Any chance you could fix this bounce?
Ken Causey
ken at kencausey.com
Wed Jan 11 21:58:10 UTC 2006
They don't provide enough information for me to be able to fix anything.
I checked my usual place
http://www.dnsstuff.com/tools/ip4r.ch?ip=85.10.195.197
and we aren't listed in any of the databases listed there.
I looked at the URL included in the bounce reply
http://help.yahoo.com/help/us/mail/defer/defer-02.html
This page talks about open proxies and relays which this server has
never been and I even check using a service they suggest on that page
http://rbls.org/?q=85.10.195.197
and it lists no problems either.
So I'm at a loss to say why yahoo is blocking it.
Also, to test it I just sent an email to someone with a yahoo account
from an account on lists.squeakfoundation.org and it went through
without any problem. So if yahoo is blocking something it is apparently
not the server as a whole.
I'm not sure where to go next.
Ken
On Wed, 2006-01-11 at 16:33 -0500, Ron Teitelbaum wrote:
> Here are the contents:
>
> Sorry, we were unable to deliver your message to the following address.
>
> <afunkyobject at yahoo.com>:
> Remote host said: 553 Mail to/from
> "cryptography-bounces at lists.squeakfoundation.org" not allowed - VS99-IP1
> deferred - see help.yahoo.com/help/us/mail/defer/defer-02.html (#5.7.1) [10]
> [MAIL_FROM]
>
> --- Below this line is a copy of the message.
>
> Received: from [66.218.69.6] by n26.bullet.scd.yahoo.com with NNFMP; 11 Jan
> 2006 18:59:08 -0000
> Date: 11 Jan 2006 10:59:08 -0800
> X-yahoo-newman-property: wss
> X-yahoo-newman-id: null
> Received: from [66.218.85.37] by t6.bullet.scd.yahoo.com with SMTP; 11 Jan
> 2006 18:59:08 -0000
> Received: from milter9.wss.scd.yahoo.com (66.218.85.31) by
> mta6.wss.scd.yahoo.com (7.0.042)
> id 42FD96680449FF16 for chris at funkyobjects.org; Wed, 11 Jan 2006
> 10:59:08 -0800
> Received: from box2.squeakfoundation.org (box2.squeakfoundation.org
> [85.10.195.197])
> by milter9.wss.scd.yahoo.com (8.13.1/8.13.1) with SMTP id
> k0BIvK7h057518
> for <chris at funkyobjects.org>; Wed, 11 Jan 2006 10:58:21 -0800 (PST)
> Date: Wed, 11 Jan 2006 10:57:20 -0800 (PST)
> Message-Id: <200601111858.k0BIvK7h057518 at milter9.wss.scd.yahoo.com>
> Received: (qmail 31486 invoked from network); 11 Jan 2006 18:57:20 +0000
> Received: from unknown (HELO box2.squeakfoundation.org) (127.0.0.1)
> by localhost with SMTP; 11 Jan 2006 18:57:20 +0000
> From: cryptography-request at lists.squeakfoundation.org
> Subject: Cryptography Digest, Vol 4, Issue 8
> To: cryptography at lists.squeakfoundation.org
> Reply-To: cryptography at lists.squeakfoundation.org
> MIME-Version: 1.0
> Content-Type: text/plain; charset="us-ascii"
> Content-Transfer-Encoding: 7bit
> X-BeenThere: cryptography at lists.squeakfoundation.org
> X-Mailman-Version: 2.1.5
> Precedence: list
> List-Id: Cryptography Team Development List
> <cryptography.lists.squeakfoundation.org>
> List-Unsubscribe:
> <http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography>,
>
> <mailto:cryptography-request at lists.squeakfoundation.org?subject=unsubscribe>
> List-Archive: <http://liststest.squeakfoundation.org/pipermail/cryptography>
> List-Post: <mailto:cryptography at lists.squeakfoundation.org>
> List-Help:
> <mailto:cryptography-request at lists.squeakfoundation.org?subject=help>
> List-Subscribe:
> <http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography>,
>
> <mailto:cryptography-request at lists.squeakfoundation.org?subject=subscribe>
> Sender: cryptography-bounces at lists.squeakfoundation.org
> Errors-To: cryptography-bounces at lists.squeakfoundation.org
> X-Originating-IP: [85.10.195.197]
>
> Send Cryptography mailing list submissions to
> cryptography at lists.squeakfoundation.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
>
> or, via email, send a message with subject or body 'help' to
> cryptography-request at lists.squeakfoundation.org
>
> You can reach the person managing the list at
> cryptography-owner at lists.squeakfoundation.org
>
> When replying, please edit your Subject line so it is more specific than
> "Re: Contents of Cryptography digest..."
>
>
> Today's Topics:
>
> 1. Re: Protecting Image (Cees De Groot)
> 2. Re: Re: KryptOn MakoEnvelope signedAndSealedFrom:to:object:
> (Tony Garnock-Jones)
> 3. Re: Re: KryptOn MakoEnvelope signedAndSealedFrom:to:object:
> (Cees De Groot)
> 4. RE: Squeak Cryptography Team Code CommercialAcceptance
> (Ron Teitelbaum)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 11 Jan 2006 19:31:20 +0100
> From: Cees De Groot <cdegroot at gmail.com>
> Subject: Re: [Cryptography Team] Protecting Image
> To: Ron at usmedrec.com, Cryptography Team Development List
> <cryptography at lists.squeakfoundation.org>
> Message-ID:
> <330b6fd60601111031i303da2d1g53450ee2f537badc at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On 1/11/06, Ron Teitelbaum <Ron at usmedrec.com> wrote:
> > I've been thinking though some of the problems with cryptography. I
> > have a question. How do we protect the image?
>
> Usually, the local machine is to be assumed secure (Trusted Computing Base).
> If someone subverts my machine, anything can happen from capturing
> keystrokes to advanced subliminal channel analysis.
>
> Which doesn't mean that you should do your best to minimize these effects -
> for example, I've been thinking of using methodwrappers or Aspect/S or
> similar to tag methods as "crypto methods", meaning which would trigger
> behaviour like on exit, all temps are erased
> (recursively?) before they are gc'd.
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 11 Jan 2006 18:35:23 +0000
> From: Tony Garnock-Jones <tonyg at lshift.net>
> Subject: Re: [Cryptography Team] Re: KryptOn MakoEnvelope
> signedAndSealedFrom:to:object:
> To: Cryptography Team Development List
> <cryptography at lists.squeakfoundation.org>
> Message-ID: <43C54FEB.9010304 at lshift.net>
> Content-Type: text/plain; charset=ISO-8859-1
>
> Cees De Groot wrote:
> > Err... recalling vaguely from memory - wasn't signing plaintext a big
> > no-no? There were some attacks on RSA that based on feeding a signer
> > plaintexts (or is my memory leaving me here?)...
>
> Are you perhaps thinking of the need for something like RSA-PSS?
>
>
> ------------------------------
>
> Message: 3
> Date: Wed, 11 Jan 2006 19:38:33 +0100
> From: Cees De Groot <cdegroot at gmail.com>
> Subject: Re: [Cryptography Team] Re: KryptOn MakoEnvelope
> signedAndSealedFrom:to:object:
> To: Cryptography Team Development List
> <cryptography at lists.squeakfoundation.org>
> Message-ID:
> <330b6fd60601111038k7c68c846qf7689e15fbddff1c at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> At the very least hash-then-sign, but RSA-PSS looks like the
> latest-and-greatest insight from the crypto community, so I wouldn't ignore
> it :)
>
> On 1/11/06, Tony Garnock-Jones <tonyg at lshift.net> wrote:
> > Cees De Groot wrote:
> > > Err... recalling vaguely from memory - wasn't signing plaintext a
> > > big no-no? There were some attacks on RSA that based on feeding a
> > > signer plaintexts (or is my memory leaving me here?)...
> >
> > Are you perhaps thinking of the need for something like RSA-PSS?
> > _______________________________________________
> > Cryptography mailing list
> > Cryptography at lists.squeakfoundation.org
> > http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptograph
> > y
> >
>
>
> ------------------------------
>
> Message: 4
> Date: Wed, 11 Jan 2006 13:57:14 -0500
> From: "Ron Teitelbaum" <Ron at USMedRec.com>
> Subject: RE: [Cryptography Team] Squeak Cryptography Team Code
> CommercialAcceptance
> To: "'Cryptography Team Development List'"
> <cryptography at lists.squeakfoundation.org>
> Message-ID:
>
> <!&!AAAAAAAAAAAYAAAAAAAAALn4DBa9j89Bkul53Jf1ky/CgAAAEAAAANG2X4+g4JNCs/qwFDyH
> YJEBAAAAAA==@USMedRec.com>
>
> Content-Type: text/plain; charset="us-ascii"
>
> I see that FIPS140-2 states that the certification is intended for
> sensitive, not classified information. Is it possible for us to be
> certified for classified information, or is that certification out of reach?
>
>
>
> Ron
>
> _____
>
> From: cryptography-bounces at lists.squeakfoundation.org
> [mailto:cryptography-bounces at lists.squeakfoundation.org] On Behalf Of Ron
> Teitelbaum
> Sent: Tuesday, January 10, 2006 6:35 PM
> To: 'Cryptography Team Development List'
> Subject: RE: [Cryptography Team] Squeak Cryptography Team Code
> CommercialAcceptance
>
>
>
> Matt,
>
>
>
> Thanks for the information, I will review the process. I would think we
> could come up with the money you suggested to get certified.
>
>
>
> So to update our goals:
>
>
>
> 5) Get external US Government certification of Security for external package
> and image components.
>
>
>
> Should be changed to:
>
>
>
> 5) Complete Cryptographic Module Validation Program (CMVP) through the
> OpenSSL Federal Information Processing Standard (FIPS) Certification
> Process.
>
> 5.1) Identify Experts in Group (recruit new members?)
>
> 5.2) Find repository and define structure for documentation.
>
> 5.3) Document current frameworks
>
> 5.4) Develop new designs, following design goals (tbd through
> open discussions) and document new framework.
>
> 5.5) Expert Design Review and Implementation recursively until
> code complete
>
> 5.6) Identify Team Leaders to walk our project through OpenSSL
> FIPS Cert Process
>
> 5.7) Raise Money for Cert Process
>
> 5.8) Complete Certification, Publicize results
>
> 5.9) Offer Reward for anyone that breaks code
>
> 5.10) Set up review committee that reviews implementations (for
> a fee) and helps others get certified using our code.
>
>
>
> Does anyone have any comments on the change?
>
>
>
> Ron Teitelbaum
>
> Squeak Cryptography Team Leader
>
> Ron at USMedRec.com
>
>
>
> _____
>
> From: cryptography-bounces at lists.squeakfoundation.org
> [mailto:cryptography-bounces at lists.squeakfoundation.org] On Behalf Of
> Matthew S. Hamrick
> Sent: Tuesday, January 10, 2006 4:22 PM
> To: Ron at USMedRec.com; Cryptography Team Development List
> Subject: Re: [Cryptography Team] Squeak Cryptography Team Code
> CommercialAcceptance
>
>
>
>
>
> On Jan 10, 2006, at 10:30 AM, Ron Teitelbaum wrote:
>
>
>
> Does anyone have a suggestion for how to certify our code?
>
>
>
> In general... when talking about Security, you want to have the design
> reviewed prior to having the code reviewed... but I guess we can be agile
> about it. Maybe the thing to do would be to document what we have in terms
> of architecture, find someone to do an independent review of the
> architecture, incorporate architecture changes recommended by the reviewer,
> then make code changes, then have the code reviewed.
>
>
>
> The word "certify" has a lot of different meanings to different people. If
> you're looking for FIPS certification, that's a long process... and it costs
> money. The OpenSSL FIPS certification process has been going on for at least
> a year or two with the bill being footed by OSSI, HP, DoD and a couple other
> people whose names escape me at the moment.
>
>
>
> The motivation there was that HP and DoD believed the certification was an
> investment... pay a little up front so they can benefit from the cost
> savings of using an open implementation of various crypto algorithms. The
> last time I was involved in a CMVP effort, the total bill to the independent
> lab was something on the order of about $12k US. With the recent devaluation
> of the US peso, I'm guessing it would probably run at least $18k US these
> days.
>
>
>
> I think it would
>
> be helpful if what we have done to prove our work (testing documentation
>
> ...), the qualifications of the person writing the code, and any reference.
>
> materials were all kept in a single place. It would be helpful as a
>
> reference for others, and some proof that may be needed before someone
>
> considers adoption. What do you all think?
>
>
>
> I definitely agree with this!
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://liststest.squeakfoundation.org/pipermail/cryptography/attachments/200
> 60111/c1f75402/attachment.html
>
> ------------------------------
>
> _______________________________________________
> Cryptography mailing list
> Cryptography at lists.squeakfoundation.org
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
>
>
> End of Cryptography Digest, Vol 4, Issue 8
> ******************************************
>
>
> > -----Original Message-----
> > From: Ken Causey [mailto:ken at kencausey.com]
> > Sent: Wednesday, January 11, 2006 4:18 PM
> > To: Ron at USMedRec.com
> > Subject: Re: Any chance you could fix this bounce?
> >
> > I can't read the attachment you sent. It is binary but there is no
> > indication of the file type. The file command seems to think it is a
> > Microsoft Office document but I can't get Open Office to recognize it.
> >
> > Ken
> >
> > On Wed, 2006-01-11 at 14:13 -0500, Ron Teitelbaum wrote:
> > >
> > > > -----Original Message-----
> > > > From: Ken Causey [mailto:ken at kencausey.com]
> > > > Sent: Monday, December 19, 2005 6:47 PM
> > > > To: Ron Teitelbaum
> > > > Subject: [Fwd: Unblock request 85.10.195.* [Incident: 051214-001487]]
> > > >
> > > > This should mean that any problems you were having receiving email
> > > > should be fixed now.
> > > >
> > > > Ken
> > > >
> > > Hey Ken,
> > >
> > > I looks like Yahoo refused our email, see attached. Is there any chance
> > you
> > > could help get this fixed with yahoo?
> > >
> > > Ron Teitelbaum
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.squeakfoundation.org/pipermail/box-admins/attachments/20060111/cf88b848/attachment.pgp
More information about the Box-admins
mailing list