Spam

SPAM with Spoofed Sender

Computers, Security / By / / , / 2 minutes of reading

Recently, I’ve started getting more “bounced” or backscatter email returned to me, as if I was the sender… These messages are SPAM, and are not sent from my account, not from my domain, and not from my hosting service. Someone is generating email messages and forging or spoofing the sender address to make it look like it was sent from another account. It is really simple to do this, but it is also easy to block it. There are several systems like Sender Policy Framework (SPF) and Yahoo’s DomainKeys Identified Mail, or the DMARC system, that can validate that email messages were sent from an approved email server or gateway. They use a specially formatted text record in the domain’s Domain Name Service (DNS) records to identify the correct originating server. If an email with a spoofed sender is sent from an unauthorized email system it can be rejected. So, if you have found my site because you think that I have sent you SPAM or are trying to extort you for a BitCoin payment, please recognize that it didn’t actually come from me… Your email client should have an option to show you the entire message header, and you should be able to see that the email actually came from someone else, likely in another country. We need to continue to press our internet service providers to leverage the spectrum of anti-spam tools, including things like SpamHaus DNSBL, SPF, DKIM or DMARC, as well as offering filtering tools like […]

SPAM with Spoofed Sender Read More »

I hate SPAM, and GoDaddy is Useless!

Computers, Hosting, Security, Websites / By / / , / 8 minutes of reading

After the debacle with my CenturyLink DSL last summer, I had to make a quick decision on alternatives to hosting my own domain, email and web. I ended up being off the network for two weeks when CenturyLink couldn’t figure out how to restore my DSL server when they did an upgrade that I had already cancelled. Many years ago, I used a domain-hosting service called DomainDiscover that registered my domains and DNS, redirected web requests inside of a frame, and relayed email from a virtual domain to my ISP account. After I started running Apple’s OS X Server, though, I realized that I could provide most of those services myself, on my own home server. My ISP, NeTrack, who was later acquired by Indra’s Net, provided a static IP address, so hosting my own domain was fairly straight-forward. Once I started running my own services locally, I decided that it wasn’t necessary to be paying DomainDiscover for the other services that I wasn’t using any longer. All I really needed was a domain registrar. Checking on pricing, it seemed that GoDaddy was about the least expensive, and while nobody had a great customer service record, GoDaddy was large and established, so I transferred my domain registrations to them. So, when my DSL was down for an extended period of time, I did some quick checking, and discovered that GoDaddy had recently started using CPanel virtual Linux hosting, and had hosting plans on sale for half-price, so it was only about $5/month, as I

I hate SPAM, and GoDaddy is Useless! Read More »

Y2K10 Bug

Computers, Macintosh / By / / , , , , , , / 1 minute of reading

Since the beginning of the year, I’ve noticed that I had started to catch good email in my Mac OS X Server’s email spam filter. It was odd, since it generally works quite well, and rarely catches any “false positives.” This morning at my office, one of the guys I work with was having to patch one of our systems because of a “Y2K10 bug” where the date isn’t interpreted correctly. Later, I noticed on Slashdot there was a story about the Y2K10 bug affecting a large number of systems around the world. I did a quick search for Spamassassin, and found that it was suffering from a bug in a date rule! Apple has a technical note on the issue: Mac OS X Server v10.5 and 10.6 use SpamAssassin to filter “spam” from inbound messages; SpamAssassin includes a rule that increases the spam score for any inbound message sent on or after January 1, 2010. This increased score may cause some inbound messages sent on or after January 1, 2010 to be inadvertently filtered as spam. There is an updated spamassassin rule that fixes the problem as well. Run the command: sudo sa-update –nogpg to apply the new rule. The –nogpg flag is needed for OS X Server since it doesn’t have GPG installed by default.

Y2K10 Bug Read More »

Updates and Desktop Pictures

Computers, Photography, Websites / By / / , / 1 minute of reading

I’ve come to the realization that spammers have used a web crawler to harvest email addresses from my website, so I’ve removed all of the email links, including the pages for Friends and Family. I will clean up those pages and link them back in as soon as I have time. At a recent MacinTech officers meeting, we had a brief discussion about “Desktop Pictures” (that would be “Wallpaper” if you are PC-inclined). I decided that I would post some of mine as samples. These are some of the pictures that I’ve taken over the past couple of years that I use as desktop backgrounds.

Updates and Desktop Pictures Read More »

Scroll to Top