Home   Help Search Groups Login Register  
You are not logged in. To get the full experience of these forums, we recommend you log in or register
Plusnet Usergroup » All Users - The Open Forum » Plusnet Network and Technical Issues » Spam being recieved on Private e-mail addy
Pages: 1 ... 11 12 [13] 14 15 ... 20
  Print  
Author Topic: Spam being recieved on Private e-mail addy  (Read 162535 times)
Tam

Posts: 1188


100Mb via Enta.net :D

« Reply #180 on: May 16, 2007, 09:26:01 am »

We have to receive emails to postmaster. I'm getting a number of spams on this now. Could something be put in place to block emails to postmaster@... from external to Plusnet?
Now that is a really good idea.
Perhaps the same could be done for username@username

Problem with both the above is ..... you just know someone, somewhere, will use them as their proper e-mail address.

Either PlusNet will have to do an analysis of each users mailbox/history .. or... it would have to be done as an "opt-in" method.


jelv1

Posts: 2130

« Reply #181 on: May 16, 2007, 09:35:00 am »

I like that too. There is room for another "Options" tab in Manage My Mail where we could choose to turn things like this on and off.

I'd like another item in there, Tagged spam delivery, with the following options:

  • Deliver to normal mailboxes (default)
  • Deliver to this mailbox (with a dropdown to select the mailbox)
  • Deliver to IMAP Spam folder
  • Do not deliver (automatically delete)
« Last Edit: May 16, 2007, 09:36:51 am by jelv1 »

jelv
jelv1

Posts: 2130

« Reply #182 on: May 16, 2007, 09:35:55 am »

.. or... it would have to be done as an "opt-in" method.

I was already composing my Options suggestion when you posted!

jelv
XPC exiled in NZ

Posts: 1382

« Reply #183 on: May 16, 2007, 11:11:24 am »

I like that too. There is room for another "Options" tab in Manage My Mail where we could choose to turn things like this on and off.

I'd like another item in there, Tagged spam delivery, with the following options:

  • Deliver to normal mailboxes (default)
  • Deliver to this mailbox (with a dropdown to select the mailbox)
  • Deliver to IMAP Spam folder
  • Do not deliver (automatically delete)

This has been running through my mind for while too! Brilliant set of spam tagging options those.

I also like the other idea of having postmaster@ and username@ being able to reject mail from outside PN/F9 etc.

Problem with having it user operated from the portal is that it will take development time which means it might not be available for a long time to come. We kind of need that option immediately. Could they have an opt-in time of a week or so, and add everyone who opts in to a script which would make the change to all requested accounts in one go. (this at least might save poor CS staff having to do it manually on loads of accounts). Even better would an automated system that could detect genuine email use of these and leave them out, but run the script as opt out for everyone else.

WilliamG

Posts: 85

« Reply #184 on: May 16, 2007, 12:32:57 pm »

We have to receive emails to postmaster. I'm getting a number of spams on this now. Could something be put in place to block emails to postmaster@... from external to Plusnet?

Well, I for one still have some important emails addressed to my postmaster account from non-plusnet sources.

Simply blocking them would cause more problems than it solves.
jelv1

Posts: 2130

« Reply #185 on: May 16, 2007, 12:35:11 pm »

Which is why I suggested it should be an option that the user chose whether on not to switch on!

jelv
mikeb

Posts: 657


« Reply #186 on: May 16, 2007, 12:49:14 pm »

Oh come on Mr.PN, explain to me how e-mail addresses that most likely haven't been used in webmail have been harvested.  Simple question requiring a simple answer.  I'm still waiting - as no doubt are more than few other users.  And BTW, don't forget to add "holding data longer than necessary for the intended purpose", "holding data without explicit consent" and "holding data for no good reason whatsoever" to the list of breaches of the DPA angry  What a pity that ICO is such a toothless tiger that the worst that is likely to happen over this fiasco is a very light smacked botty and a plea not to do it again Sad

I don't much care about postmaster@ or My_Account@ because these WILL be consigned to the deepest blackest hole I can find REGARDLESS of the apparent requirement to accept mail to postmaster@ etc. but I want to know precisely WHY other named addresses were able to be got at so easily.

If PN expect users to guarantee to accept mail to a certain address then they should have taken a bit more care with it and not released it to everyone and their dog for dubious use.  It is entirely PN's problem as to how they resolve the issue. If I am now forced to change ALL of my e-mail addresses of the form Real_Name@My_Account.plus.com to something else and if absolutely everyone I have ever contacted (both personal and business) in the last ten years is expected to live with that change then so can PN.  They will need to come  up with a new name@ that they wish to use for official PN communications and advise me accordingly before updating all their records etc.

PN: You are hereby advised that postmaster@ and My_Account@ WILL BE BLACKHOLED just as soon as I cease to be interested in monitoring the traffic on these particular addresses - addresses that I personally do not use and have no requirement for. If you formally advise me of a new name@ you wish to use in the future then I will CONSIDER whether I am prepared to accept e-mail on that address and let you know accordingly.
« Last Edit: May 16, 2007, 12:51:14 pm by mikeb »

--
WARNING: The e-mail address on my profile is not my usual address, all messages sent via this site have been redirected elsewhere for test purposes. This could result in messages not being received in a timely manner or potentially not being received at all.
jelv1

Posts: 2130

« Reply #187 on: May 16, 2007, 12:51:37 pm »

PN have said that every email they have checked has been found somewhere in webmail.

Have you PM'd ones you suspect (as requested) for checking?

jelv
br1anstorm

Posts: 5

« Reply #188 on: May 16, 2007, 12:57:48 pm »

"I had hoped that PlusNet tech people would put out such advice, but requests from me and others on the Members forum seem to have been ignored.  Any sensible advice would be appreciated..."

Try this
http://bbs.adslguide.org.uk/showthreaded.php?Cat=&Board=plusnet&Number=3001934&page=0&view=expanded&sb=5&o=0&fpart=

This is just to say a public thankyou to RogN, and obliquely also to rsharma for his useful post on the linked forum.  Two people (and there are others...) who realise that giving practical advice to users on precautionary measures is just as important as investigating the original security breach.  I just wish the staff at PlusNet had grasped this point at the outset.

br1anstorm
mikeb

Posts: 657


« Reply #189 on: May 16, 2007, 01:16:15 pm »

PN have said that every email they have checked has been found somewhere in webmail.

Have you PM'd ones you suspect (as requested) for checking?

Not quite what they said:

Quote
It is possible that your email address may have existed in the Webmail database even if you had not used the Webmail service yourself.

but I do know what you mean and yes, I have supplied addresses I believe may not have ever been used and if they have, certainly not in recent years.  postmaster@ and My_Account@ obviously haven't ever been used (by me) at all yet it is perfectly clear that these have been got at.  I only have one (basically unused) mbox that isn't now getting spammed but I can absolutely 100% guarantee that has never been used in webmail in any way at any time.

I logged into my old F9 A/C webmail just out of curiosity and was informed that was my first login yet I am getting this recent stuff there also. If I were to login to my PN webmail then I expect it would also show that was my first login there as well - but primarily because webmail has been changed several times since I last might have used it of course.  I most certainly haven't ever used webmail regularly or in anger just maybe for a quicky looky see nothing much else.  I dislike webmail because I consider it potentially unsafe so always choose to use dialup via landline/mobile and access POP3 in the normal way wherever in the world I might be if I need to check mail.

I can only imagine that PN must have retained addresses used to login to webmail from donkey's years ago despite upgrading the webmail system several times since.  I am also well p*$$ed off that when I did look at my F9 webmail it helpfully quotes my full name (as registered with PN rather than as used as part of my e-mail address) as well as my default e-mail address for all those b*ggers who have potentially accessed it and might find it useful. 
« Last Edit: May 16, 2007, 01:41:39 pm by mikeb »

--
WARNING: The e-mail address on my profile is not my usual address, all messages sent via this site have been redirected elsewhere for test purposes. This could result in messages not being received in a timely manner or potentially not being received at all.
NB
Usergroup Member

Posts: 2073

« Reply #190 on: May 16, 2007, 01:30:00 pm »

I like that too. There is room for another "Options" tab in Manage My Mail where we could choose to turn things like this on and off.

I'd like another item in there, Tagged spam delivery, with the following options:

  • Deliver to normal mailboxes (default)
  • Deliver to this mailbox (with a dropdown to select the mailbox)
  • Deliver to IMAP Spam folder
  • Do not deliver (automatically delete)


Now if accounts had something like the cPanel admin feature my external hosting uses, this and more would be more than possible.  With it you can activate spam filtering and use whitelists/blacklists and also decide how you want to handle e-mail depending on it's probable spam score.  You can have spam marked and delivered, marked and sent to a different mailbox, or deleted.  There are two rankings so you can deal with e-mail that has a very high probability of being spam by deleting it and medium scored mails by sending to a mailbox for review later and low scored e-mail being delivered.

So there is no reason something similar can't be done at Plusnet.
XPC exiled in NZ

Posts: 1382

« Reply #191 on: May 16, 2007, 01:35:38 pm »

mikeb

It doesn't have to have been you that used the Webmail system. A PN Customer Services rep replying to you from home might have sent you an email from the Webmail system, which would have put your address in the system, or another F9/PN customer could have done the same. If you think there have been (or are ongoing) further breaches of security beyond the known @Mail breach, then PN will want to know about this urgently.

Please PM your suspected addresses to Bob who will check them against their records, this is important for F9/PN to be able to reassure the customers and confirm they've cracked it. I have done this too as I have two addresses that I don't think have been in Webmail. I am waiting to hear back from Bob.
mikeb

Posts: 657


« Reply #192 on: May 16, 2007, 01:45:14 pm »

I already have done but I suspect that the 'connection' with webmail is that I might well have logged into webmail years ago and although I almost certainly did nothing else except look around, those records have been retained as part of the current webmail database Sad  I'm about as close as it's possible to get to 100% certain that I haven't received mail from another user via webmail because I don't actually know that many other users who could possibly have done so.  It must be PN retaining ye olde data that's the problem for me and that *really* p*$$es me right off !!

Edited to add: The other possibility is that mail from PN (i.e. ticket update advices, mbox creation advices and so on) may be classed as webmail activities  undecided
« Last Edit: May 16, 2007, 01:57:50 pm by mikeb »

--
WARNING: The e-mail address on my profile is not my usual address, all messages sent via this site have been redirected elsewhere for test purposes. This could result in messages not being received in a timely manner or potentially not being received at all.
jelv1

Posts: 2130

« Reply #193 on: May 16, 2007, 02:04:12 pm »

I think just poking around will have been enough sad

Edit: Ticket responses etc. are not webmail. But if a support person sent you a normal email, that could be webmail.

jelv
RonSlicker

Posts: 165

« Reply #194 on: May 16, 2007, 03:01:21 pm »

http://www.spamcop.net/ works a treat for me! Separates the wheat from the chaff very effectively and reports the offender to the relevant abuse@.

Incidentally, someone earlier (jelv1?) was asking about spam containing a reference to Photoshop. Spamcop tracked this down as follows;;

221.217.39.152 not listed in dnsbl.njabl.org
221.217.39.152 not listed in dnsbl.njabl.org
221.217.39.152 not listed in cbl.abuseat.org
221.217.39.152 listed in dnsbl.sorbs.net ( 127.0.0.6 )

..  and reported to cnc-noc.net and sprint.net. (which is CHINA169 BBN CNCGROUP IP network°™China169 Beijing Broadband Network).



« Last Edit: May 16, 2007, 03:05:26 pm by RonSlicker »
Pages: 1 ... 11 12 [13] 14 15 ... 20
  Print  
 
Jump to: