Web-Based SMTP Server Monitoring

Web-based monitoring of SMTP email servers is normally conducted using one of two different approaches. The first uses a socket level connection to verify whether or not the target server is operational. The second more comprehensive method involves sending round-robin messages to your email system and its subcomponents. Depending on your needs, hardware, and company size both have validity and a rightful place. To determine what is best for your company, let’s examine both in more detail and the advantages and disadvantages of each.Socket connection is the most prevalent method used by web-based monitoring companies due to its simplicity. A DNS check is normally conducted, then a socket level connection to port 25 of your email server is attempted. If DNS is ok and SMTP port 25 handshaking occurs, the server is viewed as operational. If not, the appropriate notification methods are triggered. The socket connection method advantages are: speed, low bandwidth, and no agent or server changes are required. Because of its simplistic design, socket connection monitoring can be used to monitor SMTP servers your company does not own or manage. The disadvantage to this approach is accuracy. Just because DNS is operational and handshaking occurs, it does not mean the server or subcomponents are actually processing messages.

The second, less used, method involves a round-robin process that actually sends test messages to your email systems and waits for the message to be returned. As with the socket connection method, a DNS check is normally performed first. A test message is then sent by the monitoring company to your email system. The message travels through your gateways, any subcomponents such as antivirus and content/spam filters, through the firewall to the designated internal server. The internal server, based on a pre-established server-based rule, returns the message back to the monitoring company. If the message is received by the monitoring company within the preset time, 15 or 30 minutes for example, the email system and subcomponents are viewed as operational. If not, the appropriate notification methods are triggered.

If you are using Microsoft Outlook & Exchange, a server-based rule would look something like this: Apply this rule after the message arrives from EmailVerify@SiteRecon.com and with “Email Verification for” in the subject forward it to “Webmaster@SiteRecon.com

The advantage of this approach includes the ability to check the complete message process for failures. For example, a gateway checked using the socket connection method could be fully operational, yet a connected spam filtering appliance or antivirus process could be hung halting message processing. Depending on the monitoring company, the ability to include a specific type of attachment to the round-robin process is also available. Including an attachment such as the Eicar.Txt text pattern for example, permits subcomponents such as antivirus to be fully tested. The disadvantages to this approach are: increased processing by your servers as this testing method sends 96 messages per day using a 15 minute monitoring interval; creation of an email account to receive the test message; and establishment of a server based rule.

The diagram below outlines the process for both round-robin and socket connect monitoring methods.

Clearly, the round-robin method offers a more comprehensive testing process than the socket connection method. However, depending upon your needs both process have a rightful place in verifying your email systems are up and operational.

If you do not have the ability to establish server based rules, your only choice is to use monitoring based on the socket connection method. If you have the ability to establish rules, the round robin process offers a much more comprehensive testing method.

Socket connection type monitoring is offered by a wide range of companies and prices vary widely. Round-robin processing is offered by SiteRecon and Websitepulse and range from $11 to $29 per month depending on the monitoring frequency.

18/06/2009 Posted by mdsnetworks | Anti Spam Articles | dns check, email server, email servers, email system, email systems, gateways, handshaking, internal server, low bandwidth, notification methods, preset time, prevalent method, server changes, simplistic design, smtp port 25, socket connection, target server, test message, test messages, validity | No Comments Yet

Fix password glitches

1. Corrupt Keychain
Problem: I keep getting prompts to enter my password, even though I know it’s in my keychain.

Solution: Mac OS X’s Keychain provides a handy way to store user names and passwords for servers, Web sites, and other resources. Usually it works invisibly in the background. How-ever, if the keychain file becomes damaged, you may not be able to save new passwords, or an application such as Apple’s Mail or iChat might ask you to enter a password you’ve already stored. A corrupted keychain can even cause applications to crash.

If you suspect that you have a damaged keychain, open the Key-chain Access application (/Application/Utilities/) and choose Keychain Access: Keychain First Aid. In the box that appears, enter your login password and select either the Verify option, which merely checks the keychain, or Repair, which checks for and fixes errors. Click on Start. Keychain First Aid reports any errors that it finds and repairs.

2. The Same-Password Blues
Problem: I know it’s safer not to keep using the same password. But it’s hard to come up with new passwords all the time.

Solution: Although many people reuse the same password for various purposes, it’s more secure to make each password unique. You don’t have to exert mental energy on this job—your Mac can come up with ideas for you. It can also give you tips for improving passwords you already have.

Mac OS X includes a password-generator tool called Password Assistant, but you can access it only at certain times—for example, when you’re setting up a new account in System Preferences or creating a new keychain in Keychain Access. (You’ll see a key icon next to the field where you’re supposed to enter a password. Click on this icon to access the tool.) Take full advantage of this tool’s powers by using codepoetry’s free Password Assistant, which lets you access Password Assistant as a stand-alone program. The codepoetry application works only with OS X 10.4 (Tiger). If you haven’t upgraded, try David Kreindler’s free RPG, which works similarly and runs on Mac OS X 10.3 (Panther).

Password Assistant lets you set the password’s length via a slider and adjust its complexity via the Type pop-up menu (see “Choose Secure Passwords”). For example, choose Letters & Numbers; Memorable, which mixes common words with numbers and punctuation; or Random, which includes letters, numbers, and special characters. If you don’t like the first suggestion, pick another from the Suggestion pull-down menu. Or generate another set by changing a setting or selecting More Suggestions from the Suggestion menu.

You can also use Password Assistant to test your own passwords. Type one in the Password field. The tool rates the password’s quality and gives you tips for improving it.

3. Autofill Won’t Fill
Problem: My Web browser is supposed to autofill my passwords, but sometimes it refuses to comply.

Solution: Apple Safari, Mozilla Firefox, and most other popular browsers can remember user names and passwords for Web forms and fill them in at your command. To turn this feature on in Safari, choose Safari: Preferences and select User Names And Passwords under AutoFill. In Firefox, go to Firefox: Preferences, click on Security, and enable the Remember Passwords For Sites option.

However, autofill doesn’t always do the job. For example, as a security measure, some sites block autocompletion of certain fields. Also, if you have multiple user names and passwords for a particular site, your browser can’t tell which one to use.

You can solve such problems with a third-party password utility. My favorite is Agile Web Solutions’ $30 1Passwd, which uses Apple’s Keychain for storage, but provides plug-ins for most popular browsers (like Safari, Firefox, the Omni Group’s OmniWeb, and Mozilla’s Camino). Once you enter a Web password, the application remembers it for every supported browser. It also adds a menu to each browser’s toolbar (see “Manage Browser Passwords”). This includes commands for generating new passwords, as well as options that let you choose from multiple user name and password sets for a single site. If your browser’s autofill isn’t working for you, 1Passwd is definitely worth a shot.

4. Master Password Mind Block
Problem: I entered a Master Password when I set up FileVault, but I’ve since forgotten it.

Solution: Introduced in OS X 10.3, FileVault provides a way to encrypt your entire user folder. When you first configure FileVault in the Security preference pane, you’re prompted to enter a Master Password. This password allows you to access the encrypted files even if you forget your login password (though if you forget both passwords, there’s no way to recover the files).

In order to change your Master Password in the Security preference pane, you must enter the original password. So if you’ve forgotten it, you’ll have to delete the FileVault keychain. First, if FileVault is currently on, disable it (go to the Security preference pane and click on Turn Off FileVault). Locate the two files in /Library/Keychains (the root-level Library folder, not the one in your user folder) that begin with the words FileVaultMaster, and drag them to the Trash. (You’ll have to enter an administrator password.) Note that if you delete this keychain—and you’ve forgotten the login password of the FileVault-protected account—you will not be able to access encrypted files by setting up a new Master Password.

5. Admin Absentmindedness
Problem: I’ve forgotten my Mac’s administrator password.

Solution: If you can’t remember your administrator password—or you don’t know it because you’ve recently purchased or inherited someone else’s machine—you’ll have to reset it. There are a couple of ways to reset an administrator password:

Ask Another Administrator If your Mac has a second administrator account, open the Accounts preference pane. Click on the lock icon at the bottom and have that person enter his or her administrator name and password. Select the user with the forgotten password and click on Reset Password to choose a new one.

Use an Installation Disc Insert your OS X installer disc. To restart from it, hold down the C key while you reboot your Mac. Choose a language as requested, and then go to Utilities: Reset Password. Select your main disk and choose your user name from the pop-up menu. Enter and verify a new password, then click on Save. Quit the Reset Password utility, and then quit the installer and click on Restart to boot up from your hard disk.

If you previously set your keychain password to match your administrator password, the keychain probably won’t unlock automatically when you log in (since it still uses your old password). So just delete it and create a new one.

Launch Keychain Access. To delete a keychain, make sure the keychain list is showing in the upper left corner of the window; if it isn’t, click on the Show Keychains button at the bottom. Select the keychain you want to delete and choose File: Delete Keychain keychain name. Select File: New Keychain, choose a name, enter a password, and click on Create. In the list, select the keychain you’ve just created, and choose File: Make Keychain keychain name Default. Whenever you store a new password, Mac OS X will automatically add it to your default keychain.

Note that just as you can reset your administrator password, so can anyone else with physical access to your Mac and an installer disc. To minimize your risks, take extra security precautions such as making your keychain password different from your login password and storing sensitive files in an encrypted disk image. Get more details.

6. AirPort No-Go
Problem: I can’t remember the passwords for my network or AirPort base station.

Solution: If you use an AirPort base station (or a third-party wireless router), you potentially have two passwords to worry about: the wireless network password, which your computer needs to get online, and the base station password, which protects the base station against modification by unauthorized parties. You don’t have to set either password, but it’s a good idea to do so.

Most people store their wireless network password in their keychain so OS X can enter it automatically. But if you switch computers or want to grant a friend access to your network, you’ll need to know that password. To find it, open Keychain Access and type the first few letters of your network’s name into the Search field. Double-click on the match with the word login (or your user name) listed in the Keychain column. In the box that appears, select the Show Password option, enter your keychain password, and click on Allow Once or Always Allow to display the password.

If your network’s password isn’t there, you’ll need to select a new one in AirPort Admin Utility (or AirPort Utility, if you have the new 802.11n base station). That, in turn, requires that you either know the base station’s password (if it has one) or have it stored in your keychain.

To change the wireless network password on older base stations, open Air-Port Admin Utility (/Applications/Util-ities) and double-click on the base station’s name. In the AirPort tab, click on Change Wireless Security. Type a new password and click on OK and then on Update. For 802.11n AirPort Extreme Base Stations, open AirPort Utility, select the base station’s name, and choose Base Station: Manual Setup. Click on the AirPort icon, and then select the Wireless tab. Enter and verify a new password, choose an encryption method from the Wireless Security pop-up menu, and click on Update.

What if you’ve forgotten the base station’s password too? Then it’s time to reset it. Instructions vary by base station, so go to Apple’s AirPort Support page and do a search for Reset AirPort to find your model.

What makes a password secure?
When creating new passwords, most people know they should avoid using their pet’s or spouse’s name and should include a mix of capital and lowercase letters, numbers, and special characters. But just how long and complex does a password really need to be? Here are some rules of thumb:

Low-Security Passwords If you’re creating a password simply to identify yourself, and little is at stake if it’s compromised (for example, on a Web site’s discussion forum), choose a memorable pattern with eight or nine characters. Include one or more non-alphanumeric characters (for example,

oak7*fid).

High-Security Passwords If you’re protecting bank accounts or personal records, it pays to be safe. Choose a random password or a memorable, word-based one. If you choose a random password, use a mix of 10 or 11 letters (capital and lowercase) and numbers (for instance,

I5oqMqQk8xn). If you include punctuation, 9 or 10 characters are adequate (such as
@wF?FHbZl). For memorable passwords, use at least 17 characters, including letters, numbers, and punctuation (as in acme13-shortbread).

18/06/2009 Posted by mdsnetworks | Anti Spam Articles, Computer Help, Internet Connection Articles, Online Backup | | No Comments Yet

Don't Ignore Legal Obligations of The CAN-SPAM Act

The CAN-SPAM Act of 2003 was signed into law and became effective January 1, 2004. As a small business owner, you need to be aware of your obligations under this law to avoid serious problems that could cost you time and money. The law is very specific about the content you must provide in any commercial email advertising piece. Not surprisingly, many of us are victims of daily assaults with unsolicited junk mail from very obscure sources. What these spammers are doing is illegal. Taking time to complain is impractical for many small entrepreneurs, so in most cases we just delete the junk, and go about our business.

On the other hand as a small business owner you are in a different position when sending email to customers. Your credibility is at risk because you are not obscure, and may be easily identified for criminal prosecution or law suits. Understand your obligations and what you can or cannot do. In the US, the FTC, Federal Trade Commission, is the government entity for establishing and monitoring compliance with this law. Their rules are very specific as follows:

Requirements for Commercial Emailers

The CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography and Marketing Act) establishes requirements for those who send commercial email, spells out penalties for spammers and companies whose products are advertised in spam if they violate the law, and gives consumers the right to ask emailers to stop spamming them. The law, which became effective January 1, 2004, covers email whose primary purpose is advertising or promoting a commercial product or service, including content on a Web site. A “transactional or relationship message” – email that facilitates an agreed-upon transaction or updates a customer in an existing business relationship – may not contain false or misleading routing information, but otherwise is exempt from most provisions of the CAN-SPAM Act.

FTC Facts for Business

The Federal Trade Commission (FTC), the nation’s consumer protection agency, is authorized to enforce the CAN-SPAM Act. CANSPAM also gives the Department of Justice (DOJ) the authority to enforce its criminal sanctions. Other federal and state agencies can enforce the law against organizations under their jurisdiction, and companies that provide Internet access may sue violators, as well. What the Law Requires Here’s a rundown of the law’s main provisions:

- It bans false or misleading header information. Your email’s “From,” “To,” and routing information – including the originating domain name and email address – must be accurate and identify the person who initiated the email.

- It prohibits deceptive subject lines. The subject line cannot mislead the recipient about the contents or subject matter of the message.

- It requires that your email give recipients an opt-out method. You must provide a return email address or another Internet based response mechanism that allows a recipient to ask you not to send future email messages to that email address, and you must honor the requests. You may create a “menu” of choices to allow a recipient to opt out of certain types of messages, but you must include the option to end any commercial messages from the sender. Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your commercial email. When you receive an opt-out request, the law gives you 10 business days to stop sending email to the requestor’s email address. You cannot help another entity send email to that address, or have another entity send email on your behalf to that address. Finally, it’s illegal for you to sell or transfer the email addresses of people who choose not to receive your email, even in the form of a mailing list, unless you transfer the addresses so another entity can comply with the law.

- It requires that commercial email be identified as an advertisement and include the sender’s valid physical postal address. Your message must contain clear and conspicuous notice that the message is an advertisement or solicitation and that the recipient can opt out of receiving more commercial email from you. It also must include your valid physical postal address.

Penalties May Be Severe

Each violation of the above provisions is subject to fines of up to $11,000. Deceptive commercial email also is subject to laws banning false or misleading advertising. Additional fines are provided for commercial emailers who not only violate the rules described above, but also:

- “harvest” email addresses from Web sites or Web services that have published a notice prohibiting the transfer of email addresses for the purpose of sending email

- generate email addresses using a “dictionary attack” – combining names, letters, or numbers into multiple permutations

- use scripts or other automated ways to register for multiple email or user accounts to send commercial email

- relay emails through a computer or network without permission – for example, by taking advantage of open relays or open proxies without authorization.

Department of Justice Facts for Business

The law allows the DOJ to seek criminal penalties, including imprisonment, for commercial emailers who do – or conspire to:

- use another computer without authorization and send commercial email from or through it

- use a computer to relay or retransmit multiple commercial email messages to deceive or mislead recipients or an Internet access service about the origin of the message

- falsify header information in multiple email messages and initiate the transmission of such messages

- register for multiple email accounts or domain names using information that falsifies the identity of the actual registrant

- falsely represent themselves as owners of multiple Internet Protocol addresses that are used to send commercial email messages.

Conclusion

Fines up to $11,000 per violation should get your attention. Review your commercial email policies, and revise as necessary to make sure you include the 3 most frequently omitted features: identify advertising, your physical address, and an opt-out provision. Continue your review to confirm compliance with all requirements. Finally, visit the official FTC web site for information on additional rules and press releases that may have occurred since this report was written.

16/06/2009 Posted by mdsnetworks | Anti Spam Articles | business relationship, can spam act, consumer protection agency, credibility, criminal prosecution, email advertising, emailers, federal trade commission, ftc, government entity, january 1, law suits, obscure sources, pornography, sending email, small business owner, spammers, taking time, time and money, unsolicited junk mail | No Comments Yet

Spammers, Spyware, and International Enforcement Cooperation

In a recent report to the United States Congress the FTC attempted to justify the international efforts even though SPAM had increased under their watch by stating that:

“Spammers, spyware operators, fraudulent telemarketers, and other scam artists know no national boundaries, and can strike quickly on a global scale. As a result, the FTC has implemented a comprehensive program to combat cross-border consumer protection law violations. This includes a recently released report on proposed legislation to improve the FTC’s ability to combat cross- border consumer protection law violations. In October 2004 the FTC announced the “London Action Plan on International Spam Enforcement Cooperation ” endorsed by 26 agencies from 20 countries and seven private sector organizations from four continents. The FTC continues to develop new bilateral and multilateral enforcement partnerships and to strengthen existing ones. In January 2005, the FTC announced that it had entered into a new consumer protection enforcement memorandum of understanding with its counterpart consumer protection agency in Mexico. The FTC also continues to work closely with Canadian agencies on cross-border telemarketing issues. The FTC’s goal is to ensure that consumer protection rules outside the United States focus on practices that distort consumer choice and raise a serious threat to the proper functioning of markets.”

Sounds great right? Indeed, yet when I reviewed this I noticed that homosexual employees at the FTC who might have HIV AIDS were traveling on these enforcement missions on the taxpayer’s dollar, yet I found few if any Spammers who were actually prosecuted or spyware operators who were stopped. Yes, to their credit there were a few, but in reality, SPAM continues to increase in my inbox. How about yours? My question in this personal opinion article is this; Is the Federal Trade Commission doing anything at all where we have empirical proof and results that they are in fact preventing fraud, SPAM or Spyware on the Internet? Show me the results; talk is cheap. Consider this in 2006.

14/06/2009 Posted by mdsnetworks | Anti Spam Articles | consumer protection agency, consumer protection law, consumer protection rules, cross border, empirical proof, federal trade commission, four continents, fraudulent telemarketers, global scale, hiv aids, homosexual employees, international efforts, london action, memorandum of understanding, national boundaries, personal opinion, preventing fraud, private sector organizations, scam artists, united states congress | No Comments Yet

Unsolicited Commercial Email, SPAM and the FTC

Most recently the Federal Trade Commission has put forth their requests for further budget funding for fiscal year 2007 and in this report to Congress for more taxpayer’s monies the FTC cited their efforts to curb SPAM. Yet many critics of the agency who have called it everything from incompetent to the Blob of Bureaucracy believe that the FTC has done little since the CAN SPAM Act to enforce this unsolicited commercial email. Here is what the FTC told the US Congress:SPAM.

“Experts have estimated that spam (unsolicited commercial email) costs businesses between $10 billion and $87 billion annually. Additionally, consumers spend countless hours each year dealing with spam. The CAN SPAM Act provides the FTC with tools to address this issue.”

Perhaps they have the tools to address the issue, yet SPAM has increased not decreased under their watch. Additionally the FTC cites another piece of information:

“In April 2005, the FTC and the California Attorney General brought an action to halt an operation that sent millions of illegal spam messages touting mortgage loans and other products and services. The FTC’s Adult Labeling Rule and the CAN.SPAM Act require commercial e-mailers of sexually-explicit material to use the phrase SEXUALLY EXPLICIT:” in the subject line of the e-mail message and to ensure that the initial viewable area of the message does not contain graphic sexual images.”

If in fact the State of California can take care of this, why are we doubling up and paying the FTC to work on it too? This duplication has to be costing the US Taxpayers millions of dollars, is it not? Meanwhile the FTC’s report goes on to state:

“In 2005, the FTC filed suit against a network of individuals and corporations that used spam to sell access to online pornography, and charged seven companies with violating the labeling requirements of the Rule and the Act. The spammers paid $691 000 to settle the charges and agreed to injunctive relief.”

But one case is not sufficient at all. There are thousands of spammers out there and this one case is not even a drop in the bucket, surely the agency with all this power and weight and self-aggrandizement can do better than this? Yet the FTC always falls back to the more safe position when asking for money from Congress and stated:

“The FTC also continued to work on the rulemaking and reporting requirements mandated by the CAN-SPAM Act. In June 2005, the FTC issued a report to Congress on the use of subject line labeling for commercial email as a means to reduce spam, concluding that such labeling would not be an effective way to curb spam. December 2005, the FTC issued a report to Congress on the effectiveness and enforcement of the CAN.SPAM Act. That report concluded that, while the Act has helped to deliver some improvements, passage of the U.S. SAFE WEB Act, continued education efforts, and improvements in anti-spam technology also are needed.”

And there you have it folks rather than telling the US Congress that the FTC is incompetent they tell them they need more of our money to finish a job that they are failing at. Meanwhile we have Yahoo and AOL planning their own way to make money sending us SPAM and the FTC is going to do nothing about it. Consider the this in 2006.

12/06/2009 Posted by mdsnetworks | Anti Spam Articles | blob, california attorney general, can spam act, countless hours, e mail, explicit material, federal trade commission, ftc, graphic sexual images, injunctive relief, mail message, mailers, monies, mortgage loans, spam messages, spammers, state of california, unsolicited commercial email, us congress, viewable area | No Comments Yet

Antispam Organization Out There That's Fighting For You

There’s an antispam organization out there that’s fighting for you and could use your help.

CAUCE, the Coalition Against Unsolicited Commercial E-mail, is an all-volunteer global entity that began as SPAM-LAW, a group brought together for discussion only. They put all their efforts into getting legislation passed that would help stop and penalize spam.

CAUCE has no treasury and no offices. Completely virtual, the organization exists on the Internet, in newsgroups, and online discussion lists. Donations are not accepted because the CAUCE founders and members believe that would necessitate having to respond to numerous lobbying regulations.

CAUCE is now soliciting members, however. While the grassroots of the organization began in the United States – in San Francisco – there are chapters in other parts of the world as well, such as CAUCE Canada, CAUCE India, CAUBE.Au, which covers New Zealand, Australia and all Pacific Rim countries; and Europe’s EuroCAUCE. CAUCE can boast more than 20,000 members in the U.S. alone, with all states represented. Even American Samoa and Guam have antispam proponents who have jumped on the CAUCE bandwagon.

CAUCE makes use of their membership list and each member’s individual information in one way only. They give that list to the relevant legislators to further the cause of antispam legislation. The purpose of this is to let these legislators know how many voters in their area are concerned about spam and the need for antispam legislation.

To join CAUCE you simple provide them with your full name and e-mail address, your mailing address, your congressional district, and choose a password.

If you don’t know which congressional district you are in you can determine that by visiting http://www.house.gov/writerrep. Here you will be asked for your state and zip code. Not only will this tell you your district but it will also give you your legislator’s name as well as a feedback form to write to her or him should you so desire.

CAUCE has been gaining national and international recognition as they battle for legislation to stop, curtail and punish spammers. As long ago as 1998, CAUCE went to congress to spur on antispam legislation, which did make it to the floor but was never passed. The latest attempt, again quashed, was a bill requiring spam tagging.

This bill would have forced convicted spammers to note on their messages some clue in the subject line that would tell folks that the message they received is from a convicted spammer. The law didn’t pass, nor was it supported by CAUCE. CAUSE and legislators both agree that the law would have been spineless, lacking enforceability. They agreed that those who were already breaking the law by spamming were not likely to comply with some new law that said they had to notify people they were spammers.

The CAUCE web site, http://www.cauce.org, lists its hall of shame. Here you will find sites that have been known to send or support, or at least fail to block spammers. At this writing there are only six sites listed.

11/06/2009 Posted by mdsnetworks | Anti Spam Articles | american samoa, bandwagon, cauce canada, cauce india, congressional district, discussion lists, e mail, founders, global entity, grassroots, guam, legislation, legislator, legislators, new zealand australia, newsgroups, pacific rim countries, proponents, treasury | No Comments Yet

You've Got Junkmail!

“You’ve Got Mail” was playing on TNT the other night. The 1990s movie reminded me of the long forgotten sounds of the AOL modem dialing up, followed by the sound of the static with the occasional shift in tones. And who could forget the yellow AOL man notifying me of the progress of my connection. It is only soon thereafter, that I would be greeted with”

“Hello! You’ve got mail!”

Inside the AOL mailbox on the top left corner of my screen, would appear a yellow envelope, waiting to be opened. It was exciting to think that sometime between now and my last log in; a message was written and sent exclusively to me.

I cannot accurately put my first AOL experiences into words; however it was very apparent that I, along with everyone else, had a certain attachment to AOL. The joy of instantly sending and receiving messages had everyone excited about this new technology. It’s too bad that this joy has fizzled away over the past decade.

AOL’s once bright sheen has lost its luster and apparently, its customers. At its apex, AOL topped search utilities and boasted some 30 million customers. That once faithful base has dropped 30% since 2002 leaving them with no choice but to target the growing broadband market, and offer free email services like Google, MSN and Yahoo. Can AOL email win back it’s shine?

Receiving AOL mail used to be the best feeling in the world. Nowadays I have to keep myself from screaming every time I see that I have 10+ junk messages in my inbox. I can’t stand the hassle of cleaning out my cluttered inboxes, or having to deal with the problems that arise with having a spam filter. The spam filter is meant to prevent encountering spam, but in reality, even important emails slip into my junk-mail folder, creating yet another inbox for me to have to sort through.

According to CNET, “In June, spam made up 64.8 percent of global e-mail traffic,” that’s up 6.9 percent over May. Going by this rapid trend of junk-mail mania, it doesn’t seem to show any signs of slowing down in the near future.

This idea of constantly receiving junk mail is known as “phishing”. According to TechKnowBizzle.com, “Phishing occurs when a malevolent individual sends you an email that imitates a legitimate website, such as your bank or eBay, with the hope that you will be fooled.” With over 65% of all emails today being labeled as spam, it is hard to imagine any email as actually being legitimate.

What was once a safe and effective communication tool has not only become a nuisance, but has also opened up a wide window of opportunity for hackers and scammers to crawl through. A mere decade removed from “You’ve Got Mail”, email has become a prime portal through which cyber-criminals are able to directly reach an unsuspecting mass and dupe them.

Unfortunately, the general public appears to be unaware of the dangers that lurk between the lines of code that make up their email. They remain ignorant to the different forms of protection necessary to safeguard their email.

I found myself being envious watching Tom Hanks and Meg Ryan effortlessly talk through email as if it was just the two of them online. How lucky they were to not have to worry about someone snooping in on their conversation, or whether or not their computers could get hacked by opening an apparently “harmless” email. They were able to indulge in the true nature and purpose of email; rapid and efficient communication. But alas, we are now stuck in a technology age where a plethora of hackers are out to catch the naïve user.

In the past, nothing was as depressing as hearing the silence of an empty inbox. If I still had AOL, that silence would be embraced and welcomed. Hearing that once enthusiastic voice: “you’ve got mail!” is now just an invitation to become a victim to the criminals of the digital realm.

10/06/2009 Posted by mdsnetworks | Anti Spam Articles | 30 million, aol mailbox, apex, broadband market, e mail, free email services, google, junk mail folder, junk messages, mail traffic, msn, rapid trend, receiving messages, search utilities, sheen, spam filter, tnt, yellow envelope, you ve got mail | No Comments Yet

Protocol Against Spam

I guess I have you a bit confused now. The e-mail protocol I’m referring to is not the technology protocol, no I’m speaking of a set of rules that has to be applied to make sure your e-mail reach its destination. This set of rules will make it easier to define the behavior of spam when developing anti-spam controls. Web developers who want their web sites to reach high rankings in search engines have to keep within the rules of the search engines, if they don’t, they won’t reach their targeted audience. Moderators of Internet Relay Chat rooms do not tolerate any behavior that does not comply with the set of rules of the chat room. Crossing the line in a chat room will get you kicked from the room. The same rules apply for discussion forums. Some members like to spam forums with affiliate links and scams. Some forums allow you to place a link to your web site in your signature where other forums disallow the use of HTML altogether. It is very simple, if you don’t stick to the rules you don’t get to use the service.

But applying this to e-mail is not that simple. It is very difficult to deny the usage of e-mail if they don’t stick to the rules. Yes we read that Internet Service Providers ban their members if they get caught using spamming techniques to deliver their message. But do we ever see these measures enforced on someone? Be honest, you would rather have the client use spamming techniques than to loose out on the money the customer is paying. The solution to this problem is to penalise spammers without banning them from using e-mail. Search engines have given us the guidelines to do this. I agree that search engine algorithms is not perfect mechanisms and people familiar with Search Engine Optimisation know that search engines constantly change their algorithms to stay ahead from people exploiting their vulnerabilities. Applying these algorithms to the SMTP protocol is yet another problem. Many ISP’s have spam filters installed on their servers to help filter out spam for their clients, so if you can apply the rules of search engines to these spam filters you will be closer to the solution.

Search engines scan pages for consistency in their content. If the header of a page does not conform to the body of the page you won’t get a good ranking on the Search Engine Result Pages. This will filter out a huge chunk of spam circulating the Internet. Companies who send e-mails with a single image embedded in the e-mail also make it hard for current spam filters to determine if it is spam or not. You need Optical Character Recognition software to scan the contents of the image and convert it to text. This will make anti-spam software very expensive and even the best OCR scanning software still makes errors when they convert images to text. What about pornography? You will also need a special scanner to detect pornographic images. The only solution to this is to make a general rule that it is not proper e-mail protocol to embed only images into an e-mail without proper content. I don’t understand why companies still use this method of marketing. Dial-up users normally download e-mail and disconnect from the Internet to read their messages offline. There is nothing more frustrating than opening a message with only images embedded into it and there is no way you can see what the sender is trying to offer you without reconnecting to the Internet again. People advertising like that never reach me because I simply delete messages like this. If everyone starts to do this it will automatically create a protocol and companies will stop sending e-mails like this. E-mail clients like Thunderbird allow you to hide images embedded into e-mail messages and an e-mail that consists only of images is therefore totally useless if it reaches the inbox of people using this feature. The only ones who will continue using this practice will be spammers.

Search engines detect when you simply place hundreds of keywords on a page that makes no sense at all. Pages like this never rank well and sites using this practice even get banned from most search engines. Have you ever received an e-mail with strange sentences or tons of words at the bottom of the e-mail. These words and phrases are used to confuse spam filters and to make it harder for the software to decide whether it is spam or not. Applying the technology of search engine algorithms here will get rid of yet another chunk of spam.

A protocol that is starting to become a common practice is the usage of text only e-mail messages. Many servers reject e-mails with HTML code embedded into them and only allow text messages to pass through. But this is the common example where little Johnny did something wrong and now the whole class gets punished. Respectable companies use images in their e-mails to compliment the content of their messages. If you can’t use HTML, you can’t format the message to have the look and feel of your company. If you can’t use HTML, you can’t make use of your company logo or include illustrative images of your products in your messages. Why should everyone get punished for people who abuse the same mechanism that respectable and honest organisations use to promote their products? This is why you have to design an e-mail message in such a way so that it still delivers the marketing message clearly without the images and HTML.

I have even seen people suggesting that closed circle e-mail protocols replace SMTP. These protocols are used in companies for internal communication. Servers only allow e-mails to pass through if they have your e-mail address on their safe-list. If you are not on their safe-list you won’t get through. But this is a very unpractical method of filtering out spam, what if a customer wants to contact the sales department or anyone contacting any department for that matter? Another similar method is one that was introduced by Hotmail. Only e-mails from your contact list lands in your inbox, every other e-mail is filtered to your Junk Mail folder. You will have to indicate which e-mails to allow in the future. The rest are deleted automatically after a specified number of days. This method has some merit but can be a daunting task if you want to implement it in a commercial environment. You will have to employ a full-time e-mail administrator to select which e-mails should go through. Both these protocols are very counterproductive measures.

Lets be honest, getting rid of spam is not an easy task. But if everyone starts to ignore spam or messages with the characteristics of spam you should see a decline in the spam circulating the Internet. Spammers will soon realize they are only wasting bandwidth with their useless e-mails and no one is falling for their moneymaking schemes anymore.

09/06/2009 Posted by mdsnetworks | Anti Spam Articles | chat room, chat rooms, crossing the line, discussion forums, e mail search, internet relay chat, internet service providers, mail protocol, mail search engines, measures, mechanisms, moderators, scams, search engine algorithms, signature, smtp protocol, spam filters, spammers, vulnerabilities, web developers | No Comments Yet

Spam "Artists" Can Trick A Non-Spamming Website To Send Spam Emails

It was the evening of Friday 16th June 2006, and I was rounding up the updates on my websites, when I decided to search online for and install another site recommendation script on my website in place of the one that for some reason I could not fathom, continued to return a “500 – Internal Server Error” error. The Google search results page threw up a slew of referral scripts offering from various authors – some free, others for sale.

At this time I was just keen to test and see if I could get one to work on my site. Soon I settled for one called “The PCman Website Refer a Friend” Within minutes, I had it installed and running. One thing I did not do, and which I would advise (based on the benefit of painful hindsight) ANYONE who uses third party scripts on his/her site to do, is to check and confirm the programmer has taken pains to secure the script code against exploitation (Specific details/links to URL resources on how to go about this provided further down).

Note: It was only after the event, and following prompts from my hosts that I checked and found the PCManrefer script had inadequate security written into the code. The resulting “security hole” was what the hacker later exploited remotely to launch a massive spam attack.

On Tuesday 20th June 2006 a.m, I tried to log into my web hosting account to upload files, but noticed the ftp tool I was using kept returning an “incorrect password” message. After trying repeatedly, and confirming I was using the correct password, I decided to try logging in to my webmail – so as to send an email to the support department for assistance. This presented a problem as well. Each time, I tried, I got a message like “Dropped by ISMAP server”. Now quite alarmed, I decided to type the URL to my website – http://www.spontaneousdevelopment.com. My worst fears came to pass – The browser printed a “Page Not Found” message in bold!

At this point, I promptly went to my host’s website and initiated a chat session with the operator. The following chat conversation took place:

—–start of chat session——

: Hello! How may I help you?

: hi

Visitor42152: Hi

Visitor42152: I cannot login to my webmail or access my entire website

Visitor42152: MY reg no is

: We are writing to inform you that during the past 30 minutes your web hosting account (username = deleted) has sent 625 messages to the email subsystem of the hosting server. This is in violation of our terms of services, and as such, any websites

: belonging to that account have been taken offline.

: In order to reactivate your account you will need to contact our support department and agree not to abuse our servers again. Any further incidents like this will cause our system to remove your account completely and without warning

Visitor42152: I am working from a cyber cafe I normally do not use though it’s close to my home

Visitor42152: I am certain this is due to activities of email hackers who use the same ISP as these guys

: send an email to

Visitor42152: How long will it take to resolve this?

: 6 -12 hours

—End of chat session——

Well, I did not get it resolved in 12 hours. In fact, by the time I was finished exchanging emails with the support department, I learnt my account would be suspended for 7 days, with the warning that if it happened again, my account would be reconsidered for termination without notice.

How They Did It (i.e. Hijacking My Website Referral Script’s Form Post)

Below, I reproduce the exact text of the explanation given by my host’s Abuse Department, when I requested for details that could help me understand how the problem had occurred, and what I could do to prevent a re-occurrence. You will notice that the Perl script I installed (i.e “pcmanrefer.pl”) some days before the problem, was identified by the administrator as one of three found to have poor security built into their code.

— “Aplus.Net Abuse Department” wrote (I have re-arranged – but NOT edited – the text for readability): > Hello,

> Basically the attack is performed on scripts that trust the information that the submitter enters and are therefore easily exploitable. You can refer to these two documents that describe in details this very specific attack:

http://www.anders.com/projects/sysadmin/formPostHijacking/
http://www.nyphp.org/phundamentals/email_header_injection.php
I have reviewed the spam evidence sent to us and in the headers the subject is different every time which means the script used is taking the input data from the visitor and doesn’t edit it at all:

Subject: Incredibly undervalued, you’ll not want to miss this opportunity the protracted I have found several such scripts in your FTP space:

/cgi-bin/mailer/simplemail.pl
/cgi-bin/mailer/mailer.pl
/cgi-bin/pcmanrefer.pl
There might be others that are compromiseable too but you know better the structure of your website and which exactly script is sending the data unchanged. The bottom line is to filter out all input data as suggested in the two articles above.

Thank you,

Clues Left Behind By The Hacker In My Server Space

When I eventually gained access to my server space, I found confirmation that it was indeed the “pcmanrefer.pl” script that had been exploited: Its referral log file (refer-log.txt), had grown to a massive 11.1 Megabytes size(many million bytes up from its 0 bytes size when I uploaded it less than 9 days before)! Opening the file revealed huge volumes of email addresses and message contents, originating from bogus “addresses” at my sub domain e.g. InvestorsWeekly@spontaneousdevelopment.com; my@spontaneousdevelopment.com; stephannie@www.spontaneousdevelopment.com (“who is SHE??”, I said to myself) – and many, many more!

The Attack Had A Negative Multiplier Effect – Which Is Why You Would Be Wise To Prevent It Happening

When my hosting account was suspended, my websites could not be visited, nor could I access mails sent to my webmail account at my domain during that seven day period. But that was just one side of it. ALL the short URLs that I had created to point to various sub domains on my main website were put up for removal by the service provider, who placed a bookmark update link on a page leading the to home page – with the following message:

“Due to enormous phishing spam with our sub domains () we will close this short url re-direction. Please update your bookmarks. “

One example of short URL that was affected by this problem is http://www.cbsolutions.v27.net, which points to cbsolutions.spontaneousdevelopment.com – the mini site for my Creative Business Solutions(CB Solutions) delivery service.

My mind raced back to all the articles I had published at the Ezine articles directory, in which I had used the short URL addresses in the resource boxes invitation to readers(at the end of the article). A number of those articles carrying the short URLs had been syndicated on other websites, where I would not have access to make changes to them. I realised that it would only be a matter of time before readers of some of my articles would find themselves confronted with a “Page Not Found” browser error, or a general advert page for domain names sales etc – instead of my site: Definitely not good for the image I was trying to build online!

I provide the above details to give you an idea of just how bad this can be – so you can really understand why it would be in your best interest to make sure you never leave yourself open to the extent that this type of problem can affect your website.

Taking Action To Prevent (Future) Attacks

I deleted the “pcmanrefer.pl” script and the other two that were identified by the hosting provider’s administrator (see email above). I also removed another mailing list managment CGI script that I installed a month before. In a way, I felt like I was taking medicine after death. But at least by this time, I actually had a better idea of WHAT had happened, HOW, and WHY – and what I could do to protect myself for the future. Next, I visited the URLs emailed to me by my web host. Out of curiosity, I also did a number of searches on Google, to see what else I could learn about “form post hijacking”, and spamming in general. Below, I provide links to some useful resources I found. If you own a website, I think you will want to spend some time studying them.

IMPORTANT NOTE:

1. It would interest you to know that I no longer use a site referral script on my wesbsite. Instead I have developed a simple email recommendation template that anyone who is so keen to tell another about my site can use. Visit http://www.spontaneousdevelopment.com/referus.htm to see what i mean. There are many other effective ways to get marketing exposure for a website, and I am currently modifying my website design/marketing strategy to accommodate them. As time goes on, visitors to my website will see ample evidence of this.

2. Some of the resources whose URLs are listed below, were published as far back as 2002, so they might not exactly offer relevant or effective remedies that can be successfully applied today. However, the educational value they offer towards understanding the problem(s), in my opinion, would still make them worth a visit.

So, with that note of warning, I wish you happy reading and good luck in your fight to protect your website against exploitation.

Useful Learning/Problem-Solving Resources

1. Using Apache to stop bad robots | evolt.org – by Daniel Cody http://www.evolt.org/article/Using_Apache_to_stop_bad_robots/18/15126/

2. Why Some Scripts are dangerous to use on your Website – http://webnet77.com/help/dangers.html

3. http://www.anders.com/cms/75/Crack.Attempt/Spam.Relay – By Anders Brownworth Interesting Crack Attempt to Relay Spam (Comment: this is actually a precursor to the full article referred to me by my web host titled “Form Post Hijacking – How to solve the problem.”)

4. By Anders Brownworth – Form Post Hijacking – How To Solve The Problem article author

http://www.anders.com/projects/sysadmin/formPostHijacking/

5. http://handsonhowto.com/cgi101.html – A Hands-On How-To(Securing the CGI script section – useful) – from Brass Cannon Consulting

6. WWW Security FAQ: CGI Scripts – http://www.w3.org/Security/Faq/wwwsf4.html -by Lincoln Stein (lstein@cshl.org) and John Stewart (jns@digitalisland.net) – hosted by the World Wide Web Consortium (W3C) as a service to the Web Community.

7. Stopping Spambots: A Spambot Trap – http://www.neilgunton.com/spambot_trap/

8. How to block spambots, ban spybots, and tell unwanted robots to go … Spamming of referer logs is a growing nuisance,

http://diveintomark.org/archives/2003/02/26/how_to_ block_spambots_ban_spybots_and_tell_unwanted_robots_to_go_to_hell

Self-Development/Performance Enhancement Specialist – Tayo Solagbade – devotes his time to exploring new frontiers of Self-Development Education, especially as it relates to showing people what they can do by themselves, for themselves to achieve their set goals – DESPITE the limitations of their circumstances or environment.

08/06/2009 Posted by mdsnetworks | Anti Spam Articles | google, nuisance, onl, spite | No Comments Yet

How to beat spam in 5 steps

How prevalent is Spam? According to Scott McAdams, OMA Public Affairs and Communications Department (www.oma.org):

“Studies show unsolicited or “junk” e-mail, known as spam, accounts for roughly half of all e-mail messages received. Although once regarded as little more than a nuisance, the prevalence of spam has increased to the point where many users have begun to express a general lack of confidence in the effectiveness of e-mail transmissions, and increased concern over the spread of computer viruses via unsolicited messages.”

Hackers are getting more sophisticated.For example, Botnets are becoming more complex and harder and harder to catch and stop. Do a search on botnets on the Internet. They really are causing a whole lot of problems, but it does not stop there. The number of viruses and malware out there is staggering.

In 2003, President Bush signed the “Can Spam” bill, in December of 2003 which is the first national standards around bulk unsolicited commercial e-mail. The bill, approved by the Senate by a vote of 97 to 0, prohibits senders of unsolicited commercial e-mail from using false return addresses to disguise their identity (spoofing) and the use of dictionaries to generate such mailers. In addition, it prohibits the use of misleading subject lines and requires that emails include and opt-out mechanism. The legislation also prohibits senders from harvesting addresses off Web sites. Violations constitute a misdemeanor crime subject to up to one year in jail. One major point that needs to be discussed about this: spam is now coming from other countries in ever-greater numbers. These emails are harder to fight, because they come from outside our country’s laws and regulations. Because the Internet opens borders and thinks globally, these laws are fine and good, but do not stop the problem.So what do you do about this? Her are the top 5 Rules to do to protect from spam.

Number 1: Do what you can to avoid having your email address out on the net. There are products called “spam spiders” that search the Internet for email addresses to send email to. If you are interested, do a search on “spam spider” and you will be amazed at what you get back. Interestingly, there is a site, WebPoison.org, which is an open source project geared to fight Internet “spambots” and “spam spiders”, by giving them bogus HTML web pages, which contain bogus email addressesA couple suggestions for you: a) use form emails, which can hide addresses or also b) use addresses like sales@company.com instead of your full address to help battle the problem. c) There are also programs that encode your email, like jsGuard, which encodes your email address on web pages so that while spam spiders find it difficult or impossible to read your email address.

Number 2: Get spam blocking software. There are many programs out there for this. (go to www.spambully.com for example).. Whatever you do, get the software. It will save you time. The software is not foolproof, but they really do help. You usually have to do some manual set up to block certain types of email.

Number 3: Use the multiple email address approach.

There are a lot of free email addresses to be had. If you must subscribe to newsletters, then have a “back-up” email address. It would be like giving your sell phone number to your best friends and the business number to everyone else.

Number 4: Attachments from people you don’t know are BAD, BAD, BAD.

A common problem with spam is that they have attachments and attachments can have viruses. Corporations often have filters that don’t let such things pass to you. Personal email is far more “open country” for spamers. General rule of thumb: if you do not know who is sending you something, DO NOT OPEN THE ATTACHMENT. Secondly, look for services that offer filtering. Firewall vendors offer this type of service as well.

Number 5: Email services now have “bulk-mail” baskets. If what you use currently does not support this, think about moving to a new vender. The concept is simple. If you know someone, they can send you emails. If you don’t know them, put them in the bulk email pile and then “choose” to allow them into your circle. Spam Blocking software has this concept as well, but having extra layers seems critical these days, so it is worth looking into.

07/06/2009 Posted by mdsnetworks | Anti Spam Articles | borders, botnets, communications department, computer viruses, department www, e mail, lack of confidence, laws and regulations, mail messages, mailers, malware, misdemeanor crime, nuisance, president bush, scott mcadams, spoofing, subject lines, unsolicited messages | No Comments Yet