Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
3170 posts

Uber Geek
+1 received by user: 1661

Trusted
Spark NZ

  Reply # 1378097 2-Sep-2015 10:22
One person supports this post
Send private message

Not really... There are plans people can still be on today that qualify for a free static IP, but they haven't applied for their free one yet... I'm confident however we word it someone would be confused.

Cheers _ N


8114 posts

Uber Geek
+1 received by user: 1133

Trusted

  Reply # 1378112 2-Sep-2015 11:08
One person supports this post
Send private message

Yep, see that. Include is the wrong word, point taken


 

Static IP's are available on all Spark Broadband Plans. Some even include a free Static IP!

 

Important to Note: Static IP's are not automatically assigned when moving onto a plan that includes a free Static IP. If you need a Static IP, just fill in the online form. You can request a Static IP at anytime.

 
 
 
 


18 posts

Geek


  Reply # 1378444 2-Sep-2015 17:37

I recently transferred over to unlimited. Speeds are just as they were before. You may like to check my thread below.

http://www.geekzone.co.nz/forums.asp?forumid=39&topicid=177495

849 posts

Ultimate Geek
+1 received by user: 175


  Reply # 1395763 28-Sep-2015 13:59
Send private message

kawaii: The answer is no - this has been asked many times and answered many times before.


Hi,

I assume port blocking isn't included in your definition of traffic shaping?

URL to reference:
 http://www.spark.co.nz/help/internet-email/plans-services/port-25.html

It states:

 

What is Port 25 unblocking and what customers will be unsuitable due to this limitation?

 

Customers who run their own email service will need Port 25 to be unblocked. Customers who use Xtra email or POP email (e.g. gmail) or a hosted email service (e.g. Spark business mail, Office 365) are not affected by this limitation.

 

  • Port 25 is typically used by customers who send mail from their own email server
  • Spark (Xtra) routinely block Port 25 in line with best international practice as a control against spamming

And as we have regularly had to go through the mammoth task of requesting, and re-requesting port blocking removal - it is fair to say, the information is correct. Our traffic is shaped.

Also we have had multiple clients with issues contacting third party smtp  / mail servers. The only commonality is they are all on Spark.  we put them on 3G connection via another provider and the problem instantly went away. back to spark, issue is back again. They ar edoing some level of filtering somewhere.






nunz

6499 posts

Uber Geek
+1 received by user: 2029

Subscriber

  Reply # 1395767 28-Sep-2015 14:04
6 people support this post
Send private message

i call it security

136 posts

Master Geek
+1 received by user: 41


  Reply # 1395807 28-Sep-2015 14:44
2 people support this post
Send private message

nunz:
I assume port blocking isn't included in your definition of traffic shaping?


It shouldn't be included in anyone's definition of traffic shaping.

19665 posts

Uber Geek
+1 received by user: 3491

Trusted
Subscriber

  Reply # 1395809 28-Sep-2015 14:46
Send private message

I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.




Richard rich.ms

2203 posts

Uber Geek
+1 received by user: 613

Trusted

  Reply # 1395904 28-Sep-2015 17:04
Send private message

richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.





1165 posts

Uber Geek
+1 received by user: 195


  Reply # 1395916 28-Sep-2015 17:26
Send private message

BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?




Laptop: MacBook (Intel Core m7 1.3Ghz, 8GB RAM, 512GB SSD)

 

Desktop: iMac 5K (i7 4.0GHz, 16GB RAM, 512GB SSD)

 

Smartphone: iPhone 6s Plus 128GB

 


849 posts

Ultimate Geek
+1 received by user: 175


  Reply # 1395938 28-Sep-2015 18:04
Send private message

kawaii:
BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?



Port 25 is still the official port for INCOMING traffic - from there is it either moved onto a TLS type connection or left insecure.

That is different to an internal client ( a domain user for example) having their mail client attach to a port to send OUT GOING email. These are (now) normally 465 / 587 or another port of choice






nunz

849 posts

Ultimate Geek
+1 received by user: 175


  Reply # 1395950 28-Sep-2015 18:09
Send private message

slingynz:
nunz:
I assume port blocking isn't included in your definition of traffic shaping?


It shouldn't be included in anyone's definition of traffic shaping.


Disagree - we block (DROP) all Peer to Peer file sharing traffic as well as MS Media Server, Bonjour server, most UPNP and a range of other traffic for the purposes of preserving bandwidth.

The subtle difference between that that (shaping by dropping) and Xtra dropping port 25 is one is to police for security purposes, the other is to allow traffic to flow. If I was to get into semantics, my dropping isn't shaping either, just another form of policing. To make it shaping I would just reduce bandwidth for those protocols to 0.01kbps and let them die of natural causes (or frustration).  you say tomato, I say ToMATEo  - both end up doing the same thing.

I guess shaping is defined as allowing traffic to flow, rather than outright banning it.








nunz

8114 posts

Uber Geek
+1 received by user: 1133

Trusted

  Reply # 1396065 28-Sep-2015 20:30
Send private message

kawaii:
BarTender:
richms: I think that it's a bit annoying but it will save them traffic from all the infected spam bots hitting up other machines only to have the connections dumped due to PBL DNS or lack or SPF causing the mils to be refused or tagged as spam and ignored.

No idea how long the malware will try to send out but I'm assuming it will give up after a while of not getting anything sent and the botnet operators will start to use the host for something else like ddos or proxy anyway.


It also stops inbound SMTP and DNS Amplification attacks as both Port 25 and Port 53 are blocked from the interwebs to customers connections. As there are some old broken modems out there that listen on Port 25 / 53 for connections and do dumb stuff.

Means you can't run a SMTP Server or DNS server on your home connection. But why the heck would you when VPS's are so cheap???

Also means that you won't typically get DDoSed in those two methods if someone nasty wanted to as the traffic would get dropped on the floor by the BNG before it even went over the wire.


Maybe I'm clueless but why would someone use port 25 when there is port 465 or 587 that could be used?


There are some NZ ISP's that don't offer SSL, only Port 25
There are old AND new MFC devices that do scan to email, and they don't support SSL
As has been said by Mr Steve many times when this pops up, SSL is 15 years old, its secure, why use Port 25.

19665 posts

Uber Geek
+1 received by user: 3491

Trusted
Subscriber

  Reply # 1396113 28-Sep-2015 21:17
One person supports this post
Send private message

Isp not offering port 25 - negligent at best. Misleading if they claim anything about being secure 80 their advertising materials.

MFC without SSL. If sold as supporting Internet email access then not fit for purpose under CGA. Clearly designed to only communicate with an on-lan mail server.

Person running a mail server on an Internet connection without port 25 available - buying an unsuitable Internet connection. If they must run their own mail server should buy connections to support it.




Richard rich.ms

1 | 2 
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

NotPetya ransomware attack, New Zealand view
Posted 28-Jun-2017 15:07


Security concerns reach new peak, Unisys Security Index
Posted 27-Jun-2017 14:11


Behind Spark’s slow-burn 4.5G plan
Posted 26-Jun-2017 16:23


Red Hat unveils production-ready open source hyperconverged infrastructure
Posted 23-Jun-2017 22:10


Whatever ailed Vodafone broadband … seems to be fixed
Posted 23-Jun-2017 14:10


VMware NSX Meets Stringent Government Security Standards with Common Criteria Certification
Posted 22-Jun-2017 19:05


Brother launches next-generation colour laser printers and all-in- ones for business
Posted 22-Jun-2017 18:56


Intel and IOC announce partnership
Posted 22-Jun-2017 18:50


Samsung Galaxy Tab S3: Best Android tablet
Posted 21-Jun-2017 12:05


Wellington-based company helping secure Microsoft browsers
Posted 20-Jun-2017 20:51


Endace delivers high performance with new 1/10/40 Gbps packet capture card
Posted 20-Jun-2017 20:50


You can now integrate SMX security into Microsoft Office 365, Google and other cloud email platforms
Posted 20-Jun-2017 20:47


Ravensdown launches new decision-making tool HawkEye
Posted 19-Jun-2017 15:38


Spark planning to take on direct management of all consumer stores
Posted 19-Jun-2017 10:03


Qrious acquires Ubiquity
Posted 14-Jun-2017 12:21



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.