice as a control against spamming

And as we have regularly had to go through the mammoth task of requesting, and re-requesting port blocking removal - it is fair to say, the information is correct. Our traffic is shaped.

Also we have had multiple clients with issues contacting third party smtp  / mail servers. The only commonality is they are all on Spark.  we put them on 3G connection via another provider and the problem instantly went away. back to spark, issue is back again. They ar edoing some level of filtering somewhere.






nunz

8763 posts

Uber Geek

Lifetime subscriber

  # 1395767 28-Sep-2015 14:04
6 people support this post
Send private message

i call it security

152 posts

Master Geek


  # 1395807 28-Sep-2015 14:44
2 people support this post
Send private message

nunz:
I assume port blocking isn't included in your definition of traffic shaping?


It shouldn't be included in anyone's definition of traffic shaping.

22344 posts

Uber Geek

Trusted
Subscriber

  # 1395809 28-Sep-2015 14:46
Send private message

I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.




Richard rich.ms

 
 
 
 


2785 posts

Uber Geek

Trusted
Lifetime subscriber

  # 1395904 28-Sep-2015 17:04
Send private message

richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.





1448 posts

Uber Geek

Subscriber

  # 1395916 28-Sep-2015 17:26
Send private message

BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?




Laptop: MacBook Pro (15-inch, 2017)
Desktop: iMac (27-inch, 2017)
Smartphone: iPhone XS Max 256GB 'Space Grey'
Additional devices: Unifi Security Gateway, Unifi Switch, Unifi AP AC HD, Unifi Cloud Key, Apple Watch 4 44mm
Services: YouTube Premium, Wordpress, Skinny Mobile and Broadband

 


1378 posts

Uber Geek

Subscriber

  # 1395938 28-Sep-2015 18:04
Send private message

kawaii:
BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?



Port 25 is still the official port for INCOMING traffic - from there is it either moved onto a TLS type connection or left insecure.

That is different to an internal client ( a domain user for example) having their mail client attach to a port to send OUT GOING email. These are (now) normally 465 / 587 or another port of choice






nunz

1378 posts

Uber Geek

Subscriber

  # 1395950 28-Sep-2015 18:09
Send private message

slingynz:
nunz:
I assume port blocking isn't included in your definition of traffic shaping?


It shouldn't be included in anyone's definition of traffic shaping.


Disagree - we block (DROP) all Peer to Peer file sharing traffic as well as MS Media Server, Bonjour server, most UPNP and a range of other traffic for the purposes of preserving bandwidth.

The subtle difference between that that (shaping by dropping) and Xtra dropping port 25 is one is to police for security purposes, the other is to allow traffic to flow. If I was to get into semantics, my dropping isn't shaping either, just another form of policing. To make it shaping I would just reduce bandwidth for those protocols to 0.01kbps and let them die of natural causes (or frustration).  you say tomato, I say ToMATEo  - both end up doing the same thing.

I guess shaping is defined as allowing traffic to flow, rather than outright banning it.








nunz

17348 posts

Uber Geek

Trusted

  # 1396065 28-Sep-2015 20:30
Send private message

kawaii:
BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?


There are some NZ ISP's that don't offer SSL, only Port 25
There are old AND new MFC devices that do scan to email, and they don't support SSL
As has been said by Mr Steve many times when this pops up, SSL is 15 years old, its secure, why use Port 25.

22344 posts

Uber Geek

Trusted
Subscriber

  # 1396113 28-Sep-2015 21:17
One person supports this post
Send private message

Isp not offering port 25 - negligent at best. Misleading if they claim anything about being secure 80 their advertising materials.

MFC without SSL. If sold as supporting Internet email access then not fit for purpose under CGA. Clearly designed to only communicate with an on-lan mail server.

Person running a mail server on an Internet connection without port 25 available - buying an unsuitable Internet connection. If they must run their own mail server should buy connections to support it.




Richard rich.ms

1 | 2 
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Intel expands 10th Gen Intel Core Mobile processor family
Posted 23-Aug-2019 10:22


Digital innovation drives new investment provider
Posted 23-Aug-2019 08:29


Catalyst Cloud becomes a Kubernetes Certified Service Provider (KCSP)
Posted 23-Aug-2019 08:21


New AI legaltech product launched in New Zealand
Posted 21-Aug-2019 17:01


Yubico launches first Lightning-compatible security key, the YubiKey 5Ci
Posted 21-Aug-2019 16:46


Disney+ streaming service confirmed launch in New Zealand
Posted 20-Aug-2019 09:29


Industry plan could create a billion dollar interactive games sector
Posted 19-Aug-2019 20:41


Personal cyber insurance a New Zealand first
Posted 19-Aug-2019 20:26


University of Waikato launches space for esports
Posted 19-Aug-2019 20:20


D-Link ANZ expands mydlink ecosystem with new mydlink Mini Wi-Fi Smart Plug
Posted 19-Aug-2019 20:14


Kiwi workers still falling victim to old cyber tricks
Posted 12-Aug-2019 20:47


Lightning Lab GovTech launches 2019 programme
Posted 12-Aug-2019 20:41


Epson launches portable laser projector
Posted 12-Aug-2019 20:27


Huawei launches new distributed HarmonyOS
Posted 12-Aug-2019 20:20


Lenovo introduces single-socket servers for edge and data-intensive workloads
Posted 9-Aug-2019 21:26



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.