MobileMe to iCloud Migration Calendar Issues


I just switched my online calendaring from the old MobileMe system to the new iCloud system. To make this work I had to export and import my MobileMe calendars into iCloud. Unfortunately this seems to have resent hundreds or thousands of calendar invites and RSVP notices to everyone I’d dealt with for the last 3+ years.

If you were on that list, I apologize! If you’re planning a similar migration, be careful!

Interesting Phishing Technique

I got contacted today with a non-form e-mail from a person offering a partnership which would “highly increase your context advertisement block (adsense) earnings” on 10MinuteMail. Essentially saying that they could increase my ad revenue, and would do that for a share of the increased revenue.

Which sounds good as I was wondering if there was stuff I could be doing with layout or ad types to help increase clicks, except this was from a random guy at a gmx.com address, with no company name. Googling his name and e-mail address turned up nothing. So I replied asking for his company info or references, etc…

Sorry, but our company has no web
site.
You will easteablish our credibility during partnership with us.
Lets just try it first, ok?
Put this code between the body tags on your 10minutemail.com
main page only:
<img src=”some russian site” />
It is an 1*1px transparent image.

Supposedly after I do that I’ll see the result in a couple of days.

So wow, little warning bells are now big warning bells. Adding a web bug can’t impact your Google adsense revenue. Adding a web bug to your site from a domain name with no website that’s registered by someone in Russia seems like a TERRIBLE idea! So of course I said no.

What do you think? Some sort of XSS attack, or cookie attack? I’m just not sure what the end game would be on this…

Spammers using a Thesaurus?

My wife received an interesting spam comment on her blog. At first glance it looked like it was just written by someone with an awful grasp of the English language, but then I realized that some of the words were just synonyms that didn’t actually work in context.

Take a look at the comment:

Hi. Very first I would like to say that I truly like your webpage, just identified it last week but I’ve been reading it ever since then.

I seem to consent with most of your respective ideas and opinions and this post is no exception. I fully

Thank you to get a wonderful blog and I hope you keep up the beneficial perform. If you do I will continue to look over it.

Possess a good day.

See the “beneficial perform” instead of “good work”, “possess a good day” instead of “have a good day”, etc….?

My guess is that someone is using an automated program that swaps out a few works with various synonyms from a thesaurus dataset in order to avoid getting blocked by Akismet or similar content matching anti-spam comment protection mechanisms. Quite clever actually!

SpamCop RBL is Blocking Several Facebook Mail Servers

If you are using the SpamCop realtime block list as part of your anti-spam measures, be warned that they appear to be blocking several legitimate Facebook mail servers.

I’ve seen them blocking the following Facebook mail server IPs:

  • 69.63.178.169
  • 69.63.178.172
  • 69.63.178.175

Presumably there’s a whole block of IPs that SpamCop is blocking. Since I like to get e-mail from Facebook, I have currently disabled my SpamCop RBL check. You may want to do the same.

Setting Up SPF, SenderId, Domain Keys, and DKIM

If you run a mail server, and if you hate spam, you should setup your mail server to make use of all the best anti-spam tools available. There are two sides to spam, sending and receiving.

On the receiving side, you have things like blacklists, spamassassin, bayesian filtering, and lots more. I’ll probably cover this side of things in greater depth in another post.

On the sending side, first and foremost, you have to ensure your server is not acting as an open relay, and allowing spam to be sent through it. After that’s done, you want to be sure that e-mail you send isn’t flagged as spam by people receiving it. And, being a good e-mail citizen, you you want to support the anti-spam standards that are out there.

There are four primary standards for verifying senders and servers.

Sender Policy Framework (SPF) – from their FAQ:

Sender Policy Framework (SPF) is an attempt to control forged e-mail. SPF is not directly about stopping spam – junk email. It is about giving domain owners a way to say which mail sources are legitimate for their domain and which ones aren’t. While not all spam is forged, virtually all forgeries are spam. SPF is not anti-spam in the same way that flour is not food: it is part of the solution.

SenderId – a Microsoft technology which is very similar to SPF:

The Sender ID framework, developed jointly by Microsoft and industry partners, addresses a key part of the spam problem: the difficulty of verifying a sender’s identity.

DomainKeys – from Wikipedia:

DomainKeys is an e-mail authentication system designed to verify the DNS domain of an e-mail sender and the message integrity.

DKIM – an evolved form of DomainKeys, from Wikipedia:

DKIM uses public-key cryptography to allow the sender to electronically sign legitimate emails in a way that can be verified by recipients. Prominent email service providers implementing DKIM (or its slightly different predecessor, DomainKeys) include Yahoo and Gmail. Any mail from these domains should carry a DKIM signature, and if the recipient knows this, they can discard mail that hasn’t been signed, or that has an invalid signature.

SenderId is primarily used by Microsoft mail services like Hotmail/MSN, while DomainKeys and DKIM are primarily used by Yahoo. SPF is used by many mail services.

I’m going to walk you through setting up these anti-spam technologies. I will be setting them up for my domain, digitalsanctuary.com, and using my mail server, which is postfix running on Debian. Your setup and requirements may vary.
Continue reading