Home   Help Search Groups Login Register  
You are not logged in. To get the full experience of these forums, we recommend you log in or register
Plusnet Usergroup » All Users - The Open Forum » Plusnet Network and Technical Issues » Spam being recieved on Private e-mail addy
Pages: 1 ... 9 10 [11] 12 13 ... 20
  Print  
Author Topic: Spam being recieved on Private e-mail addy  (Read 162995 times)
Tam

Posts: 1188


100Mb via Enta.net :D

« Reply #150 on: May 15, 2007, 08:43:04 pm »


Tam, Have I understood you right?

Spot on mate.... everything delivered to that box will have to be spam sourced from this breach, so lets play the spammers at their own game and try to block their bots as soon as they start sending, should help decrease the ammount of spam that gets through to mailboxes that people still want to use, and will certainly reduce the ammount of available non-spam listed bots a lot smaller Smiley

kitz

Posts: 4323

WWW
« Reply #151 on: May 15, 2007, 09:07:49 pm »

Quote
The password you entered was not valid. Your password must begin with a letter and contain only lowercase letters and/or numbers. It must be between 5 and 8 characters in length.

Not happy about this either - Ive just tried to change my passy and came across the same thing. 
Since when did the password have to have lowercase letters?  Why cant it begin with any character?

8 maximum chars?  /me rolls eyes

So users are supposed to change existing passwords to what could be a far less secure password!! Ridiculous!
Its laughable that my old passy wouldnt now be acceptable because of these silly rules.

* kitz goes to start a new thread on this topic, so as not to take this one OT.

Dont forget the Geeks!
kitz 2005
jelv1

Posts: 2130

« Reply #152 on: May 15, 2007, 09:11:07 pm »

I'm still seeing posts from people who are saying that they've not used webmail. Could this be addressed by extracting from webmail a complete database of the email addresses that could have been harvested and sending each user a list of their compromised addresses? I think on my own account there are 20 addresses affected. I would appreciate confirmation that I've got the list right.

jelv
NB
Usergroup Member

Posts: 2073

« Reply #153 on: May 15, 2007, 09:37:44 pm »

Quote
The password you entered was not valid. Your password must begin with a letter and contain only lowercase letters and/or numbers. It must be between 5 and 8 characters in length.

Not happy about this either - Ive just tried to change my passy and came across the same thing. 
Since when did the password have to have lowercase letters?  Why cant it begin with any character?

8 maximum chars?  /me rolls eyes

So users are supposed to change existing passwords to what could be a far less secure password!! Ridiculous!
Its laughable that my old passy wouldnt now be acceptable because of these silly rules.


Everyone should pop over to PUGIT and vote for better passwords. Linky
godsell4

Posts: 397

« Reply #154 on: May 15, 2007, 09:45:11 pm »


Can a postini type of feature now be added to PUGIT ... we really should NOT have to DOWNLAOD these messages in the first place.

SW/

BBYW1/10GB
jelv1

Posts: 2130

« Reply #155 on: May 15, 2007, 09:49:56 pm »

Could you explain how postini works for people who only use pop3 please.

jelv
godsell4

Posts: 397

« Reply #156 on: May 15, 2007, 09:53:03 pm »


I'll start a new thread for this ... Smiley

SW.

BBYW1/10GB
LC100

Posts: 283

« Reply #157 on: May 15, 2007, 09:56:00 pm »

Hi

Quote
Not happy about this either - Ive just tried to change my passy and came across the same thing.
Since when did the password have to have lowercase letters?  Why cant it begin with any character?

In my experience this sort of restriction is normally because the passwords are stored in the  database using a very week scrambling method, i.e. ASCII code shifted, which causes problems when you try and use higher ASCII codes that have no where to be shifted to, hence the use of only a-z and 0-9.

Passwords should be stored using a one way hash so they can't be reversed to reveal the password, this means should the database be compromised the passwords retrieved can not be used to log into the system.

Please tell us PlusNet that you are not using some weak ASCII shifting method of storing passwords in 2007?

Having to start a password with a letter, and with it having to be 5 to 8 characters long makes a dictionary attack easier and as you are not forced to use a number most people will not, so it wouldn't take an impossible amount of time to cycle through the possible combinations of words that are 5 to 8 letters long.  Very insecure and with these basics not even right, it isn't surprising that there are these security problems.  undecided

Edit: I see this has already been flagged in the puggit item.

« Last Edit: May 15, 2007, 09:59:54 pm by LC100 »
selimap

Posts: 1

« Reply #158 on: May 15, 2007, 10:20:21 pm »

This is a total nightmare. Having set up many dozens of distinct email addresses (all passed through to my main mailbox) so that I could close down any that are spammed, now ALL of them seem to be receiving spam, I am getting 70-80 per day and I guess it will increase.

I have read the service status announcement and I really despair

I may as well change to another ISP and start again. It will hurt, but can't really be any worse than the saga of one cock up after another. I am really disgusted at this security breach.

I lead a very busy and stressed life and  absolutely don't have time to deal with all the problems PlusNet causes me. angry
mikeb

Posts: 657


« Reply #159 on: May 15, 2007, 10:27:59 pm »

Damage done - and now we're paying the price.

NO.NO.NO.NO.NO. What you really mean is that as per bl**dy usual, your customers are paying the price for your inability to run anything close to a tight ship or act in any way responsibly even when you KNOW there is a potential nightmare on the horizon for your customers.  As per usual the attitude stinks.  As per usual I have a certain amount of sympathy because I am not naive enough to believe that things don't sometimes go wrong no matter how much effort is put in avoid potential problems but as per usual, that sympathy will quickly evaporate when it no doubt becomes perfectly clear that no testing, QC or service monitoring was effectively put in place before/during/after changes were implemented.

Plus, what value is a password to a spammer anyway?  Even if they did manage to overlook any, it's highly unlikely (in my personal opinion) that they'll keep them. 

Oh right, of course, an account password is of no benefit to anyone at all which is why we all try to use secure and non-guessable ones then. I mean, it's not like someone could use them to log in to your account and make full use of your account without you necessarily being aware of it is it !  So no problems at all there then. No one would be in any way interested in account passwords and the potential for getting at more personal information or making relatively free use of the PN servers or generally being a right old PITA then.

All the following "quotes" are paraphrased from the current service.status announcement:

"We take your security seriously" Yeah right!, you just *know* whenever that old chestnut gets trotted out by absolutely anyone that it means a really big problem is a'coming.

"We became aware on 9th May"  Oh great, thanks for letting everyone know in a timely manner and thanks for keeping an eye on things immediately after that so you were able to spot the problems starting long before your customers did.

"as a result of the attack we are contacting"  And it took from 9th May until sometime today(ish) to start contacting customers who might be affected ?  Wow! I can tell PN are really taking things seriously and acting swiftly to control the potential damage then.

"A small number of customers" Oh, yes, of course, it's always a small number of customers isn't it.  It's just pure coincidence that more often than not I seem to be one of them.

"your email address may have existed in the Webmail database even if you had not used webmail" WTF is that all about !!!  I have always declined to make any serious use of any webmail system offered by PN for the very reason that it could well result in the kind of problem that has happened. Why could my addresses have been in the database and left me totally exposed to PN's gross stupidity ?  IF I have ever used some or all of my affected addresses to log in to webmail (not necessarily to actually send anything) it would most likely have been several years ago at least yet I am receiving a bucketload of [Censored] on virtually all my private and/or carefully distributed addresses that previously had none at all - including to 'postmaster@' and 'my_account_name@' which are both PN published address forms that I would never actually use myself.  What it sounds like to me is that ALL addresses that either have or could be used have been made available to this mystery third party so nothing is particularly 'safe' whether you have used webmail in anger or not.

So, exactly how long ago would you had to have used webmail in some limited way in order NOT to have had ALL your valid e-mail addresses harvested ?  If I had any confidence that using webmail right now wouldn't compound the problems I am having or about to have, I would log in to find out if/when I last used the system as per someone's comments about logging in 'advanced mode' earlier.
« Last Edit: May 15, 2007, 10:53:41 pm by mikeb »

--
WARNING: The e-mail address on my profile is not my usual address, all messages sent via this site have been redirected elsewhere for test purposes. This could result in messages not being received in a timely manner or potentially not being received at all.
jelv1

Posts: 2130

« Reply #160 on: May 15, 2007, 11:05:10 pm »

"We became aware on 9th May"  Oh great, thanks for letting everyone know in a timely manner and thanks for keeping an eye on things immediately after that so you were able to spot the problems starting long before your customers did.

"We became aware on 9th May" needs clarification. It should be "We were told on 5th May but didn't take any notice until 9th May".

jelv
godsell4

Posts: 397

« Reply #161 on: May 15, 2007, 11:11:50 pm »

... your customers are paying the price for your inability

Quite. Some of us have to great lengths to set up e-mail that is spam free, and now all that is gone for good.

Was a known exploit of @Mail used to harvest the addresses?

SW.

BBYW1/10GB
jelv1

Posts: 2130

« Reply #162 on: May 15, 2007, 11:18:25 pm »

Starting around 21:20 I've started seeing a new batch for Adobe photoshop - anyone else seeing this?

At least it's not the filth of last time!

jelv
petervaughan
Usergroup Member

Posts: 2512


« Reply #163 on: May 15, 2007, 11:24:32 pm »

yep
mikeb

Posts: 657


« Reply #164 on: May 15, 2007, 11:32:51 pm »

Yup, I got that to everywhere around the same time and another batch of the more explicit stuff between 16:00 and 17:00.

--
WARNING: The e-mail address on my profile is not my usual address, all messages sent via this site have been redirected elsewhere for test purposes. This could result in messages not being received in a timely manner or potentially not being received at all.
Pages: 1 ... 9 10 [11] 12 13 ... 20
  Print  
 
Jump to: