Discuss

discuss@lists.surbl.org

1862 discussions

RE: [SURBL-Discuss] Re: SP91011 your recent report to eBay's Trus tand Safety Department (KMM157050156V37604L0KM)
by Chris Santerre 04 Mar '05

04 Mar '05

> >Isn't there a way for SURBL to detect these encoded redirect >destination >URLs and check those (without the prepended redirector)? > umm.....sort of. We have some beta research tools that do that, but nothing in the live code. --Chris

2 1

RE: [SURBL-Discuss] Re: SP91011 your recent report to eBay's Trustand Safety Department (KMM157050156V37604L0KM)
by Matthew Wilson 04 Mar '05

04 Mar '05

Isn't there a way for SURBL to detect these encoded redirect destination URLs and check those (without the prepended redirector)?

2 1

Re: SP91011 your recent report to eBay's Trust and Safety Department (KMM157050156V37604L0KM)
by Kevin A. McGrail 04 Mar '05

04 Mar '05

Dear eBay: Wow, your form letter has changed my mind. Your security is perfect. Your commitment to security is stellar. Running an open redirector is a great idea. Sorry I didn't see the light earlier. However, on a new topic, I was shocked and dismayed that eBay is allowing and assumingly SUPPORTING pornography to be distributed through your website. Does this include child pornography or is that only in Europe and places where the age of consent for pornography is under 18? Please advise based on the following link from eBay --WARNING: The following pages contains naked photos: http://cgi4.ebay.com/ws/eBayISAPI.dll?MfcISAPICommand=RedirectToDomain&Doma… What is the meaning of this? eBay is facilitating porn now? OK, now that I have your attention maybe this extreme last resort will ACTUALLY get you to forward this to someone at your company with an understanding of phishing and security that is slightly higher than the Trust and Safety department? If not, I give up and wish you well in your support of the child pornography industry that your company is facilitating by turning a blind eye to glaring security issues. Sincerely, Kevin A. McGrail ----- Original Message ----- From: "eBay Customer Support" <rswebhelp(a)ebay.com> To: "Kevin A. McGrail" <kmcgrail(a)pccc.com> Sent: Saturday, February 26, 2005 12:06 PM Subject: RE: SP91011 your recent report to eBay's Trust and Safety Department (KMM157050156V37604L0KM) > Hello, > > Thank you for writing back. > > I truly apologize if you felt we were not concerned about the email you > received. We are aware of the potential for fraud that these emails > pose. > > Let me assure you that we do work actively and aggressively in > partnership with many agencies, ISP's, and law enforcement groups to > investigate these fraudulent entities. Please keep in mind that eBay is > a public company and not associated with any legislative or police > entity. We rely on the same agencies you do to pursue these fraudulent > activities. We are very much concerned about our member's safety, but we > cannot control the actions of those intent on committing fraud. > > If you have already received a spoofed email once, your email address > has already been harvested. Sadly, you may continue to receive spoofed > emails for some time as these groups migrate from ISP to ISP setting up > fraudulent sites or sending fraudulent emails. > > We advise you to be very cautious of all email messages that ask you to > submit information such as your credit card number or your email > password. eBay (and most other Internet companies) will never ask you > for sensitive personal information such as passwords, bank account or > credit card numbers, Personal Identification Numbers (PINs), or Social > Security numbers in an email. If you ever need to provide information to > eBay please open a new Web browser, type www.ebay.com, and click on the > "site map" link located at the top the page to access the eBay page you > need. > > To keep your eBay experience safe, we have set up a new tutorial about > Spoof Emails to educate our members spotting a fake email. To check it > out, please click on the help link located at the top of all eBay page. > Once the help window appears, click on the link to eBay's Security > Center. From the Security Center you will find a variety of safety > related links. On the right hand side you will see a link to "Protect > yourself from spoof emails". > > Help > Security Center > Protect yourself from spoof emails > > Once again, thank you for alerting us to the spoof email you received. > Your vigilance helps us ensure that eBay remains a safe and vibrant > online marketplace. > > > Regards, > > Marcel > eBay SafeHarbor > Investigations Team > ______________________________ > eBay Inc. > The World's Online Marketplace® > ******************************************* > > Important: eBay will not ask you for sensitive personal information > (such as your password, credit card and bank account numbers, Social > Security numbers, etc.) in an email. Learn more account protection tips > at: > > http://pages.ebay.com/help/confidence/isgw-account-theft-reporting.html > > _____________________________________________ > > For our latest announcements, please check: > > http://www2.ebay.com/aw/announce.shtml > _____________________________________________ > > In order to better serve you, we'd occasionally like to > request feedback on our service. If you would rather > not participate, please click on the link below and send > us an email with the word "REMOVE" in the subject line. > If that does not work, please send an email to the > email address below. Your request will be processed > within 5 days. > > mailto:cssremove@ebay.com > > ******************************************* >

8 22

RE: [SURBL-Discuss] Help for the Windows Guy!
by Jeff Baker 03 Mar '05

03 Mar '05

We use Exchange 2000 on our back-end server which is a Compaq DL380 w/4gb memory. Currently we use McAfee's Groupshield on this unit. I'm not sure on an external call from Ex 2000. What was your experience with spam before and after implementation of SA? -----Original Message----- From: discuss-bounces(a)lists.surbl.org [mailto:discuss-bounces@lists.surbl.org] On Behalf Of Fred Sent: Tuesday, March 01, 2005 5:34 PM To: SURBL Discussion list Subject: Re: [SURBL-Discuss] Help for the Windows Guy! I am one of the first to have jumped on this wagon, what type of mail server are you planning to install this in? Does it provide some way to tie in an external program? Each mail server is very different how they handle this, we used Vopmail and it provides what's called an "agent" which is a batch file you specify to be executed upon arrivial of mail. This works fine but you need to know how to program batch files... How you accomplish this depends on what your mail server allows you to do. It sure is easier setting up a freebsd box to run only e-mail and not have to worry about it for a long time! We haven't touched our mail servers except to upgrade our clamAV once a year. When I ran SA under Win32, I had to keep a close eye on things to make sure they didn't blow up and let me assure you THEY WILL! Frederic Tarasevicius Internet Information Services, Inc. http://www.i-is.com/ 810-794-4400 Jeff Baker wrote: > I want to implement SpamAssassin <http://spamassassin.apache.org/> 3 > but I am just a Windows guy. I use McAfee's Spamkiller 2.7 on their > e500 (linux) and it's just not doing the job. Someone please step me > through the process of where and what to place SpamAssassin on. I see > the wonderful reviews but this Windows guy knows nothing about linux. > > > > Thank anyone very much!!!! > > > > Jeff Baker > > Network Systems Administrator > > The Pantry, Inc. > > Sanford, NC 27330 > > jeff.baker(a)thepantry.com > > > > > > All outbound email messages have been scanned for viruses and content > with the e500 web appliance. > _______________________________________________ > Discuss mailing list > Discuss(a)lists.surbl.org > http://lists.surbl.org/mailman/listinfo/discuss _______________________________________________ Discuss mailing list Discuss(a)lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss This message has been scanned for viruses and content with the e500 web appliance. All outbound email messages have been scanned for viruses and content with the e500 web appliance.

4 3

Help for the Windows Guy!
by Jeff Baker 02 Mar '05

02 Mar '05

I want to implement SpamAssassin <http://spamassassin.apache.org/> 3 but I am just a Windows guy. I use McAfee's Spamkiller 2.7 on their e500 (linux) and it's just not doing the job. Someone please step me through the process of where and what to place SpamAssassin on. I see the wonderful reviews but this Windows guy knows nothing about linux. Thank anyone very much!!!! Jeff Baker Network Systems Administrator The Pantry, Inc. Sanford, NC 27330 jeff.baker(a)thepantry.com All outbound email messages have been scanned for viruses and content with the e500 web appliance.

5 4

RE: [SURBL-Discuss] Help for the Windows Guy!
by Joe Zitnik 02 Mar '05

02 Mar '05

Jeff, We use a product called Guinevere that has SA integration against GroupWise. The person who developed the app has written a how to on SA on Win32. I cna't promise anything, but maybe the attached link will help. http://www.openhandhome.com/howtosa300.html >>> jeff.baker(a)thepantry.com 03/02 8:42 AM >>> We use Exchange 2000 on our back-end server which is a Compaq DL380 w/4gb memory. Currently we use McAfee's Groupshield on this unit. I'm not sure on an external call from Ex 2000. What was your experience with spam before and after implementation of SA? -----Original Message----- From: discuss-bounces(a)lists.surbl.org [mailto:discuss-bounces@lists.surbl.org] On Behalf Of Fred Sent: Tuesday, March 01, 2005 5:34 PM To: SURBL Discussion list Subject: Re: [SURBL-Discuss] Help for the Windows Guy! I am one of the first to have jumped on this wagon, what type of mail server are you planning to install this in? Does it provide some way to tie in an external program? Each mail server is very different how they handle this, we used Vopmail and it provides what's called an "agent" which is a batch file you specify to be executed upon arrivial of mail. This works fine but you need to know how to program batch files... How you accomplish this depends on what your mail server allows you to do. It sure is easier setting up a freebsd box to run only e-mail and not have to worry about it for a long time! We haven't touched our mail servers except to upgrade our clamAV once a year. When I ran SA under Win32, I had to keep a close eye on things to make sure they didn't blow up and let me assure you THEY WILL! Frederic Tarasevicius Internet Information Services, Inc. http://www.i-is.com/ 810-794-4400 Jeff Baker wrote: > I want to implement SpamAssassin <http://spamassassin.apache.org/> 3 > but I am just a Windows guy. I use McAfee's Spamkiller 2.7 on their > e500 (linux) and it's just not doing the job. Someone please step me > through the process of where and what to place SpamAssassin on. I see > the wonderful reviews but this Windows guy knows nothing about linux. > > > > Thank anyone very much!!!! > > > > Jeff Baker > > Network Systems Administrator > > The Pantry, Inc. > > Sanford, NC 27330 > > jeff.baker(a)thepantry.com > > > > > > All outbound email messages have been scanned for viruses and content > with the e500 web appliance. > _______________________________________________ > Discuss mailing list > Discuss(a)lists.surbl.org > http://lists.surbl.org/mailman/listinfo/discuss _______________________________________________ Discuss mailing list Discuss(a)lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss This message has been scanned for viruses and content with the e500 web appliance. All outbound email messages have been scanned for viruses and content with the e500 web appliance. _______________________________________________ Discuss mailing list Discuss(a)lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss

1 0

Phishing reporting addresses
by Jeff Chan 02 Mar '05

02 Mar '05

Here are some addresses to report phishing to: postmaster@corp.mailsecurity.net.au,reportphishing@antiphishing.org, spam@uce.gov,spam@mailpolice.com,scams@fraudwatchinternational.com The mailsecurity and mailpolice ones feed into ph.surbl.org. Hopefully some of the other ones may also eventually. Cheers, Jeff C. -- "If it appears in hams, then don't list it."

1 0

RE: [SURBL-Discuss] Fw: Account Verification
by Chris Santerre 21 Feb '05

21 Feb '05

Let me know and we could forward Kevin's post to the SPAM-L list. That would create some preasure ;) --Chris (Top posting because of my stupid MUA!!!) > Thanks Kevin, > I'm asking around if anyone has contacts at eBay. I've heard back from some folks at eBay that they're now working on this issue. Jeff C.

1 0

linkshield(dot)com ?
by RD 21 Feb '05

21 Feb '05

Hello SURBL Team, Please review linkshield(dot)com. It's a URL cloaking service but no abuse policy, etc. It may have legit uses but their service may actually benefits spammers. Just wanted to get everyone's opinion :-) -RD

3 4

Blind CC's
by Doc Schneider 21 Feb '05

21 Feb '05

I'm asking here because I know some of you probably can figure this one out. My Wife owns raogk.org (Random Acts Of Genealogical Kindness) and has a person who is having e-mail issues. A bit of background. I designed the full backend of this site which once you figure out the country,state,county of where you're wanting information you click on the volunteers name and a form pops up which allows you to enter your name/e-mail and what you want this person to lookup. And once it is sent it sends you a BCC of what you asked. Anyway, this one person is using MSN. And is not getting his BCC's we've had him do a complete search through his Outlook Express for the subject of these. Nada. And we've had no complaints from anyone else using MSN, so doubt it is the issue. Could this person be running something like an e-mail filter which is eatting his BCCs? Any of you heard of this? We're not sure what is running on this persons computer, so unknown if or what could be causing this. I'm out of ideas. We have the headers from some test messages we had this person do. Funny thing is they're getting all the other @raogk.org e-mail. Please include the raogk-admin(a)raogk.org address if you reply. Thanks, -Doc

2 1

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss