Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by lisati

  1. lisati

    Reporting problems today?

    "free" account here (but with a few $$$ thrown in via Paypal from time to time) - I've been seeing problems similar to those being described, e.g.
  2. lisati

    Fake or Real Virus Allert?

    My gut feeling is that your computer is probably OK, and that someone you've had email contact with has a computer that has caught something, e.g. malware. Good luck with your investigations.
  3. lisati

    Fake or Real Virus Allert?

    The text of the alert looks similar to the default bounce messages that amavis-new on my email server produces, so it's possibly a genuine alert. It could also be a form of backscatter: what if there's some malware somewhere which used bogus sender credentials that triggered the alert to the OP's email address instead of that belonging to someone with a compromised machine? Having said that, it probably wouldn't hurt to check your machine for something nasty.
  4. lisati

    Spooky Hyperlink in spam

    I'm wondering if a spambot is being used that randomises names slightly, based on replacing letters with similar letters or numbers, like you might see in a message that is being tinkered with in an effort to beat filters. As an aside, my name is rare where I live too, there's only two of us that I know of within something like 500km.
  5. lisati

    Yahoo stopped taking spam reports

    I would, if it wasn't for my expecting legitimate mail through their system. Too many people I know (including work) use an ISP that uses Yahoo to provide their email services.
  6. lisati

    Yahoo stopped taking spam reports

    A few years back, the ISP I use did the opposite, and went from using MSN as their email provided to Yahoo. This, together with the kind of dissatisfaction represented in this thread, was the main motivation behind me setting up my own email server, with people wither whitelisted or advised of a new email address as required. It wasn't too difficult to set up restrictions on incoming mail that has some kind of connection (real or imagined) with Yahoo's servers. Net result: a significant drop in the amount of spam that makes its way to my inbox, and Yahoo is left with more bounce messages to deliver. Wanting to shout "You stupid fools: it was your server that tried to deliver this rubbish" when faced with an automated response claiming "this didn't originate in our server" is another story.....
  7. lisati

    NetworkWorld article blasts Spamcop

    Definitley a "shmiel" who needs to take more responsibility than they have. Common netiquette & courtesy preclude me from using the colourful expressions than I have.....
  8. lisati

    Why Trusted?

    Frustration from reporting spam to Yahoo to subsequently have "nothing" happen is the exact reason I decided to set up my own email server: more control over what arrives in my inbox, including the option to reject unwanted mail during the SMTP dialogue.
  9. Whoops I just took another look, I should have said "issue 2", the one about the link to the forum. My bad.
  10. I can confirm that Issue 3 above seems to be happening for me too. I'm not 100% convinced that it's relevant, but I'm using Firefox 10.0.2 on a fully updated Ubuntu 11.04 with the "Gnome classic" desktop.
  11. lisati

    Blackhole Exploit Kit

    I've seen only two entries in my server's logs, both rejected with a 450, and not a peep from them since.
  12. lisati

    How to give impression my email is inactive

    I believe that "Incredimail" has an option to generate fake bounces as well.
  13. lisati

    How to give impression my email is inactive

    I have an idea of the kind of technique that is being referred to as "zz". If I have understood the suggestion properly, it is bad because it suffers from the same kind of problems as those described here: http://www.spamcop.net/fom-serve/cache/329.html
  14. lisati

    Spamcop report not accepted

    Don D: I've forwarded a copy as requested.
  15. I might have seen something somewhere in the FAQ, but can't remember at the moment, so I'll ask. Today I spotted this email in my inbox and I'm not quite sure about the appropriate action to take: The headers suggest that it came via Spamcop's system in response to this report: http://www.spamcop.net/mcgi?action=gettrac...rtid=5699616373
  16. lisati

    Are you blocking google???

    Sometimes it's a judgement call about what to reject outright and what to quarantine in a junk folder. What makes it to the junk folder can always be reviewed manually, reporting & adjusting ACLs as required. If there's a false postive, a quick review of the system logs will usually pick it up if your server isn't too busy. The dangers of sending out bounces when a rejection during the SMTP transaction is pretty well known these days, and I mention it in passing without further comment.
  17. lisati


    I think you can relax a bit now. When I checked not long ago at http://www.spamcop.net/w3m?action=blcheck&...p= it was showing this:
  18. From http://www.spamhaus.org/pbl/ :- Most of the DNSBLs my server consults usually provide some kind of link to the relevant DNSBL's lookup page. It's always a good idea to check the site belonging to the DNSBL used as the basis for rejecting a message, because each list has its own criteria for inclusion in a list and subsequent removal.
  19. lisati

    Strange spamming tactic

    Interesting to note that the parse spotted that is an open proxy and is also listed in cbl.abuseat.org
  20. lisati

    Are you blocking google???

    I can appreciate the frustration. I run my own private email server, which uses a combination of techniques to decide what to do with incoming mail. Finding a good balance between rejecting unwanted mail outright (with the risk of false positives), quarantining and/or tagging mail where something doesn't seem quite right, and letting through the rest (with the risk of false negatives) has its challenges.
  21. Posted in the lounge because this is more of a grumble than a support request. In the interests of expanding my horizons this morning and possibly learning something new, I was playing around with "postscreen" on my email server, which runs postfix v2.8. When I was checking the logs, I noticed that incoming notifications of spamcop reports I'd submitted were deferred by postscreen because of a listing on dnsbl.sorbs.net. This is addressed fairly easily by whitelisting Spamcop's servers at my end. My best guess at the moment is that someone who has received spamcop reports wasn't too happy about it. Another possible explanation, which I find slightly less plausible, is that they didn't understand what they were reading.
  22. I had to laugh. I went to reset my password at the sorbs site, and noticed this log entry on my system when checking to see if their email had arrived:
  23. lisati

    More than one way to verify

  24. lisati

    spam Count by Leak Path of Address

    Lately a lot of the spam I have been receiving has been directed to an email address I used to create a mailing list on Yahoo Groups. One or two that weren't blocked by my server and that I've taken the time to look at (duly reported)have been sent to a yahoo email address, with a Reply-to for a bogus address at my server.
  25. I saw a very similar report, possibly about the same organizations, a few months back. All I can say is this: D'oh!