Mar 23 2023
My last post described how to add a custom X-header to outgoing email in postfix. But of course this approach is rather a blunt instrument because it necessarily adds the header to all outbound mail which originates from my server. In my particular case that does not matter overmuch, because any and all mail accounts …
Permanent link to this article: https://baldric.net/2023/03/23/custom-headers-in-claws-mail/
Sep 04 2021
I have been a subscriber to Hanno Böck’s Feisty Duck TLS Newsletter for some time. Böck’s newsletters provide a useful service to TLS users. I am also a big fan of Ivan Ristić’s “Openssl cookbook” which is available as a free download from the Feistyduck website. A couple of days ago the latest Feistyduck newsletter …
Permanent link to this article: https://baldric.net/2021/09/04/stop-starttls/
Oct 27 2020
Back in early 2019, I wrote about a problem I was having with mail from my system going to BT based accounts. At the time, BT was rejecting my mail as potential spam. As I wrote at the time, I was pleasantly surprised when the BT postmaster replied positively to my request that they investigate …
Permanent link to this article: https://baldric.net/2020/10/27/braindead-mail-service/
Feb 16 2019
OK, I admit to being dumb. I got another scam email yesterday of the same formulation as the earlier ones (mail From: me@mydomain, To: me@mydomain) attempting to extort bitcoin from me. How? What had I missed this time? Well, this was slightly different. Checking the mail headers (and my logs) showed that the email had …
Permanent link to this article: https://baldric.net/2019/02/16/postfix-sender-restrictions-job-not-done/
Jan 24 2019
I mentioned in my previous post that I had recently received one of those scam emails designed to make the recipient think that their account has been compromised in some way and that, furthermore, that compromise has led to malware being installed which has spied on the user’s supposed porn habits. The email then attempts …
Permanent link to this article: https://baldric.net/2019/01/24/postfix-sender-restrictions/
Jan 23 2019
I have been running my own mail server now for well over a decade. Whilst the actual physical hardware (or actually VPS system) may have changed once or twice during that time, the underlying software (postfix and dovecot on debian) has not really changed all that much. However, what has changed over the last decade …
Permanent link to this article: https://baldric.net/2019/01/23/congratulations-to-bt/
Aug 20 2015
At the end of last month I noted that I had been receiving multiple emails to each of the proxy addresses listed for my newly registered “private” domains. Intriguingly, whilst I was receiving at least three or four such emails a week before I wrote about it, I have had precisely zero since. Probably coincidence, …
Permanent link to this article: https://baldric.net/2015/08/20/update-to-domain-privacy/
Jul 28 2015
Over the past few months or so I have bought myself a bunch of new domain names (I collect ’em….). On some of those names I have chosen the option of “domain privacy” so that the whois record for the domain in question will show limited information to the world at large. I don’t often …
Permanent link to this article: https://baldric.net/2015/07/28/domain-privacy/
Mar 30 2015
About four years ago I was getting a huge volume of backscatter email to the non-existent address info@baldric.net. After a month or so it started to go quiet and eventually I got hardly any hits on that (or any other) address. A couple of weeks or so ago they came back. My logs for weeks …
Permanent link to this article: https://baldric.net/2015/03/30/the-russians-are-back/
Jan 20 2014
I have just run a search for further evidence of the possible compromise at thrustvps and found threads on webhostingtalk, vpsboard, freevps.us and habboxforum amongst others. All of those comments are from people (many, like me, ex-customers) who have received emails like the one I referred to below. So, I guess thrust /do/ have a …
Permanent link to this article: https://baldric.net/2014/01/20/thrust-update/
Jan 18 2014
I have not used thrust since my last contract expired. I left them because of their appalling actions at around this time last year. However, today I received the following email from them: From: Admin To: xxx@yyy Subject: Damn::VPS aka Thrust::VPS Date: Sat, 18 Jan 2014 03:28:06 +0000 This is a notification to let you …
Permanent link to this article: https://baldric.net/2014/01/18/thrustvps-compromised/
Aug 09 2013
I run my own mail server for a number of reasons. And I rarely regret that decision. However, there have been occasions in the past when relying on a single mail provider (even when that provider is myself) has proven problematic. The first problem arose several years ago when the ISP which I use for …
Permanent link to this article: https://baldric.net/2013/08/09/lavabit-dead/
Jan 11 2013
Today I ran a routine apt-get update/apt-get upgrade on my mailserver and dovecot failed afterwards. This is a “bad thing” (TM). No routine software upgrade should cause a failure of the kind I experienced. Two things happened which should not have done. Firstly the SSL certificates appeared to have changed (which meant that mail clients …
Permanent link to this article: https://baldric.net/2013/01/11/dovecot-failure/
Aug 02 2012
Microsoft has (re-)launched its free public email service (previously branded “hotmail” and “windows live”) under the brand “outlook”. Outlook has been Microsoft’s email client on the corporate desktop for many years now, so they may be hoping that the new look email product will benefit from the existing brand’s goodwill. However, I noticed from a …
Permanent link to this article: https://baldric.net/2012/08/02/outlook-goes-public-linus-approves/
May 25 2012
According to reporting today, Jeremy Hunt, the Secretary Of State for Culture, Media and Sport, lobbied the Prime Minister in support of Rupert Murdoch’s bid for BSkyB. The report says: “The inquiry heard that the culture secretary drafted the email on his private Gmail account on 19 November 2010 despite being warned by his officials …
Permanent link to this article: https://baldric.net/2012/05/25/stupid-hunt/
Mar 29 2012
My last post contained two (non-existent) email addresses in my baldric domain in the extract from my postfix logs. As I said in the post, I had edited the log entry specifically to mask real details. Yesterday, only four days after that post, I received spam email attempts at those addresses. As I have said …
Permanent link to this article: https://baldric.net/2012/03/29/that-didnt-take-long/
Mar 24 2012
In January of this year I wrote about t-mobile’s apparent policy of actively looking for and blocking any TLS-secured SMTP sessions over their network. At the time I believed this to be a cockup rather than a deliberate policy. I still prefer to believe that, but the episode left a rather sour taste in my …
Permanent link to this article: https://baldric.net/2012/03/24/android-mail-client-is-broken/
Mar 19 2012
Today I received two (make that four now – must sort out my spam filters) phishing emails from a source new to me. Each email purported to come from “linkedin” and each invited me to login to respond to “invitations from your work colleague”. Since a) I have never been a member of linkedin, and …
Permanent link to this article: https://baldric.net/2012/03/19/unlinked/
Feb 14 2012
From a peak of around 25,000 mail drops per month in the backscatter I was getting from the .ru domain to the non-existent address “info@baldric.net” I am now seeing virtually none. My logs show a distinct drop off from mid to late December last year to about 10-15 emails per day (when I had previously …
Permanent link to this article: https://baldric.net/2012/02/14/%d0%b4%d0%be%d1%81%d0%b2%d0%b8%d0%b4%d0%b0%d0%bd%d0%b8%d1%8f-%d0%ba%d0%b0%d0%bc%d1%80%d0%b0%d0%b4/
Oct 10 2011
The volume of spam backscatter I am receiving at the baldric.net domain currently runs at around 18-20,000 emails per month, nearly all of which is aimed at the info@ address I have mentioned before. My mail server is currently configured to reject mail to non-existent users at the SMTP level with a permanent failure message …
Permanent link to this article: https://baldric.net/2011/10/10/that-looks-like-a-scam-to-me/
Jul 18 2011
Like most email users I get my fair share of spam and other internet crud. Mostly I ignore it, but I received an intriguing email a couple of days ago which purported to be a mailer daemon “Delivery Status Notification” informing me of a failed delivery to some address I had not even heard of. …
Permanent link to this article: https://baldric.net/2011/07/18/who-are-you-going-to-call/
Mar 27 2011
A few weeks ago I installed pflogsumm on my mail server in order to automate my mail log scanning. For some time I had been conscious that my mailer had been rejecting a lot of mail with “user unknown” but I had never really investigated that in any depth. Running pflogsumm over the logs on …
Permanent link to this article: https://baldric.net/2011/03/27/from-russia-with-love/
Jan 23 2010
I own a bunch of different domains and run a mail service on all of them. In the past I have used a variety of different ways of providing mail, from simple pop/imap using dovecot and postfix, through to using the database driven mail service in egroupware. Recently I have consolidated mail for several of …
Permanent link to this article: https://baldric.net/2010/01/23/life-is-too-short-to-use-horde/
Nov 01 2009
I note from a recent register posting that that some gmail users are objecting to the fact that google’s mail service has failed yet again. El Reg even quotes one disgruntled user as saying: “More than 30 hours without email…totally unacceptable. I’ll definitely have to reconsider my selection of gmail for my primary email account. …
Permanent link to this article: https://baldric.net/2009/11/01/a-free-service-is-worth-exactly-what-you-pay-for-it/