Category Archives: Email

Link Exchange Spammers Are Back Again!

Posted on by
4

Well, the link spammers never really went away did they? Has anyone noticed a huge increase in the number of “link exchange” emails or is it that I’ve been added to a particularly busy spammer’s list? I just noticed that a few recent ones contained the text “emailsnomore(dot)com” so I’m going to add a gmail filter to delete any emails containing that domain. You probably should too.

Hi,

My name is Daisy Gibson, Web Marketing Consultant. Ive greatly enjoyed looking through your site ocaoimh.ie and I was wondering if you’d be interested in exchanging links with my website, which has a related subject. I can offer you a home page link back from my related websites all in google cache and backlinks which are:

shawntierney(dot)com PR4
collectiveunconsciousltd(dot)com PR3

If you are interested, please send me the following details of your site:

TITLE:
URL:

I’ll add your link as soon as possible, in the next 24 hours. As soon as it’s ready, I’ll send you a confirmation email along with the information (TITLE and URL) regarding my site to be placed at yours.

I hope you have a nice day and thank you for your time.

Kindest regards,

PLEASE NOTE THAT THIS IS NOT A SPAM OR AUTOMATED EMAIL, IT’S ONLY A REQUEST FOR A LINK EXCHANGE. YOUR EMAIL ADDRESS HAS NOT BEEN ADDED TO ANY LISTS, AND YOU WILL NOT BE CONTACTED AGAIN. IF YOU’D LIKE TO MAKE SURE WE DON’T CONTACT YOU AGAIN, PLEASE FILL IN THE FOLLOWING FORM: emailsnomore(dot)com ; PLEASE ACCEPT OUR APOLOGIES FOR CONTACTING YOU.

The worst targeted spam ever!

Posted on by
1

I honestly thought that spammers had gotten smarter about making sure their emails were taken seriously. Even the most geeky and anti-marketing of developers will realise that big red and bold text, center justified, looks like something out of the last century. I hope for the sake of their business that they put more effort into their backup service.

This email, which I received twice in the last week is just a joke. I would have immediately marked it as spam and forgotten about it but it mentioned WordPress and obviously my email address is on their list of WordPress bloggers. I wonder if they read my blog?

At least they didn’t CC everyone like an Irish guy did a few years back.

If you want me to look at your new service, write me a nice friendly email, address me by name, email me from your own email address, talk to me about something you’ve gleaned from my blog or my twitter stream so I at least think you’re a friendly individual and I may even check out your site.

Easy fix to unfreeze Thunderbird

Posted on by
2

If you use Thunderbird like I do you may have noticed that HTML emails cause it to freeze momentarily. For a long time I thought this was a side effect of a large mailbox file and large email size but nope, it has an official bug.

The problem is fixed in Thunderbird 3 which hasn’t been released yet but there’s a simple way to avoid the problem. Open your address book.

It appears that having your address book in memory helps Thunderbird to render HTML emails quickly. I don’t know why, and the bug has some interesting comments on why. It’s possibly related to the anti-phishing code in the email client.

If you don’t want to keep your address book open all the time install the Contacts Sidebar plugin. HTML emails now render instantly.

I’ve lived with this bug for years. It’s a huge relief to have it “fixed” now!

A pint of Guinness flavoured spam

Posted on by
5

It seems that someone signed me up for “Guinness Poker Nights” and Guinness, God bless their black hearts, saw that as an invitation to spam me in the future.

I don’t know how to play poker, I have no interest in it, I don’t like the taste of Guinness. Why didn’t Guinness ask me to confirm the invite? That would seem like the most polite thing to do. Who the hell is Conor Wiley? I bet he knows the other Donncha who told all his friends and colleagues that my gmail address was his address. I was CCed on a few very personal emails for a day or two going back a bit ..

Since that time I’ve received a couple of spam emails from Diageo, the owners of Guinness. The first one gave me a start. I wondered if Guinness had started spamming people, but then I had things to do and never investigated. Here’s the latest email from Guinness:

There is a “Privacy Policy” link but that brings you to this page where I’m asked for my location and date of birth. The form has to be filled out before reading the policy. *sigh*

The “unsubscribe” link goes to http://trc1.emv2.com/I?a=A9X7CquNqKyt8QHHs6FEYtzjJX which the redirects to www.diageobrandsunsubscribe.ie. Finally, I thought I was getting somewhere, but no. To stop them sending me more spam I must fill out my name, address and email, despite the fact that I clicked on an identifying URL in the email.

Thankfully, entering, Mr. Blah Blah of 131215 and my email address into the unsubscribe form worked. I hope.

Diageo – please learn from your mistake. You should confirm invitations and registrations by email, especially when you send out marketing material.
Here’s what the Data Protection Commission says about spam. I certainly didn’t opt-in anywhere to be spammed. What do I do next?

Oh wow! Bon Jovi LIVE!

Posted on by
1

Oh yeah baby! Bon Jovi are playing live at the Punchestown Racecourse on Saturday 7th June, 2008! I can’t wait! I’m so going there! Thank you MCD for spamming me! Bloody idiots.

Anyway, why spend an outrageous €76.50 when I can sit here cocooned in my nice little office away from those horrid fans and watch the videos on Youtube? Ain’t the Internet great?

Tongue firmly planted in cheek.. except the bit about MCD spamming me.

Will Monster.ie get away with spamming?

Posted on by
5

Oh dear. Monster.ie is the latest company to spam bloggers. Both Michele and Tom were spammed as part of an email campaign targeting it@Cork members. Monster harvested the emails from a members list on the it@Cork website which has since been removed.

Stewart Photo Supplies spammed a large number of photography related email addresses a few weeks back, but then they apologised which is great. Unfortunately someone from a Monster IP address left defensive and abusive comments so I don’t think an apology will be forthcoming.

Damien has dugg the post so give it a digg if you can! Tom has a new post including a voicemail he received from Monster threatening legal action. That’s bad, really bad.

Just say sorry John, it’ll help (a small bit).

The legislation surrounding this kind of behaviour is very clear, data can only be used for the purposes for which it is obtained. We in it@cork were obviously naive in publishing the members directory (since taken offline) but that doesn’t confer on anyone permission to harvest that address list and spam them.

The Irish Data protection Commissioner takes a very dim view of this and has the power to levy fines of up to €3,000 per address spammed (so potentially €570,000 in this case).

Update! Monster apologised and Tom has the email.

gmail: no third-party DSNs

Posted on by
6

Be careful if you forward email to a gmail account. Gmail doesn’t like receiving mail delivery status notices or reports. This server filled up overnight with tens of thousands of email reports bouncing back and forth between it and gmail. If you emailed me in the last 24 hours and I haven’t replied, I may not have received it (yet).

postfix/cleanup[12107]: 9FE58326C1: reject: header Content-Type: multipart/report; report-type=delivery-status;??boundary=”A507733AD3.1188834275/mail.ocaoimh.ie” from local; from=<donncha_@_ocaoimh.ie> to=<xxxx@gmail.com>: no third-party DSNs

I really haven’t had any luck with email recently …

How I fixed everything

  • First of all I disabled the forward to my gmail accounts by moving .procmailrc out of the way.
  • Then I deleted a lot of log files to make more breathing space for everything and watched the mail spool into my mail file.
  • That was taking too long so I shutdown Postfix and went into /var/spool/postfix/ and into the active, incoming and maildrop folders where I moved every file with the string “Undelivered Mail Returned to Sender” out of the way:

    for i in `grep "Undelivered Mail Returned to Sender" * -rl`; do mv $i /tmp/xxx/ -vi; done

  • After restoring the .procmailrc, I restarted Postfix and lots of legitimate email started flowing again!
  • I added the following recipe to my .procmailrc which I hope will stop bounced messages getting to Google:

    :0:
    * ^Subject: Undelivered Mail Returned to Sender
    POSTMASTER.txt

What caused the problem in the first place? A bounced email from Yahoo. Someone left a comment with a fake email address, subscribed to the post and when another comment was left on that post the subscription email bounced. It’s worked before fine so I’m not sure why Google are complaining now! Over 2GB of bounced mail. My poor server.

Update! It happened again but I stopped Postfix at 9.5MB free on the filesystem and this time I found out what went wrong. I implemented these Postfix rules Justin blogged about without running Spamassassin. Well, I used to run SA but then when I started using Gmail I stopped, which is probably why I didn’t see this earlier. Not Justin’s fault, my own for playing with fire!

Why not let Google filter your spam?

Posted on by
11

I’ve been running Spamassassin and Postgrey on my mail server for the past few months. It was only since the server was upgraded that I had enough juice to run the very intensive SA processes (even using spamd), but still on occasion the server would grind to a stop when a particularly nasty Rumpelstiltskin attack was underway.

So, last week I met Mark for a coffee and he showed me his Nokia N90 (or N80, I can’t remember) and the gmail app that was installed on it. He collects his gmail email on his phone, after it’s filtered for spam, and what with the cost of GPRS data, that’s quite a saving. I don’t intend reading my email on my phone (I hate my W810i anyway), but he did give me the idea of sending my email through Google and then popping it off into Thunderbird!

googlespam.gif

Now, I have a simple .forward to send on my email. I was able to shut down Postgrey and Spamassassin and email is delivered quickly and with few false positives or spams getting through. When I think of it, I can use the web interface to check what’s due to come down the line. You also get the added bonus of encrypted pop3 data, useful when you’re at a conference or simply on public wifi.

I’m sure everyone else has been doing this for ages and ages but hopefully this will inspire at least one person to follow suit and rid themselves of spam once and for all!

Postgrey – Postfix Greylisting Policy Server

Posted on by
5

Greylisting is an anti-spam and virus measure you can use on your mail servers. When a remote server connects for the first time it’s automatically disconnected and can’t connect for a set time limit (default is 5 minutes). If it’s a real mail server it should keep trying to deliver the mail but viruses and spam will more than likely be stopped cold.

Postgrey is a greylisting server for Postfix that Colm Buckley installed on the machine that runs linux.ie
On Debian, it’s as easy as apt-get install postgrey but then you have to configure Postfix to use it:
Edit /etc/postfix/main.cf and modify the line that starts with:
smtpd_client_restrictions = ...
and add inet:127.0.0.1:60000 to the end of it.
Now, you probably want to enable white listing of clients too so edit /etc/default/postgrey and change so it looks like this:
POSTGREY_OPTS="--inet=127.0.0.1:60000 --delay=300 --auto-whitelist-clients"
You might want to add the IP range for your local network to /etc/postgrey/whitelist_clients so they’re not greylisted:
/^192\.168\.1\..*/ does the job for my situation I think.
Now, restart Postfix and Postgrey and you should see the following message appear in /var/log/mail.info:
Client host rejected: Greylisted for 300 seconds (see http://isg.ee.ethz.ch/tools/postgrey/help)
If you don’t, it’s not working!
Much later… It’s been active for about 20 hours now and I’ve only received about 10 spams, down from well over 200 usually! The delay in delivery is annoying, but it’s something we can hopefully live with!