Email

SPAM with Spoofed Sender

Computers, Security / By / / , / 2 minutes of reading

Recently, I’ve started getting more “bounced” or backscatter email returned to me, as if I was the sender… These messages are SPAM, and are not sent from my account, not from my domain, and not from my hosting service. Someone is generating email messages and forging or spoofing the sender address to make it look like it was sent from another account. It is really simple to do this, but it is also easy to block it. There are several systems like Sender Policy Framework (SPF) and Yahoo’s DomainKeys Identified Mail, or the DMARC system, that can validate that email messages were sent from an approved email server or gateway. They use a specially formatted text record in the domain’s Domain Name Service (DNS) records to identify the correct originating server. If an email with a spoofed sender is sent from an unauthorized email system it can be rejected. So, if you have found my site because you think that I have sent you SPAM or are trying to extort you for a BitCoin payment, please recognize that it didn’t actually come from me… Your email client should have an option to show you the entire message header, and you should be able to see that the email actually came from someone else, likely in another country. We need to continue to press our internet service providers to leverage the spectrum of anti-spam tools, including things like SpamHaus DNSBL, SPF, DKIM or DMARC, as well as offering filtering tools like […]

SPAM with Spoofed Sender Read More »

Y2K10 Bug

Computers, Macintosh / By / / , , , , , , / 1 minute of reading

Since the beginning of the year, I’ve noticed that I had started to catch good email in my Mac OS X Server’s email spam filter. It was odd, since it generally works quite well, and rarely catches any “false positives.” This morning at my office, one of the guys I work with was having to patch one of our systems because of a “Y2K10 bug” where the date isn’t interpreted correctly. Later, I noticed on Slashdot there was a story about the Y2K10 bug affecting a large number of systems around the world. I did a quick search for Spamassassin, and found that it was suffering from a bug in a date rule! Apple has a technical note on the issue: Mac OS X Server v10.5 and 10.6 use SpamAssassin to filter “spam” from inbound messages; SpamAssassin includes a rule that increases the spam score for any inbound message sent on or after January 1, 2010. This increased score may cause some inbound messages sent on or after January 1, 2010 to be inadvertently filtered as spam. There is an updated spamassassin rule that fixes the problem as well. Run the command: sudo sa-update –nogpg to apply the new rule. The –nogpg flag is needed for OS X Server since it doesn’t have GPG installed by default.

Y2K10 Bug Read More »

Scroll to Top