Blog

Why you should not use Microsoft live/hotmail/outlook.com

August 2, 2014 - 2:36 pm

Subtitle: The new bussiness model of freemail hosters.
How can you make money from free e-mail?
Easy: Charge Admins for getting their mails delivered.

If you are not interested in my story, just skip to the most important part at the end.

Months ago Microsoft decided to classify mail from my server as spam and did not deliver it to the inbox of their freemail services like live.com, outlook.com, hotmail.com, … This was even before I migrated to my new system with IPv6 (OK Microsoft doesn’t care) and another V4 IP. I even tried with both machines and the same thing happend.

A few weeks ago now – suddenly – Microsofts’ servers started to bounc all my mails with the message: “Please contact your Internet service provider since part of their network is on our block list.” Of course I immediately checked public blacklisting services to see if my IP is listed somewhere – but nothing. All the other big providers also worked fine.

I double-checked their guidelines such as that reverse DNS and SPF must be configured properly, but everything was fine.
So I finally decided to open a ticket to ask to remove me from the blacklist. They in fact did this “for conditional mitigation” as they wrote and now I’m back to normal: Mails are delivered to the spam folder.

read on »

Category: Networking  No Comments »


Google is talking IPv6 to me.

February 13, 2014 - 3:38 am

We’re getting there!
It has been a while since I started digging into IPv6. My home network is running on IPv6 for a while, but now I’m confident enough to implement it in my productive setup.

My mailserver has now been fully migrated to IPv6 and while doing this I properly implemented TLS (with a CACert signed certificate) including perfect forward secrecy (PFS) and so on.

Here is how servers of major freemail providers are reacting to my new setup.

Provider sending to… receiving from…
IPv6 TLS IPv6 TLS
GMail yes yes yes yes
GMX no yes no yes
web.de no yes no yes
T-Online no yes (no PFS) no yes
Yahoo no broken* (untested) (untested)
live.com/hotmail no no no no
Apple me.com/mac.com no no no no

* Certificate does not match hostname. They are trying to use a wildcard certificate across two levels of subdomains which is forbidden for HTTPS and not explicitely allowed for SMTP.

read on »

Category: Networking  No Comments »


Useful rope knots (Material for Training-Of-Trainers session)

February 6, 2014 - 11:35 pm

This is the digital handout for the students which took part at my training session

Useful rope knots

This 30min session was my assignment for the Training-of-Trainers course 2014 provided by ICTI.

The knots in this short list are some of the most useful ones for the daily life.
All of them can be performed if only one end of the rope in question is loose.

Bowline
Simple knot that forms a fixed loop at the open end of a rope.
It can be used to hook the rope onto a post, hook or similar.

Backhand hitch
The open end of the rope wraps around a pole and tightens to it.
It can be used to tie a rope to a handrail or beam.

Sheet bend
Used to tie two ropes together on their open ends. It can also be used if the ropes have different diameter.

Category: Uncategorized  No Comments »


IPv6 and the ignorance of hosters

November 5, 2013 - 3:48 pm

A few weeks ago I received an e-Mail from a German server hosting company.  They told me about their completely renewed product range which now has the best cost-benefit ratio in the world. I remember that I got in contact with them years ago but then decided to rent my server from another provider.

OK, the e-Mail sounded extremely marketing oriented and so does their website.
But since the offerings looked quite reasonable I decided to give them a chance and replied with a list of technical questions.

One of them was about the size of the IPv6 subnet they are going to assign me. I was a bit confused that I couldn’t find anything about IPv6 at all on their website.

The answer came a few days later. I somehow expected it even though I never really believed that a root-server hoster could ever afford this kind of ignorance. But here it is (translated from German):

Indeed we do not YET offer IPv6 but it is already on our road map. This means it will be realized for you in the very near future.

It’s obvious what that means.

I didn’t answer back and haven’t heard from them, either. No, not quite. In fact I received another generated mail informing me that my very special and not transferable offer will only last until end of October. It seems the only thing they really renewed was their marketing department.

I wonder what’s going to happen in the next months and years. I suspect this is not the only provider ignoring IPv6.

Category: Networking  No Comments »


Multimedia presentations with Raspberry Pi

September 29, 2013 - 11:11 pm

I just realized that time has gone so fast and my last technical posting was ages ago.

My german blog readers know that I’m on a sabattical at the moment. I’m working for WEC International UK and support  – among others – the communications department. Today I want to share one of my projects with you.

You probably have heard about Raspberry Pi. A small credit card sized computer developed in UK.
WEC wants to use it for their presentation at exhibitions consisting of a collection previoulsy produced Audio and Video content played in a loop.

It is quite easy to run such presentations on a Raspberry PI. At the moment we use Pi Presents, a set of python scripts created by Ken Thompson which serves all sorts of kiosk computing such as interactive video/image presentation.

read on »

Category: Web  No Comments »


IPv6: First steps and experiences

October 21, 2012 - 7:21 pm

I’ve read and heard a lot about IPv6 in the last months, but wasn’t able to gain some practical experience yet.

No I finally found some time to get my hands on a simple IPv6 setup at home. Rather late for me as a network guy but actually I did it.
I’m running a Debian based router, which was routing my IPv4 for quite a long time. My goal was to add IPv6 routing so that my clients are able to use the “IPv6 internet”.

The setup was really easy. My main documentation sources were the Linux IPv6 HOWTO and an IPv6 with Debian tutorial.

read on »

Category: Linux, Networking  No Comments »


Distributed social networking

December 29, 2011 - 2:47 am

Today I want to share two interesting projects with you I took from the congress on the second day.

The first one is called “social swarm”. It is an initiative with the goal to choose and adapt one of the may open distributed Facebook alternatives and bring it to the masses.

The second one is called “secure share”, which is one of the most promising of those mentioned alternatives. Opposed to others they do not just provide a decentralized server network but aim to create a secure P2P communication system for data exchange. On top of this a social network could be created.

You can find the project pages here:
- http://wiki.socialswarm.net/
- http://secushare.org/

I briefly want to share my opinion without going too much into technical or political details.

Both projects are very promising and ambitious. I especially like the idea that we can only succeed if we go for a single solution. This is one of the reasons why open projects often fail in favor of proprietary systems. Also the secure share technical approach is well designed with current and upcoming problems mind. Whats missing is something in-between.

The main problem I see is to find out what people really want and need. What could be reasons for them to try a new social network or even switch from Facebook. Political as well as technical approaches must be based on this.  I think they are on a good track, but still far away from a complete concept.

And the second one is the practicability. The technical approach must be usable with current technology. Over the last years you could see a big hype in web-applications and web-service based architectures. The reason for this is that you get HTTP communication through almost all NAT-Firewalls and Proxies. In fact it is desirable to come back to real peer-to-peer communication. But unfortunately this is not possible with our current infrastructure and we cannot rely on IPv6 and a (possible) law on net neutrality. But this is another story…

Nevertheless I hope those projects will very soon be able to come up with something to try out and get visible in the media. I would love to participate, but will only remain as a passive watcher, since other projects are more important for me.

Category: Technical  1 Comment »


CCC – first day over

December 28, 2011 - 4:55 pm

My first impression of the congress was just a bit amusing.

On any other conference you would be handed a leaflet or something, containing the schedule, locations and all necessary information. This congress is different. After entering the conference hall you are completely lost.
The walls are full of scattered information that do not mean much for me, but I was searching for a schedule without avail..

Some of the rooms are named with letters and numbers, the talk rooms are just numbers and there are no direction signs at all. Some rooms have additonal internal names which are not posted on the schedule but are more visible on the door than the others.

The only source of some information is the wiki (also lacking a map). But it is really hard to get connection to the Wifi and the wiki was half of the first day down.

Well, this gently reminds me of the sources I have to read and change all the time. Noone can deny what kind of people organized this conference. ;-)
But since I’m a software developer myself, I found ways to get acquainted with this code – sorry – conference.

Nevertheless, the talks where really great and exceeded my expectations. The main topic seems to be data security as well as surveillance. The session about the “Bundestrojaner” was fun as well as very informative. The group who analysed this piece of software gave an insight into their findings compared with the current legal situation.
They showed some of the history of the “Bundestrojaner” and proved why popular statements of politicians regarding this topic are obviously wrong.

Some talks also showed some really huge problems rising with surveillance and shows how they are already practice in germany.

Another presentation went into some opposite direction.
It was about how can you guess the spoken words in a Skype conversation without hacking the connection just by profiling the packet lengths. Eavesdropping at a very new level.

Category: Technical  No Comments »