RE: Regarding panix.com

Mailman List Mirror (Read Only)
1

Hello All,

I have had a few emails regarding a perception that we have limited
support to deal with issues such as panix.com, so I will just set the
record straight.

We provide a standard first level retail customer service line 24 hours
by 5.5 days. (which gives business hours service in all world time
zones).

We provide 24 hour by 7 day customer service for resellers (typically
ISPs, web hosting companies etc).

We provide 24 hour by 7 day second level technical operations support.

Most major registrars and ICANN have direct contacts into the technical
parts of Melbourne IT. I received notification from several parties
via email (but I don't read email 24 hours a day).

We are looking at our processes to ensure that incidents such as
occurred with panix.com can be addressed more quickly within Melbourne
IT, and also checking to ensure that an appropriate number of external
people have access to the right contacts at Melbourne IT to fast track
serious issues.

Regards,
Bruce Tonkin
Chief Technology Officer
Melbourne IT

2

Something to give thought to everyone on this list using DNSbls....

Bruce Tonkin wrote:

I have had a few emails regarding a perception that we have limited
support to deal with issues such as panix.com, so I will just set the
record straight.

We provide a standard first level retail customer service line 24 hours
by 5.5 days. (which gives business hours service in all world time
zones).

We provide 24 hour by 7 day customer service for resellers (typically
ISPs, web hosting companies etc).

What sort of support would you give a not-for-profit Org such as SORBS.net or an Org such as Spamhaus.org if our domains were hijacked maliciously (or not)....?

This would be particularly important to consider in the event of somone hijacking and creating a record such as:

*.dnsbl.sorbs.net 604800 IN A 127.0.0.2

or

*.sbl.spamhaus.org 604800 IN A 127.0.0.2

etc....

We provide 24 hour by 7 day second level technical operations support.

Most major registrars and ICANN have direct contacts into the technical
parts of Melbourne IT. I received notification from several parties
via email (but I don't read email 24 hours a day).

We are looking at our processes to ensure that incidents such as
occurred with panix.com can be addressed more quickly within Melbourne
IT, and also checking to ensure that an appropriate number of external
people have access to the right contacts at Melbourne IT to fast track
serious issues.

This is certainly a start, and hopefully the nessesary people will make things happen to ensure it never happens again.

For the record, SORBS.net is registered with GANDI, I have no intention of updating the NS servers away from ones listed in the SORBS.net domain or transfering the domains to another registrar, however I am yet to find any method to 'LOCK' or 'UNLOCK' the domain...

I note that Spamhaus.org is set 'CLIENT TRANSFER PROHIBITED' and 'CLIENT UPDATE PROHIBITED' so in theory this shouldn't be a problem, but the various earlier comments indicating that panix.com was thought to be 'LOCKED' before the issues of the last few days provide more food for thought.

Regards,

Matthew

3

Bruce Tonkin wrote:

Most major registrars and ICANN have direct contacts into the technical
parts of Melbourne IT. I received notification from several parties
via email (but I don't read email 24 hours a day).

Bruce,

Offlist, I have already given you some suggestions that I hope will be helpful to your organization. Let me offer an additional suggestion: that in a situation like this where you are, or one of your resellers is, involved in an inappropriate transfer, there should be a method to escalate to the right place. "the right place" doesn't necessarily have to be you, of course, but it has to be someone with the authority to examine and fix the problem.

It's really not a customer service issue unless the company with the problem is a customer of yours. And as we saw with Panix, you can get involved in a situation that involves a company that has never done business with you.

HTH.

4

Matthew Sullivan wrote:

What sort of support would you give a not-for-profit Org such as SORBS.net or an Org such as Spamhaus.org if our domains were hijacked maliciously (or not)....?

Shouldn't matter, should it?

5

Steve Sobol wrote:

Matthew Sullivan wrote:

What sort of support would you give a not-for-profit Org such as SORBS.net or an Org such as Spamhaus.org if our domains were hijacked maliciously (or not)....?

Shouldn't matter, should it?

No, that was my point.

Regards,

Mat