Category: mail and mail lists

postfix sender restrictions – job NOT done

OK, I admit to being dumb. I got another scam email yesterday of the same formulation as the earlier ones (mail From: me@mydomain, To: me@mydomain) attempting to extort bitcoin from me. How? What had I missed this time? Well, this was slightly different. Checking the mail headers (and my logs) showed that the email had …

Continue reading

Permanent link to this article: https://baldric.net/2019/02/16/postfix-sender-restrictions-job-not-done/

postfix sender restrictions

I mentioned in my previous post that I had recently received one of those scam emails designed to make the recipient think that their account has been compromised in some way and that, furthermore, that compromise has led to malware being installed which has spied on the user’s supposed porn habits. The email then attempts …

Continue reading

Permanent link to this article: https://baldric.net/2019/01/24/postfix-sender-restrictions/

congratulations to BT

I have been running my own mail server now for well over a decade. Whilst the actual physical hardware (or actually VPS system) may have changed once or twice during that time, the underlying software (postfix and dovecot on debian) has not really changed all that much. However, what has changed over the last decade …

Continue reading

Permanent link to this article: https://baldric.net/2019/01/23/congratulations-to-bt/

update to domain privacy

At the end of last month I noted that I had been receiving multiple emails to each of the proxy addresses listed for my newly registered “private” domains. Intriguingly, whilst I was receiving at least three or four such emails a week before I wrote about it, I have had precisely zero since. Probably coincidence, …

Continue reading

Permanent link to this article: https://baldric.net/2015/08/20/update-to-domain-privacy/

domain privacy?

Over the past few months or so I have bought myself a bunch of new domain names (I collect ’em….). On some of those names I have chosen the option of “domain privacy” so that the whois record for the domain in question will show limited information to the world at large. I don’t often …

Continue reading

Permanent link to this article: https://baldric.net/2015/07/28/domain-privacy/

the russians are back

About four years ago I was getting a huge volume of backscatter email to the non-existent address info@baldric.net. After a month or so it started to go quiet and eventually I got hardly any hits on that (or any other) address. A couple of weeks or so ago they came back. My logs for weeks …

Continue reading

Permanent link to this article: https://baldric.net/2015/03/30/the-russians-are-back/

thrust update

I have just run a search for further evidence of the possible compromise at thrustvps and found threads on webhostingtalk, vpsboard, freevps.us and habboxforum amongst others. All of those comments are from people (many, like me, ex-customers) who have received emails like the one I referred to below. So, I guess thrust /do/ have a …

Continue reading

Permanent link to this article: https://baldric.net/2014/01/20/thrust-update/

thrustvps compromised?

I have not used thrust since my last contract expired. I left them because of their appalling actions at around this time last year. However, today I received the following email from them: From: Admin To: xxx@yyy Subject: Damn::VPS aka Thrust::VPS Date: Sat, 18 Jan 2014 03:28:06 +0000 This is a notification to let you …

Continue reading

Permanent link to this article: https://baldric.net/2014/01/18/thrustvps-compromised/

lavabit dead

I run my own mail server for a number of reasons. And I rarely regret that decision. However, there have been occasions in the past when relying on a single mail provider (even when that provider is myself) has proven problematic. The first problem arose several years ago when the ISP which I use for …

Continue reading

Permanent link to this article: https://baldric.net/2013/08/09/lavabit-dead/

dovecot failure

Today I ran a routine apt-get update/apt-get upgrade on my mailserver and dovecot failed afterwards. This is a “bad thing” (TM). No routine software upgrade should cause a failure of the kind I experienced. Two things happened which should not have done. Firstly the SSL certificates appeared to have changed (which meant that mail clients …

Continue reading

Permanent link to this article: https://baldric.net/2013/01/11/dovecot-failure/

outlook goes public – linus approves

Microsoft has (re-)launched its free public email service (previously branded “hotmail” and “windows live”) under the brand “outlook”. Outlook has been Microsoft’s email client on the corporate desktop for many years now, so they may be hoping that the new look email product will benefit from the existing brand’s goodwill. However, I noticed from a …

Continue reading

Permanent link to this article: https://baldric.net/2012/08/02/outlook-goes-public-linus-approves/

stupid hunt

According to reporting today, Jeremy Hunt, the Secretary Of State for Culture, Media and Sport, lobbied the Prime Minister in support of Rupert Murdoch’s bid for BSkyB. The report says: “The inquiry heard that the culture secretary drafted the email on his private Gmail account on 19 November 2010 despite being warned by his officials …

Continue reading

Permanent link to this article: https://baldric.net/2012/05/25/stupid-hunt/

that didn’t take long

My last post contained two (non-existent) email addresses in my baldric domain in the extract from my postfix logs. As I said in the post, I had edited the log entry specifically to mask real details. Yesterday, only four days after that post, I received spam email attempts at those addresses. As I have said …

Continue reading

Permanent link to this article: https://baldric.net/2012/03/29/that-didnt-take-long/

android mail client is broken

In January of this year I wrote about t-mobile’s apparent policy of actively looking for and blocking any TLS-secured SMTP sessions over their network. At the time I believed this to be a cockup rather than a deliberate policy. I still prefer to believe that, but the episode left a rather sour taste in my …

Continue reading

Permanent link to this article: https://baldric.net/2012/03/24/android-mail-client-is-broken/

unlinked

Today I received two (make that four now – must sort out my spam filters) phishing emails from a source new to me. Each email purported to come from “linkedin” and each invited me to login to respond to “invitations from your work colleague”. Since a) I have never been a member of linkedin, and …

Continue reading

Permanent link to this article: https://baldric.net/2012/03/19/unlinked/

Досвидания камрад?

From a peak of around 25,000 mail drops per month in the backscatter I was getting from the .ru domain to the non-existent address “info@baldric.net” I am now seeing virtually none. My logs show a distinct drop off from mid to late December last year to about 10-15 emails per day (when I had previously …

Continue reading

Permanent link to this article: https://baldric.net/2012/02/14/%d0%b4%d0%be%d1%81%d0%b2%d0%b8%d0%b4%d0%b0%d0%bd%d0%b8%d1%8f-%d0%ba%d0%b0%d0%bc%d1%80%d0%b0%d0%b4/