Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
3365 posts

Uber Geek
+1 received by user: 1783

Trusted
Spark NZ

  Reply # 1378097 2-Sep-2015 10:22
One person supports this post
Send private message

Not really... There are plans people can still be on today that qualify for a free static IP, but they haven't applied for their free one yet... I'm confident however we word it someone would be confused.

Cheers _ N


10028 posts

Uber Geek
+1 received by user: 1580

Trusted

  Reply # 1378112 2-Sep-2015 11:08
One person supports this post
Send private message

Yep, see that. Include is the wrong word, point taken


 

Static IP's are available on all Spark Broadband Plans. Some even include a free Static IP!

 

Important to Note: Static IP's are not automatically assigned when moving onto a plan that includes a free Static IP. If you need a Static IP, just fill in the online form. You can request a Static IP at anytime.

 
 
 
 


18 posts

Geek


  Reply # 1378444 2-Sep-2015 17:37

I recently transferred over to unlimited. Speeds are just as they were before. You may like to check my thread below.

http://www.geekzone.co.nz/forums.asp?forumid=39&topicid=177495

891 posts

Ultimate Geek
+1 received by user: 180

Subscriber

  Reply # 1395763 28-Sep-2015 13:59
Send private message

kawaii: The answer is no - this has been asked many times and answered many times before.


Hi,

I assume port blocking isn't included in your definition of traffic shaping?

URL to reference:
 http://www.spark.co.nz/help/internet-email/plans-services/port-25.html

It states:

 

What is Port 25 unblocking and what customers will be unsuitable due to this limitation?

 

Customers who run their own email service will need Port 25 to be unblocked. Customers who use Xtra email or POP email (e.g. gmail) or a hosted email service (e.g. Spark business mail, Office 365) are not affected by this limitation.

 

  • Port 25 is typically used by customers who send mail from their own email server
  • Spark (Xtra) routinely block Port 25 in line with best international practice as a control against spamming

And as we have regularly had to go through the mammoth task of requesting, and re-requesting port blocking removal - it is fair to say, the information is correct. Our traffic is shaped.

Also we have had multiple clients with issues contacting third party smtp  / mail servers. The only commonality is they are all on Spark.  we put them on 3G connection via another provider and the problem instantly went away. back to spark, issue is back again. They ar edoing some level of filtering somewhere.






nunz

6994 posts

Uber Geek
+1 received by user: 2220

Subscriber

  Reply # 1395767 28-Sep-2015 14:04
6 people support this post
Send private message

i call it security

140 posts

Master Geek
+1 received by user: 42


  Reply # 1395807 28-Sep-2015 14:44
2 people support this post
Send private message

nunz:
I assume port blocking isn't included in your definition of traffic shaping?


It shouldn't be included in anyone's definition of traffic shaping.

20374 posts

Uber Geek
+1 received by user: 3878

Trusted
Subscriber

  Reply # 1395809 28-Sep-2015 14:46
Send private message

I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.




Richard rich.ms

2237 posts

Uber Geek
+1 received by user: 652

Trusted

  Reply # 1395904 28-Sep-2015 17:04
Send private message

richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.





1196 posts

Uber Geek
+1 received by user: 203


  Reply # 1395916 28-Sep-2015 17:26
Send private message

BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?




Laptop: MacBook (Retina, 12-inch, 2017)

 

Desktop: iMac (Retina 5K, 27-inch, Late 2015)

 

Smartphone: iPhone 8 Plus 256GB

 

Additional devices: AppleTV 4K 32GB, Ubiquiti USG, Ubiquiti UniFI AP AC HD

 


891 posts

Ultimate Geek
+1 received by user: 180

Subscriber

  Reply # 1395938 28-Sep-2015 18:04
Send private message

kawaii:
BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?



Port 25 is still the official port for INCOMING traffic - from there is it either moved onto a TLS type connection or left insecure.

That is different to an internal client ( a domain user for example) having their mail client attach to a port to send OUT GOING email. These are (now) normally 465 / 587 or another port of choice






nunz

891 posts

Ultimate Geek
+1 received by user: 180

Subscriber

  Reply # 1395950 28-Sep-2015 18:09
Send private message

slingynz:
nunz:
I assume port blocking isn't included in your definition of traffic shaping?


It shouldn't be included in anyone's definition of traffic shaping.


Disagree - we block (DROP) all Peer to Peer file sharing traffic as well as MS Media Server, Bonjour server, most UPNP and a range of other traffic for the purposes of preserving bandwidth.

The subtle difference between that that (shaping by dropping) and Xtra dropping port 25 is one is to police for security purposes, the other is to allow traffic to flow. If I was to get into semantics, my dropping isn't shaping either, just another form of policing. To make it shaping I would just reduce bandwidth for those protocols to 0.01kbps and let them die of natural causes (or frustration).  you say tomato, I say ToMATEo  - both end up doing the same thing.

I guess shaping is defined as allowing traffic to flow, rather than outright banning it.








nunz

10028 posts

Uber Geek
+1 received by user: 1580

Trusted

  Reply # 1396065 28-Sep-2015 20:30
Send private message

kawaii:
BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?


There are some NZ ISP's that don't offer SSL, only Port 25
There are old AND new MFC devices that do scan to email, and they don't support SSL
As has been said by Mr Steve many times when this pops up, SSL is 15 years old, its secure, why use Port 25.

20374 posts

Uber Geek
+1 received by user: 3878

Trusted
Subscriber

  Reply # 1396113 28-Sep-2015 21:17
One person supports this post
Send private message

Isp not offering port 25 - negligent at best. Misleading if they claim anything about being secure 80 their advertising materials.

MFC without SSL. If sold as supporting Internet email access then not fit for purpose under CGA. Clearly designed to only communicate with an on-lan mail server.

Person running a mail server on an Internet connection without port 25 available - buying an unsuitable Internet connection. If they must run their own mail server should buy connections to support it.




Richard rich.ms

1 | 2 
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Symantec selects Amazon Web Services to deliver cloud security
Posted 23-Nov-2017 10:40


New Zealand Ministry of Education chooses Unisys for cloud-based education resourcing management system
Posted 22-Nov-2017 22:00


Business analytics software powers profits for NZ wine producers
Posted 22-Nov-2017 21:52


Pyrios strikes up alliance with Microsoft integrator UC Logiq
Posted 22-Nov-2017 21:51


The New Zealand IT services ecosystem - it's all digital down here
Posted 22-Nov-2017 21:49


Volvo to supply tens of thousands of autonomous drive compatible cars to Uber
Posted 22-Nov-2017 21:46


From small to medium and beyond: Navigating the ERP battlefield
Posted 21-Nov-2017 21:12


Business owners: ERP software selection starts (and finishes) with you
Posted 21-Nov-2017 21:11


Why I'm not an early adopter
Posted 21-Nov-2017 10:39


Netatmo launches smart home products in New Zealand
Posted 20-Nov-2017 20:06


Huawei Mate 10: Punchy, long battery life, artificial intelligence
Posted 20-Nov-2017 16:30


Propel launch Disney Star Wars Laser Battle Drones
Posted 19-Nov-2017 21:26


UFB killer app: Speed
Posted 17-Nov-2017 17:01


The case for RSS — MacSparky
Posted 13-Nov-2017 14:35


WordPress and Indieweb: Take control of your online presence — 6:30 GridAKL Nov 30
Posted 11-Nov-2017 13:43



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.