This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.
My out off office is now officially on as I take the family away for annual leave in the sunny Isle of Man.
During this time it is unlikely that I will be writing posts but you can keep up with me on facebook if you want to.
PS I know that I have only just had a week in South Africa playing rugby. That wasn’t a holiday. It was a life enriching experience that boys sometimes just have to do.
You may have noted the spam theme of my posts this week. This is because we are in the process of upgrading our anti spam capabilities. The management of spam is a hugely complex process and involves many factors contributing to a scorecard against which an email is rated.
There is a general set of principles that the industry could apply that would make it a lot harder for spammers. Unfortunately many ISPs seem to the fairly lenient with their customers about how they set up their email services and are prepared to accept mail from poorly configured mail servers.
For example most spam comes from compromised Windows computers at residential or business premises. When a host connects, ie when a mail is being set up for sending, it should perform a HELO with it’s fully qualified domain name (FQDN) as specified in RFCs (industry standards or standards in waiting). The sender sometimes lies and presents a fake or incorrect HELO string, which can be used to judge the validity of the sending server. The string given at HELO time should have forward and reverse DNS that matches.
Additionally, the reverse DNS of the sending host could be considered. If there is no reverse DNS, it’s very unlikely that the mail is legitimate, and should be rejected. If the reverse DNS makes it clear that the sending host is within a DSL pool, ie at the user premises at the end of an ADSL line rather than an ISP’s mail server, this could also be taken into consideration when it comes to scoring.
A genuine Reverse DNS might look like mail.timico.net whereas a corresponding ADSL based DNS, (and therefore likely to be the source of spam), would be xxx.xxx.xxx.xxx.adsl.timico.net where the x’s represent the ip address.
Another technique in the fight against spam is to rate limit emails from users. In other words to apply a policy controlling a maximum number of emails an individual can send in a day. A rate limit for a residential user might be 200 mails a day for example. It is unlikely that the residential user will send more than 10 or 20 mails in a day. A compromised machine may, however, send thousands in the same time period. The rate limit would prevent this.
Customers with a genuine need to send more emails than the limit can easily be accommodated. The limit is there to protect the user rather than to stop them sending emails. The spam being sent would normally be caught here anyway but this technique does at least minimize the load on spam filters.
The factors taken into consideration in spam scoring systems are not normally made public domain because to do so would just help spammers.
As an update from yesterday’s post the botnet attacks are getting even more frequent. I’ll post some notes tomorrow on best practice for ISPs contending with spam. You can see the increase in frequency and intensity over yesterday. Some crook somewhere has obviously decided on a new “marketing campaign”.
I sometimes sit and watch SPAM attacks coming in on our mail servers. ISPs are constantly having to ward off spam. It is like being in a cyber war. What is mind boggling is that sheer volume. The chart below shows unwanted mail below the x axis and legitimate stuff above.
You can barely make out the legitimate mail because in the scale it is dwarfed by the spam. It is also interesting to observe that the attacks come in waves. You can see the major incoming waves on Sunday evening followed by periodic smaller attacks which appear to be the work of botnets.
This spam is of course not passed on to our customers who pay us for a premium service. You can zoom in by clicking a couple of times on the picture.
The Internet Services Provider Association has been announced as the winner of Nominet’s Best Practice Awards in the Raising Industry Standards category. The awards recognise organisations that have embraced the challenge of making the Internet a secure, open, accessible and diverse experience for all.
The ‘Raising Industry Standards’ category honours organisations that promote high standards of ethics in business, deliver an exceptional standard of customer service to online customers, promote Corporate Social Responsibility within the Internet industry and take a leading role in developing consumer confidence in the Internet.
ISPA was able to prove that it has worked with members to ensure high standards through adherence to the mandatory Code of Practice and voluntary Best Practice documents. ISPA further cited its cooperation with Government in promoting effective self-regulation and its third party dispute resolution service for consumers as examples of raising standards in the sector.
I pinched that spiel from the ISPA website but I have to say I am proud to be involved with this activity. The ISPA is a very well run professional trade association which does a great deal of good work for the industry.
Nominet, for those of you who have never registered your own .uk domain name, manages all the UK’s domain names(eg .co.uk, .org.uk). Last time I looked there were around 8 million of these. The day will come where everyone will have their own domain name. If anyone is interested, in my will in I am leaving trefor.net to my 9 year old. Funnily enough at this time he isn’t quite sure that this is a good thing. He will come around to my view in time.
I read on Monday that BT had abandoned Phorm. I didn’t consider this worth commenting on. Today I see that Talk Talk has also dropped the behavioural advertising company.
From a consumer’s perspective I say hooray. As an ISP I don’t have a big enough business to make the Phorm business model work so I haven’t had the moral dilemma myself. Apparently BT has said it has nothing to do with the furore over privacy rights but I doubt that anyone believes this.
Phorm is now having to say that it is concentrating on faster moving markets such as Korea and talks about live trials with Korea Telecom. All I can say is that for it to work Korea Telecom has to have a thicker skin than any western based ISP. Perhaps there isn’t the same privacy rights activity in Asia.
Busy day tomorrow so I thought I’d get this post in today because I certainly won’t be writing anything during the ISPA Awards.
At 10am I have an ISPA council meeting, followed by the AGM at 12.15 and the annual ISPA Awards bash in the evening. I haven’t been to this event before so I am looking forward to it, especially as Timico is a finalist in the “Best Business Customer Service” category.
I’ll let you know how we get on plus any publishable/non-incriminating photos from the night.
It’s also the Nominet AGM today so if I have any feedback from that I’ll let you know.
I have occasionally written posts concerning the rise in internet traffic when there have been major world events. Of course this included last week’s Wimbledon antics.
I thought it would be interesting for people to see an overlay in broadband network traffic week on week to see what a “normal” week would look like compared to a high traffic week.
The chart below shows last week’s Wimbledon peak traffic profile in the slightly lighter grey compared with the previous week’s.
It’s a bit dark but if you click on the image a couple of times you should get a large enough view to see that when “our Andy” took to the court on Friday the traffic shot up by 30% compared to the same time last week.
The purple line at the botton represents an old low capacity 155Mbps BT Central pipe that is being decommissioned next month. These older pipes struggle to cope with high network demand. The 155 is being replaced with more 622 capacity.
As I drove in to work this morning I heard a BBC Radio 4 interview with 2nd man on the moon Buzz Aldrin. Part of it included playback of the telephone conversation the astronauts had with President Richard Nixon who emphasised that he was using the telephone in the Oval Office to make the call. Of course this was a technological marvel at the time.
I actually met Buzz Aldrin 15 years ago on the occasion of the 25th anniversary of the moon landings. What struck me was the high calibre of everyone involved with the Apollo missions.
The technology they used was so basic that the astronauts had to pilot the spacecraft manually. None of this onboard guidance computer stuff. In fact my Nokia phone now has much more computing power than did the whole mission to the moon.
Buzz described to me the way that they flew the lunar landing craft by hand across the moon’s surface until they spotted somewhere suitable to land. The whole mission was balanced on a knife edge as the lander only had 40 seconds of fuel left before they had to abort the landing. Fortunately, as we now all know, they spotted a landing spot and took it down.
The missions to the moon were the catalyst that set in train the whole semiconductor industry and brought about the technological revolution that is still going on today. One small step for man, one massive leap for technology.
I had my photo taken with Buzz at that event 15 years ago. If I can find it I’ll scan it in and post it here. I wonder if he remembers me ?:-)
Our broadband network usage hit a new high yesterday as Andy Murray wallopped Juan Carlos Ferrero in straight sets at Wimbledon. The peak remained at a constant high between 4 and 5pm, at which point presumably everyone left the office and watched it at home because the network traffic dropped right off.
My understanding is that whilst an ISP’s network might well have been able to cope with the added traffic levels some problems were caused at local exchange level where virtual paths were seeing congestion. The virtual path is the backhaul from exchange into the BT network and on to the internet, and in this case to the BBC website.
BT’s new 21CN network should be better placed to withstand this sort of traffic burst.
Expect another peak when “our Andy” plays in the semi final. I feel as if I have known him all my life :-).