Posts tagged Antispam
Outbound Email Spam is teh suck
Jul 23rd
No mispelling, just playing ‘new internet lingo’ game. Did I win?
Let’s get serious…
This week, multiple customer accounts were breached. Starting approximately 3 weeks ago, a phish was sent out that some of our customers responded to, giving out their account information.
We looked through our mail logs and found the users who had been phished and we changed their passwords.
Along the way, we either missed some users who were phished, or another phish was done that we did not detect.
On Monday, 2 accounts that had been phished at some time were used to send spam through our outbound email servers. By default, our outbound email servers require SASL authentication. The abusers authenticated to our servers, and over the next couple of hours, we were thoroughly abused, and our servers started slowing down. Not enough to trigger monitoring, though. Kudos for performance tuning, spankings for not noticing this until a customer told us.
On Wednesday, we got hit again, by a single account this time, and 18,640 connections later, our servers were again getting exercised.
All this preamble, what is it for, Mike?
I’ll tell you – on Monday our outbound mail servers got onto some of the anti-spam lists, including Yahoo, Hotmail, Comcast. We did what we could to remove the IPs of our servers from the lists, but Hotmail (in particular) has a 72 hour period for removal. Ah well. 72 hours does suck, but it is survivable.
Then came Wednesday…and another account was abused, putting us back on those same lists we just got off of, and while still on the Hotmail list, our 72 hours got reset. Oh that is frustrating.
When anti-spam companies … spam
Mar 26th
Oh HO! Look at what ended up in my mailbox today!
Now I know of a local ISP that uses this company for their anti-spam measures, but who would really use a company for their anti-spam service when they themselves send out unsolicited email (or spam as many people call it)?
It would be like purchasing anti-virus software that installs a trojan on your computer. For your own good of course.
I do hope that whatever I get in the delivery from FedEx is cool and (re)usable in some fashion. If I actually do receive something, which I am doubting…
Conspiracy Theory – maybe they collect email addresses from unsuspecting customers for later marketing to help them solve their problems with spam. Of course, we all hope that this could never be true, and I really doubt it is.
This was marketed through Pinpointe – who defines spam as something that is not CAN-SPAM compliant. As you can see in the screenshot I have included, this is CAN-SPAM compliant…wait, it isn’t. The subject line is misleading – there isn’t a FedEx shipment number included. Oops, guess this really is spam. Good job Red Condor and Pinpointe.
For full disclosure – I have never asked for this company to email or market to me.
EDIT: Received my ‘FedEx’ package today. In fact, I received 2 of them. They were through the US Postal Service. Not FedEx, not UPS, but general bulk USPS mail. Presorted Standard US Postage Paid was stamped in the upper right hand corner of the 2 envelopes. To add to the humor, it was addressed to me both as Mike and Michael (each), the voucher numbers were exactly the same on the cover sheet and the voucher itself. So, if I were to order online and use the voucher number (can that be done at RC? No idea), they just lost a marketing opportunity because there isn’t any uniqueness to their marketing output either. Bad bad RC.
And now, for your viewing pleasure…click to enlarge!
Exact email message sent from Red Condor
Postfix and antispam
Jul 15th
I had originally written this for my personal blog and reposting here with some updates.
Wow, there are a lot of bad documentation links out there on the interTRON.
For the $ayjob, I have been battling spam for quite some time and continue to look for new ways to put a stop to this abuse. The hard part? One persons spam is another persons legit email, it is so completely difficult to do something that makes everyone happy.
