From owner-freebsd-questions@freebsd.org Thu Mar 23 18:14:41 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 14F31D1A77B for ; Thu, 23 Mar 2017 18:14:41 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from douhisi.pair.com (douhisi.pair.com [209.68.5.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id EC6061CCF for ; Thu, 23 Mar 2017 18:14:40 +0000 (UTC) (envelope-from quartz@sneakertech.com) Received: from [192.168.0.1] (pool-72-74-34-8.bstnma.fios.verizon.net [72.74.34.8]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by douhisi.pair.com (Postfix) with ESMTPSA id 406263F558 for ; Thu, 23 Mar 2017 14:14:39 -0400 (EDT) Message-ID: <58D4108E.9080802@sneakertech.com> Date: Thu, 23 Mar 2017 14:14:38 -0400 From: Quartz MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Can anyone see my posts to these lists? References: <58D40146.90204@sneakertech.com> <248f7494-8312-a55d-5110-ae246b9869f7@FreeBSD.org> In-Reply-To: <248f7494-8312-a55d-5110-ae246b9869f7@FreeBSD.org> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Mar 2017 18:14:41 -0000 OK, thanks for responding everyone. Between this and my recent issues with people at the local university not responding to me I've been paranoid that my mail is being blocked somehow. > I think the lack of answers is possibly due to people not really getting > what you're asking about. Yeah, I figured it was probably too technical for -questions which is why I tried asking -net first, but two messages over a week and so far nothing. >If you know you need multicast then > you will want to add appropriate filter rules. If you don't know you > need it, then you probably don't need to worry about it. Security is the major concern in this instance. I'd like to lock things down as much as possible and suppress malicious/rogue software, but without "breaking the internet" by stopping clients from watching streaming video and such. For example, we don't connect through carrier-grade-NAT, but it's unclear to me if that means it's safe to block the 100.64.0.0 range or if that will prevent us from obtaining an external address initially. > As for 6to4 traffic: don't bother with 6to4 locally unless you have a > specific problem to solve. The 192.88.99.0 range is designated as 6to4 relay lookup. I'm not sure exactly what this does, but since our external connection doesn't yet support ipv6 I'm also not sure if we would use this or under what circumstances (and therefore if it's safe to block or not). If -net isn't responding and this is out of the scope of -questions, can you suggest another mailing list or web forum somewhere where I might be able to find help?