[00:00] *** nerdd_ has quit IRC (Ping timeout: 265 seconds) [00:22] *** viq has quit IRC (*.net *.split) [00:23] *** viq has joined #arpnetworks [00:37] *** viq has quit IRC (*.net *.split) [00:47] *** viq has joined #arpnetworks [01:04] *** LT has joined #arpnetworks [01:27] *** AndrewBC has quit IRC (Ping timeout: 264 seconds) [01:32] *** AndrewBC has joined #arpnetworks [01:56] *** schmir has joined #arpnetworks [03:25] *** AndrewBC_ has joined #arpnetworks [03:26] *** AndrewBC has quit IRC (Ping timeout: 260 seconds) [03:31] *** schmir has quit IRC (Ping timeout: 265 seconds) [04:39] *** LucasWilcox has quit IRC (Read error: Connection reset by peer) [04:39] *** LucasWilcox has joined #arpnetworks [04:42] *** Wraithan has quit IRC (Excess Flood) [04:42] *** Wraithan has joined #arpnetworks [04:44] figured out my listen-on-v6 issue. I had !localnets, yet I was querying from my second VPS in the same range. [04:52] *** schmir has joined #arpnetworks [04:56] *** schmir has quit IRC (Remote host closed the connection) [04:58] *** schmir has joined #arpnetworks [05:17] *** AndrewBC_ is now known as AndrewBC [05:26] *** ziyourenxiang has joined #arpnetworks [06:27] *** vtoms has joined #arpnetworks [06:34] cedwards \o [06:38] *** nukeAFK has joined #arpnetworks [06:42] *** dstufft has joined #arpnetworks [06:43] *** dstufft is now known as Guest85490 [06:43] *** Guest85490 is now known as dstufft2 [06:43] *** dstufft2 has quit IRC (Client Quit) [06:46] *** cmeiklejohn has quit IRC (Quit: leaving) [06:54] *** cmeiklej1hn has joined #arpnetworks [06:55] *** cmeiklej1hn is now known as cmeiklejohn [06:55] *** schmir has quit IRC (Remote host closed the connection) [07:00] *** heavysixer has left [07:00] *** heavysixer has joined #arpnetworks [07:00] *** ChanServ sets mode: +o heavysixer [07:05] *** cmeiklejohn has quit IRC (Changing host) [07:05] *** cmeiklejohn has joined #arpnetworks [07:05] *** cedwards has quit IRC (Ping timeout: 265 seconds) [07:09] *** vtoms has quit IRC (Quit: Leaving.) [07:09] *** vtoms has joined #arpnetworks [07:17] *** cedwards has joined #arpnetworks [07:39] *** cmeiklejohn has quit IRC (Remote host closed the connection) [08:03] *** cmeiklejohn has joined #arpnetworks [08:03] *** cmeiklejohn has quit IRC (Changing host) [08:03] *** cmeiklejohn has joined #arpnetworks [08:24] blech. I haet it when I f*ck up my boot loader. [08:58] *** ziyourenxiang has quit IRC (Quit: ziyourenxiang) [09:17] *** LT has quit IRC (Quit: Leaving) [12:19] quiet today. [12:29] *** vtoms has quit IRC (Remote host closed the connection) [12:29] *** vtoms has joined #arpnetworks [12:30] *** heavysixer has quit IRC (Quit: heavysixer) [12:45] "yeah ... a bit TOO quiet... " [12:50] * cedwards gets the chills. [12:53] I've written 9 pages now about what one should think of when creating a network for a mid-sized company [12:53] And I'm not done yet \o [12:53] I'm hoping this will make me pass the course [13:41] *** schmir has joined #arpnetworks [14:16] * jdoe twiddles thumbs and waits for OpenSolaris 2010.03 [14:26] openOraclelaris ? [14:27] haha. right. [14:30] Wtf is this crap I'm about to write an essay on? [14:30] OCTAVE? [14:30] And no, It isn't GNU Octave [14:30] Wikipedia doesn't even have an article on it [14:31] then it doesn't exist, or isn't of relevance to nerds [14:32] exactly [14:32] Thing is it's a nerd course [14:32] IT-coordination [14:34] *** Aila has joined #arpnetworks [14:35] My second cousing thinks Computer Engineering and Chemical Engineering sounds boring [14:35] !! [14:35] hi can anyone lend me a hand, i can't seem to get my reverse dns working... i'm running bind9 [14:35] And Master of Science in Engineering too! [14:35] RandalSchwartz: Let's do a ritual and sacrifice my second cousin [14:36] *** baklava has joined #arpnetworks [14:36] *** baklava has quit IRC (Changing host) [14:36] *** baklava has joined #arpnetworks [14:40] reverse dns? [14:40] has it been delegated to you? [14:40] do you have sensible master files? [14:40] do you have an offsite slave as well? [14:41] yes it's been delegated to me [14:41] i have master files [14:41] no offsite slave [14:43] are the parent NS records correct? [14:43] wait - I should ask what the problem is, I guess. :) [14:45] well [14:45] nslookup 174.136.101.162 [14:45] gives error [14:45] ** server can't find 162.101.136.174.in-addr.arpa: SERVFAIL [14:46] that's ns1.nullbnc.com which has a reverse set for it [14:48] lemme see [14:48] so 101.136.174.in-addr.arpa is served by arp [14:48] are you sure the delgation is in place? [14:49] *** vtoms has quit IRC (Quit: Leaving.) [14:49] 101.136.174.in-addr.arpa. 3600 IN SOA ns1.arpnetworks.com. gdolley.arpnetworks.com. 1004 28800 7200 604800 3600 :D [14:49] yeah - this is a problem - 174.101.136.174.in-addr.arpa is an alias for 174.160-175.101.136.174.in-addr.arpa. [14:50] Host 174.160-175.101.136.174.in-addr.arpa not found: 3(NXDOMAIN) [14:50] *** Aila has quit IRC (Ping timeout: 248 seconds) [14:50] it's delegated to an alias that doesn't exist [14:50] might be your problem, might be ARPs [14:50] jdoe: you're a solaris fan? [14:50] email support [14:50] *** schmir has quit IRC (Ping timeout: 276 seconds) [14:52] Aila probably didn't set up the zone name right, even though I tell everyone the zone name in advance. [14:52] reverse dns is confusing if you're new to it all [14:53] my solution: force everyone to read DNS and BIND before allowing them on the internet [14:53] that reminds me, I'd like to get reverse setup as well. [14:53] up_the_irons: email to support@ for delegation? [14:53] cedwards: yup [14:54] oop... gone before this [14:54] darn it [14:54] if they ask a question, they Must Stay (tm). [14:54] up_the_irons: what information do you need in the support request? just my name server(s)? [14:55] cedwards: IPs and PTR records required; or if you want delegation, your name servers. As always, include the VPS UUID so it is easy for me to find :) [14:57] *** Aila has joined #arpnetworks [14:57] sorry RandalSchwartz, freenode kicked me off [14:57] soo [14:57] host 174.136.101.162 [14:58] Host 162.101.136.174.in-addr.arpa not found: 2(SERVFAIL) [14:58] up_the_irons: sent. thanks. [14:58] ... it's delegated to an alias that doesn't exist [14:58] ... might be your problem, might be ARPs [14:58] http://pastebin.com/07svA1tv [14:58] ... email support [14:58] that's what I said after you left [14:58] did you understand what I pasted before? [14:58] ARP owns 101.136.174 [14:59] and apparently they provide 174.101.136.174 [14:59] which redirects to probably something you need to provide [15:00] i got this in email when they delegated my ipvs block [15:00] So just name your zone "160-175.101.136.174.in-addr.arpa" and proceed to set up [15:00] your PTRs normally. [15:00] ahh yes... 160-175.101.136.174.in-addr.arpa name server ns2.nullbnc.com. [15:00] 160-175.101.136.174.in-addr.arpa name server ns1.nullbnc.com. [15:00] those are you? [15:00] yes [15:00] are you serving that domain [15:00] ye [15:00] apparently, you aren't providing 174 in there [15:00] you should fix that [15:00] yea i know [15:01] one sec [15:01] yeah - no SOA for Host 160-175.101.136.174.in-addr.arpa not found: 3(NXDOMAIN) [15:01] if I can't get an SOA for it, I'm not going to get records either [15:02] do you have a master file for that, and are you announcing it? [15:03] your port 53 is open, at least. :) [15:03] so's port 22. good luck with that. [15:03] * RandalSchwartz re-ports ssh routinely now [15:04] *** heavysixer has joined #arpnetworks [15:04] *** ChanServ sets mode: +o heavysixer [15:07] ;) [15:07] so are you diagnosing the problem? [15:09] here are my configs [15:09] http://pastebin.com/EjiVEZRs [15:10] i don't see what i'm doing wrong [15:11] I'm not getting that SOA from there [15:11] are you sure it has re-read your amster? [15:11] master? [15:12] ahh - I do see the soa now [15:14] says "refused" [15:14] might be a permissions things [15:14] ah [15:14] try again, i just restarted bind [15:15] are you passing both tcp and udp 53? [15:16] *** sentabi has quit IRC (Excess Flood) [15:16] yes [15:17] 174.136.101.174 is defined in interfaces so not sure the prob there [15:18] I dunno either, but I gotta go [15:18] ok cya [15:20] up_the_irons: I have a love/hate thing with Solaris. I respect it, I want to like it, but since I don't know it particularly well it's a painful experience. [15:21] jdoe: I read "I want to be like it" [15:21] up_the_irons: I love ZFS though, and since I don't trust FBSD's implementation (anecdotal experiences with similar setups to mine went poorly) I went with opensolaris. [15:21] dxtr: sure, I'll take Larry's yacht and billions of billions :P [15:21] *** sentabi has joined #arpnetworks [15:21] ... anyway, so far it hasn't fucked me too badly :P [15:22] *** sentabi has quit IRC (Changing host) [15:22] *** sentabi has joined #arpnetworks [15:22] jdoe: ah i c [16:17] Uhm.. [16:18] What can one do from stopping unauthorized people from plugging in to my (wired) network and using it? [16:18] I don't see it :p [16:18] That's a question in my assignment [16:18] Doesn't say wired - but it doesn't say wireless either [16:19] dxtr: you could filter based on MAC address. Only authorized MAC addresses pass traffic through the switch. [16:19] there are other ways [16:19] google it [16:19] ;) [16:20] dxtr: PoE. Just make sure it's a lot of P oE. [16:20] Wouldn't one need a really expensive switch for that? :P [16:21] naw, just a beefy power cable, a knife and some duct tape... [16:24] I was asking up_the_irons :) [16:26] I know, but my answer was better. [16:26] dxtr: i think a cisco 2924XL could do it, which is like $20 used these days [16:28] Cool [16:30] pretty sure it can. [16:30] you might not want the XL though, isn't that the 2U one? [16:30] isn't there like WPA but for wired? :D [16:32] ipsec plays nice with ipv6, so ... sure. [16:32] is it more trouble than it's worth? [16:32] oh fuck yeah :P [16:34] So basically the only thing I've got is to filter MAC addresses and lock in the switches? :P [16:36] jdoe: there is a 2U version of the XL, but the majority are 1U [16:38] ah. [16:38] I used to have the 2U one. [16:38] probably with an "FX" port (Fiber, but only 100 Mbps ;) [16:38] two iirc [16:38] yeah two [16:38] been a while. Thing was a heavy piece of shit :P [16:39] lol [16:40] Hm, kan pf filter my mac address+ [16:40] yeah, I've got two 3550s next to me now with the jumbo gbics. At least I hope they're gbics and not two giant 100mbit ports :P [16:40] pf can do anything [16:41] actually i dunno. ebtables on Linux can do MAC filtering. [16:45] And one thing; Let's say I'm really obsessed with just letting some people access the network [16:46] Wouldn't it be possible to first filter MAC addresses in the switch - but to let people connect to the internet they must connect to an openvpn server within the network [16:46] And that vpn have its own subnet [16:46] And firewall is only allowing that subnet to access the net so to speak [16:47] That would make it encrypted and safe [16:47] ... right? :) [16:51] you might also want to look into authpf [16:53] Hey, thanks for the tip [16:54] I actually might start using that [16:54] dxtr: yeah sounds about right [17:02] FUCK YEAH! I'm kind of done with this course [17:03] Are there any good pdf readers for Linux? [17:03] epdfview, which is evince without the gnome bloat [17:05] Awesome [17:05] Thank you [17:06] I'd like an ncurses based pdf viewer :P [17:11] ps2ascii foo.pdf | less [17:16] cool [17:19] *** jasey has joined #arpnetworks [17:19] ok [17:19] up_in_irons [17:19] who the fuck designed your site [17:20] it's like 2001 took a shit and it came out [17:20] that shit is fucking awful [17:20] can you please update it? [17:20] because it is really a disgrace [17:20] i'm from EFnet [17:20] from #sexytime [17:20] my name on there is jase [17:20] and i think your site is shit [17:20] do you loves it, honeybitch? [17:20] * jasey blows a sugarkiss [17:20] bye baby [17:20] *** nesta has joined #arpnetworks [17:20] *** jasey has left [17:21] *** nesta is now known as aem [17:22] *** jasey has joined #arpnetworks [17:22] sorry [17:22] i forgot to post my pic [17:22] this is what i look like [17:22] http://i46.tinypic.com/6qeebo.jpg [17:22] bye sugarniggers [17:22] *** jasey has left [17:25] LOL [17:25] Wat? [17:25] hahah [17:25] jasey [17:25] up_the_irons: He's your ex? ;) [17:25] i hope not [17:25] haha [17:26] do you know what sucks? [17:26] I got an A in a programming course that I just found out I already got an A in [17:27] ... [17:27] Is that normal? :P [17:36] up_the_irons: disgrunted former customer? :P [17:37] jdoe: don't think so, probably random troll [17:46] *** schmir has joined #arpnetworks [17:46] silly internet monsters [17:49] What's the point of following a list on twitter? [17:49] Doesn't show up on the front page anyway [17:50] *** schmir has quit IRC (Remote host closed the connection) [17:56] http://twitter.com/IPv4Countdown :D [18:06] dxtr: hah nice! [18:06] and that's not necessarily how many IPs are available in your region. [18:07] who knows when ARIN will run out [18:07] if i sell out a few more servers, i'll have to submit another request to ARIN [18:17] *** heavysixer has quit IRC (Quit: heavysixer) [18:20] up_the_irons: pwnd :D [18:20] How many have you got now? [18:20] In total [18:21] 2 /21's and a /20 [18:21] so equivalent to a /19 [18:23] cool [18:25] What do a subnet that size cost? :) [18:26] https://www.arin.net/fees/fee_schedule.html [18:26] $2250 per year [18:26] *** amdprophet has joined #arpnetworks [18:29] Cool [18:29] Wtf. End users? [18:29] this is going to be a close game... LAL vs PHX [18:29] end users can request IPs, yes [18:29] 1.5 spread for LA, 220.5 for the over/under (!) [18:30] up_the_irons: That's kind of awesome :p [18:30] I'll get an /18 block when I get a job \o [18:30] dxtr: it's not all that easy though [18:30] Bummer [18:30] I'll have to bribe my ISP too? [18:30] ipv4 exhasution is coming soon [18:31] RandalSchwartz: Nowai [18:31] :) [18:31] http://twitter.com/IPv4Countdown [18:31] you'll have to buy from the highest bidder [18:32] that's why I got my /28 now [18:32] yep [18:32] LOL [18:32] I won't need most of them for a year or two [18:32] but I don't want to not have, or need to renumber [18:33] man, I should put that on my order page, "Get them now, before they run out!" [18:33] haha [18:33] Talk about advertisement [18:33] "Get your ipv4 address here before they run out!" [18:33] if you could even get a machine now. :) [18:33] or do you have that back online? [18:33] hint hin [18:33] t [18:34] I seriously spoke with a guy yesterday who didn't believe the address' would run out for at least 10 years [18:34] so he's seriously crazy [18:34] And that we wouldn't start using ipv6 within that period because "we'd have to update almost every single network card" [18:34] * RandalSchwartz . o O (network card?) [18:35] comcast is already starting to deliver v6 to homes [18:35] oh is that a thought bubble? [18:35] that's cute [18:35] I'm part of a pilot program [18:35] Because ipv6 addresses are 64 bit that mac address' are too! (Right? ;)) [18:35] 4 over 6 may be the new tunnel :) [18:36] And old, unupdated, network cards can only handle 32 bit mac addresses (Like todays... Right? ;)) [18:36] I have no idea what he was talking about. I just ignored him after a while [18:36] I think he was on dope [18:36] network cards have no idea of v4 or v6 [18:36] v4 and v6 are not layer 2 [18:36] it's all layer 3 [18:36] RandalSchwartz: haha, machine will come soon, almost got everything in order [18:37] I said that too, but he said "Exactly! And most network cards are layer 1!", I proved him wrong and said something about ISA cards [18:37] RandalSchwartz: ChinaNet also is doing a ton of IPv6, and they have an IPv4 *decommission* plan already [18:37] they claim by 2016, they will no longer route IPv4 [18:38] My isp doesn't even have a plan to test IPv6 yet [18:38] :D [18:38] They're too busy digging down fiber everywhere [18:38] layer 1? voltage? :) [18:38] there's gonna be some cheappie IPv6 tunnel software that'll hit Windows machines, just you watch companies try to sell that [18:39] "See more of the Internet than you could before!" [18:39] Why not just use sixxs or he.net? :P [18:39] those are for technical users [18:39] i'm talking the masses [18:39] Fuck the masses! [18:39] well - thats' why comcast is hitting the massses [18:39] That's kind of my motto [18:40] "Don't like that my website looks the same in Opera and IE6!? FUCK YOU!" [18:40] comcast is "the" network for a large part of broadband america [18:40] Don't like that my website doesn't look the same* [18:41] RandalSchwartz: Gotta suck to have to rely on so few ISPs in such a developed country [18:41] we're hardly dveloped :) [18:41] Compared to Sweden? :D [18:45] ooO, found another big netblock to ban, owned by: http://delivery.net/ [18:45] * up_the_irons bans their /22 [18:46] yay email marketing [18:46] Haha [18:47] larger penis, please [18:49] I blocked 'em too! [18:50] if anyone is interested in my compilation over the past couple weeks: http://pastie.org/private/xiqsjmww4jlmxeiqlrwbaa [18:50] \o [18:51] I use this file as follows (postfix): smtpd_client_restrictions = ... check_client_access cidr:/etc/postfix/rejections_cidr ... [18:51] I'm using pf ;) [18:51] nice [18:52] I'm currently blocking every single part of the swedish government too [18:52] Both at home and on my vps :D [18:53] up_the_irons: what are you using to compile the list? hopefully not manual log parsing. [18:53] cedwards: the spam i receive :) [18:53] up_the_irons: ohh, you actually get spam huh :) [18:53] i just look at the headers [18:53] * cedwards doesn't remember the last spam he got. [18:53] cedwards: yeah some still get through [18:54] so to weed those out, i look at the headers and see if I can find a marketing company behind it. i usually can [18:54] as i mentioned, my postfix config is pretty strict [18:54] plus postgrey, zen.spamhaus.org, spf policy.. it seems to catch all of it. [18:55] cedwards: what do you use for spf policy? [18:55] cedwards: i don't think i'm going to do grey listing, because of the mail farm problem and I don't like delays in my email [18:56] let me grab my config.. (my primary MX runs Debian stable) [18:56] up_the_irons: the delays aren't that bad, and the deay is configurable [18:56] cedwards: but i use most of the other techniques available to me [18:56] I use SpamAssassin + zen.spamhaus.org [18:56] damn, your pastebin post expired [18:56] That catches all of it [18:56] postfix-policyd-spf-python package [18:57] I use zen + greylist [18:57] the thing i don't like about spamassassin is it sucked so bad when i used to run it like 3 years ago. i had switched to dspam which worked SOOOOOOOO much better. but now I don't have the patience for "training" [18:57] i may have to give spamassassin another try [18:57] RandalSchwartz: greylist? [18:57] cedwards: ah i c [18:57] postgrey [18:58] up_the_irons: I'm even daring deleting my spam directly :D [18:58] RandalSchwartz: ah ok [18:58] because I ran it a couple of weeks - got some spam but never a false hit [18:58] So I'm thinking "What the hell!" [18:59] you need to whitelist with grey though [18:59] otherwise, some big ISPs lose [18:59] and from there, you need to run SA or something [18:59] SA doesn't hit often here, but when it does, it is [18:59] http://pastebin.com/QRpyvexf - master.cf [19:00] i have a few spam trap addresses, and i'm currently trying to think of something that could tie in spam I get to them, to OpenBSD's spamd / pf, somehow, so I can just block known spammers in real time. surely someone must have already done this :) [19:00] I used to do that [19:00] check_policy_service unix:private/policyd-spf in main.cf [19:00] cedwards: thanks [19:00] I had "if anyone offends me, their IP is blocked for two hours" [19:00] and offense had many levels [19:00] including triggering spamtraps [19:01] in fact, my setup was a model for the spam fighting cabal [19:01] especially my high-MX trap [19:01] whcih I haven't bothered with yet [19:01] up_the_irons: if you like living dangerously, deliver the spamtraps to a perl script (.forward or an alias I guess) and have it extract the ip [19:01] what does an spf check even do? I'm not familiar with SPF records that much [19:01] spf says "these hosts can send mail from this domain" [19:01] sorry about the slow pastes. i'm on my first-gen eeepc [19:01] RandalSchwartz: high-MX trap? [19:01] you cannot block *any* IP for longer than two hours though [19:01] since legit mail is likely also trying to get through [19:02] but two hours is enough to stop most zombies [19:02] up_the_irons: yeah. in DNS you define the domains/IP mail is allowed to come from. [19:02] jdoe: i c [19:02] up_the_irons: if a mail server is checking SPF (sender policy framework), and the incoming says domain.tld but doesn't match the definition, it's blocked. [19:02] cedwards: but will an spf check ever deny legit mail? [19:02] it might [19:03] my accountant needs to send foo@stonehenge.com [19:03] and they send from their ISP [19:03] jdoe: yeah, writing my own script to parse IPs is the last resort [19:03] up_the_irons: I haven't seen it. if the servers are configured properly. [19:03] so if anyone really noticed stonehenge.com SPF, it'd fail [19:03] up_the_irons: it's a bad idea. [19:03] you should just use it as part of a score [19:03] RandalSchwartz: mmm... that's kinda not good [19:03] RandalSchwartz: ah ok [19:03] up_the_irons: consider DKIM instead. [19:03] By the way guys, speaking of e-mai [19:04] e-mail [19:04] not a good/bad boolean [19:04] How come I can't mail to Hotmail from my domain? [19:04] They end up in the spam folder :/ [19:04] i've found most places don't bother with it (yet?) [19:04] you still write to hotmail? [19:04] who the hell uses that? [19:04] other than spammers [19:04] and windows users :) [19:04] My girlfriend :) [19:04] "same thing" [19:05] I could perhaps send a mail to someone and let them check the header to see what IP it comes frmo [19:05] Could it be an SPF problem? [19:05] up_the_irons: spf is more like a white/blacklist, dkim just says "I sent this email" ... so it's more for establishing trust. [19:05] windows is a pretty good virus-loading platform [19:05] jdoe: dkim looks interesting [19:06] if you've configured your SPF definition properly, I don't see it causing problems. [19:06] should just stop spoofing the from domain. [19:07] Oh, SPF is an actual DNS thing [19:07] Cool :D [19:07] up_the_irons: yeah, and plugs nicely into sendmail/postfix. [19:08] I've never actually filtered on it, but the BIG BOYS like incoming email more if it's DKIM signed. [19:08] and since I still want to email people at hotmail/gmail/yahoo occasionally... [19:09] did ya'll know you can filter your gmail by language? [19:09] offensive language? [19:09] i used to get tons of russian and chinese spam. i applied basically if:chinese -> trash, and it's no more. [19:10] RandalSchwartz: spoken language. spanish, english, russian, etc [19:10] people speak russian? [19:10] hehe [19:11] *** mhoran_ has joined #arpnetworks [19:11] only if they're *spies* [19:12] * cedwards suppresses a 'in soviet russia' joke. [19:12] *** Aila has quit IRC (Ping timeout: 265 seconds) [19:13] routing go boom again? [19:13] Looks like it. [19:13] *** hsbt has quit IRC (Ping timeout: 260 seconds) [19:13] *** diatribes has quit IRC (Ping timeout: 260 seconds) [19:13] *** mhoran has quit IRC (Ping timeout: 252 seconds) [19:13] *** diatribes has joined #arpnetworks [19:13] *** koan has quit IRC (Ping timeout: 260 seconds) [19:13] *** mick_laptop has quit IRC (Ping timeout: 276 seconds) [19:13] *** hsbt has joined #arpnetworks [19:13] *** Wraithan has quit IRC (Ping timeout: 264 seconds) [19:13] *** BarberRonny has quit IRC (Ping timeout: 264 seconds) [19:14] W.T.F. [19:14] *** mick_laptop has joined #arpnetworks [19:14] Oh, there it is. [19:15] * jdoe BLAMES up_the_irons [19:16] *** mhoran has joined #arpnetworks [19:16] *** ChanServ sets mode: +o mhoran [19:16] *** Wraithan has joined #arpnetworks [19:16] Mzima dies AGAIN [19:16] Damn. [19:16] They stopped sending me routes at 12:30AM this morning [19:16] Had it fixed by like 1:30PM [19:16] Uhm.. To add an SPF record I'd do something like: dxtr.cc. IN SPF "v=spf1 a mx -all" [19:16] Yeah, I noticed something this morning. [19:16] ? [19:16] now appears I am still getting routes, BUT THEY ARE NOT PASSING TRAFFIC [19:16]