[Asterisk-Users] Chagres Technologies, Inc

John Brown (CV) jmbrown at chagresventures.com
Sat Jan 10 15:05:56 MST 2004 

rick, i didn't say that they couldn't have sent email
from another location.  certainly yahoo and msn are
harder to deal with.

Yes, rick you can do some tracing the way I mentioned.

lets see:    dig routers.com mx
routers.com.            4H IN MX        10 texas.routers.com.

;; AUTHORITY SECTION:
routers.com.            4H IN NS        dns.inetnebr.com.
routers.com.            4H IN NS        texas.routers.com.

;; ADDITIONAL SECTION:
texas.routers.com.      2D IN A         206.222.193.73
dns.inetnebr.com.       2D IN A         199.184.119.1


hmm, so i would expect to see email from  texas.routers.com
or from some device within  206.222.193.xxx at a min.
(which would cover your machine called vegas.....)

I would expect that a  grep -i routers.com  mailbox
would produce output that showed mail from that domain.

I would expect that  a  grep 192.222.206  db.rbl.ct
would either show something in that block as being a 
locatlly flagged spam source, or show nothing, which means
we didn't block it

i would expect that a grep  206.222.192  /var/log/security
(freebsd ipfw logs)  would show something since we have a
rule called   permit log tcp from any to mailserver 25 

I would expect that a grep  routers.com  /var/log/maillog
which logs the smtp sessions to show something.

If I didnt' get a hit on any of those, I think its pretty 
safe to say I didn't get the email, something is broken.

All I'm saying is that based on the information we have
for that customer, I can and do check our logs to see if
something got dropped.


Almost half of the customers that had issues have their
IP's listed in multiple different RBL's  So instead of
dropping those emails, now we have to put them into 
a seperate folder and manually check them.  we get close
to 2800 spam messages a day into those folders.  

If they sent from hotmail or yahoo, then about the only
thing I can do is grep for there email addy string.

and yes rich, i'm involved with security issues as
well and have a clear understanding of how packets 
move, and what tools I have on my network that allow
me to see whats happening.

cheers


On Sat, Jan 10, 2004 at 03:37:15PM -0600, Rich Adamson wrote:
> common on john, stop the bs. we all know email can be sent
> from hundreds of different valid accounts that you can't
> trace that way (yahoo and msn as just two), and those of
> us that have been involved with security understand it
> rather well.
> 
> ------------------------
> > its simple,
> > i can lookup the MX for his zone, then look up the
> > A RR for each MX, and then search the logs for IP's
> > or I can even expand the search to look for CIDR prefixes.
> > 
> > I can also lookup in my private RBL, any query my SMTP
> > machine would have made to see if his IP(s) are spam
> > sources or not.
> > 
> > If I don't see packets from those IP(s), or from
> > his MX's, or from his domain, then I'm going to assume
> > no packets where received.
> > 
> > cheers
> > 
> > 
> > On Sat, Jan 10, 2004 at 03:23:13PM -0500, admin wrote:
> > > Sorry, but how can you ID his inbound packets?
> > > 
> > > 
> > > ----- Original Message ----- 
> > > From: "admin" <stotaro at seepu.com>
> > > To: <asterisk-users at lists.digium.com>
> > > Sent: Saturday, January 10, 2004 3:17 PM
> > > Subject: Re: [Asterisk-Users] Chagres Technologies, Inc
> > > 
> > > 
> > > > Just refund the guy his money...
> > > > ----- Original Message ----- 
> > > > From: " John Brown (CV)" <jmbrown at chagresventures.com>
> > > > To: <asterisk-users at lists.digium.com>
> > > > Sent: Saturday, January 10, 2004 2:46 PM
> > > > Subject: Re: [Asterisk-Users] Chagres Technologies, Inc
> > > >
> > > >
> > > > > For the list,
> > > > >
> > > > > Mike received a partial order shipped 15-Dec, SN ending 4CD8.
> > > > >
> > > > > Mike received email replies on 3-Dec  and 17-Dec advising him
> > > > > on his order.
> > > > >
> > > > > Mike ack'd those emails.
> > > > >
> > > > > This is the first time we have heard anything (phone calls or email)
> > > > > from Mike since 17-Dec.  Our CDR and SMTP logs show no inbound packets
> > > > > or calls.
> > > > >
> > > > > Mike has been sent a private email and has been advised that
> > > > > we will be issuing him a refund on product not received.
> > > > >
> > > > > I can only say that there is a human that answers the phones
> > > > > at Chagres M-F 9-5 MDT (GMT-7).
> > > > >
> > > > > I think I'll change the Auto-Attendent so that it says
> > > > > "For a Human press 0", instead of "To reach an operator
> > > > > press 0".  Most people don't seem to press 0....
> > > > >
> > > > > for order status:  orders AT chagres dot net,
> > > > >
> > > > > or call  +1 505 830 1200 and please do leave good
> > > > > information (name, phone number, what you ordered)
> > > > > we don't always receive enough info to respond back
> > > > > (missing phone numbers or complete names are common)
> > > > >
> > > > > If you have any issue you can call my direct number at
> > > > > +1 505 998 0567.  Thats my desk, ring it.
> > > > >
> > > > > cheers,
> > > > >
> > > > > john
> > > > >
> > > > > On Sat, Jan 10, 2004 at 12:08:14PM -0600, mikeu wrote:
> > > > > > My experience has been one of unresponsiveness to my e-mails.  I have
> > > > > > ordered and received devices from other providers in the time I have
> > > > been
> > > > > > waiting for Chagres.  As of now, based on my experiences and those of
> > > > others
> > > > > > that I have heard from I would highly recommend avoiding Chagres and
> > > Mr.
> > > > > > Brown.  All I want now is a refund.
> > > > > >
> > > > > > Mike
> > > > > >
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: asterisk-users-admin at lists.digium.com
> > > > > > [mailto:asterisk-users-admin at lists.digium.com] On Behalf Of Olle E.
> > > > > > Johansson
> > > > > > Sent: Saturday, January 10, 2004 3:22 AM
> > > > > > To: asterisk-users at lists.digium.com
> > > > > > Subject: Re: [Asterisk-Users] Chagres Technologies, Inc
> > > > > >
> > > > > > Mail John Brown at Chagres. john at chagres.net
> > > > > >
> > > > > > He usually responds quickly and I get information about where my
> > > > products
> > > > > > are.
> > > > > > Yes, I also have rest orders, but I have acceptable responses on why
> > > and
> > > > > > when
> > > > > > they are expected to arrive in this snowy winterland...
> > > > > >
> > > > > > /O
> > > > > >
> > > > > > _______________________________________________
> > > > > > Asterisk-Users mailing list
> > > > > > Asterisk-Users at lists.digium.com
> > > > > > http://lists.digium.com/mailman/listinfo/asterisk-users
> > > > > > To UNSUBSCRIBE or update options visit:
> > > > > >    http://lists.digium.com/mailman/listinfo/asterisk-users
> > > > > >
> > > > > > _______________________________________________
> > > > > > Asterisk-Users mailing list
> > > > > > Asterisk-Users at lists.digium.com
> > > > > > http://lists.digium.com/mailman/listinfo/asterisk-users
> > > > > > To UNSUBSCRIBE or update options visit:
> > > > > >    http://lists.digium.com/mailman/listinfo/asterisk-users
> > > > > _______________________________________________
> > > > > Asterisk-Users mailing list
> > > > > Asterisk-Users at lists.digium.com
> > > > > http://lists.digium.com/mailman/listinfo/asterisk-users
> > > > > To UNSUBSCRIBE or update options visit:
> > > > >    http://lists.digium.com/mailman/listinfo/asterisk-users
> > > > >
> > > >
> > > > _______________________________________________
> > > > Asterisk-Users mailing list
> > > > Asterisk-Users at lists.digium.com
> > > > http://lists.digium.com/mailman/listinfo/asterisk-users
> > > > To UNSUBSCRIBE or update options visit:
> > > >    http://lists.digium.com/mailman/listinfo/asterisk-users
> > > >
> > > 
> > > _______________________________________________
> > > Asterisk-Users mailing list
> > > Asterisk-Users at lists.digium.com
> > > http://lists.digium.com/mailman/listinfo/asterisk-users
> > > To UNSUBSCRIBE or update options visit:
> > >    http://lists.digium.com/mailman/listinfo/asterisk-users
> > _______________________________________________
> > Asterisk-Users mailing list
> > Asterisk-Users at lists.digium.com
> > http://lists.digium.com/mailman/listinfo/asterisk-users
> > To UNSUBSCRIBE or update options visit:
> >    http://lists.digium.com/mailman/listinfo/asterisk-users
> 
> ---------------End of Original Message-----------------
> 
> 
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list