Search Results

dspam Hackery 101, converting messages to mbox

Tuesday, July 24th, 2007

I’ve been running dspam for many years here at gnu-designs, inc. We replaced SpamAssassin with it several years ago, because SA was just not getting any better at filtering spam away from user’s mailboxes. After a few weeks of using dspam, our filtering performance was over 95%, and rising steadily. 3 years later, we weren’t […]

Locking more of the web down behind TLS and SSL

Tuesday, May 20th, 2008
Tags:

This is another case of yak shaving that all started with trying to implement imapproxy to proxy internal IMAP connections between Dovecot and SquirrelMail on my public servers. Implementing imapproxy was a simple drop-in. All that was required was some server-side configuration to get Dovecot to listen to the server port that imapproxy uses, and […]

How NOT to Retire an Unused Email Address

Friday, November 9th, 2007

Here is an example of how NOT to retire an unused email address.. I was going through our bugtracker today for Plucker and pilot-link issues as I was preparing for another pilot-link release (0.12.3, woo!), and decided to go through all of the legacy issues marked as Resolved, and mark them as Closed, to clean […]

The Spam that Failed

Saturday, January 27th, 2007

I have to laugh… this was a spam that I received a few days ago in my Inbox, and it looked exactly like this: %TO_CC_DEFAULT_HANDLER Subject: %SUBJECT Sender: “%FROM_NAME” Mime-Version: 1.0 Content-Type: text/html Date: %CURRENT_DATE_TIME %MESSAGE_BODY The full message source looked like this: Return-Path: Received: from steel1.ntsias.ru (steel1.ntsias.ru [85.119.72.170] (may be forged)) by aphrodite.gnu-designs.com (8.13.5/8.13.6-SELinux) […]

Are you tired of Gutenspam?

Sunday, July 9th, 2006
Tags:

I’ve been seeing a sharp rise in the amount of “Gutenspam” sent to my mail servers lately. It started as innocent garbage paragraphs buried in HTML comment structures, so if you viewed it in a normal mail client that “rendered” HTML (dangerous), it wouldn’t be visible. If you viewed the source of the email, you’d […]

Spam Host Cloaking Technique

Friday, June 23rd, 2006
Tags:

I was pointed to this interesting writeup describing how spammers are now using a sophisticated “host cloaking” technique to hijack valid IP addresses to send their spam through web tunnels to the outside world, thwarting detection and having their accounts deleted/disabled. It goes like this: The spammer obtains a dedicated server at the victim service […]

What exactly are you trying to sell me again?

Friday, June 9th, 2006

——=_NextPart_000_0001_01C68BAC.D6AFF790 Content-Type: text/plain; charset=”us-ascii” Content-Transfer-Encoding: 8bit Hi, VALlU jc M from o rl nly $ ok 1,2 ok 1 Ambi an en ClAL ar lS from on ln ly $ eg 3,7 jv 5 Proza uv c Som ri a Levit jw ra Merid gr ia VlA ua GRA from o sq nly $ tz […]

Bad Behavior has blocked 2012 access attempts in the last 7 days.