Spam

/Tag: Spam

Bad Recruiter E-Mail Tips

I get a lot of e-mails from recruiters, so I’ve seen the good, the bad, and the ugly. I used to reply to all of them, thanking them, and politely declining. Now there’s too many, so I’ve stopped replying to the “bad ones”. Here’s how you get your e-mail in the “bad” list:

1. Don’t address me by name, showing that perhaps you’ve read my resume, website, etc… or have done any homework on me at all. Instead, start your e-mail with something like: “Dear Consultant,”, “Dear,”, “Dear ,”, or just skip any salutation entirely.

2. Misspell most words. Ignore the rules of grammar. I know many recruiters are not native English speakers, but still, use your spell checker, have someone proof read your initial contact email template. Blatant misspellings do not convey a feeling of professionalism.

(more…)

Read More

Spammers using a Thesaurus?

My wife received an interesting spam comment on her blog. At first glance it looked like it was just written by someone with an awful grasp of the English language, but then I realized that some of the words were just synonyms that didn’t actually work in context.

Take a look at the comment:

Hi. Very first I would like to say that I truly like your webpage, just identified it last week but I’ve been reading it ever since then.

I seem to consent with most of your respective ideas and opinions and this post is no exception. I fully

Thank you to get a wonderful blog and I hope you keep up the beneficial perform. If you do I will continue to look over it.

Possess a good day.

See the “beneficial perform” instead of “good work”, “possess a good day” instead of “have a good day”, etc….?

My guess is that someone is using an automated program that swaps out a few works with various synonyms from a thesaurus dataset in order to avoid getting blocked by Akismet or similar content matching anti-spam comment protection mechanisms. Quite clever actually!

Read More

SpamCop RBL is Blocking Several Facebook Mail Servers

If you are using the SpamCop realtime block list as part of your anti-spam measures, be warned that they appear to be blocking several legitimate Facebook mail servers.

I’ve seen them blocking the following Facebook mail server IPs:

  • 69.63.178.169
  • 69.63.178.172
  • 69.63.178.175

Presumably there’s a whole block of IPs that SpamCop is blocking. Since I like to get e-mail from Facebook, I have currently disabled my SpamCop RBL check. You may want to do the same.

Read More

Setting Up SPF, SenderId, Domain Keys, and DKIM

If you run a mail server, and if you hate spam, you should setup your mail server to make use of all the best anti-spam tools available. There are two sides to spam, sending and receiving.

On the receiving side, you have things like blacklists, spamassassin, bayesian filtering, and lots more. I’ll probably cover this side of things in greater depth in another post.

On the sending side, first and foremost, you have to ensure your server is not acting as an open relay, and allowing spam to be sent through it. After that’s done, you want to be sure that e-mail you send isn’t flagged as spam by people receiving it. And, being a good e-mail citizen, you you want to support the anti-spam standards that are out there.

There are four primary standards for verifying senders and servers.

Sender Policy Framework (SPF) – from their FAQ:

Sender Policy Framework (SPF) is an attempt to control forged e-mail. SPF is not directly about stopping spam – junk email. It is about giving domain owners a way to say which mail sources are legitimate for their domain and which ones aren’t. While not all spam is forged, virtually all forgeries are spam. SPF is not anti-spam in the same way that flour is not food: it is part of the solution.

SenderId – a Microsoft technology which is very similar to SPF:

The Sender ID framework, developed jointly by Microsoft and industry partners, addresses a key part of the spam problem: the difficulty of verifying a sender’s identity.

DomainKeys – from Wikipedia:

DomainKeys is an e-mail authentication system designed to verify the DNS domain of an e-mail sender and the message integrity.

DKIM – an evolved form of DomainKeys, from Wikipedia:

DKIM uses public-key cryptography to allow the sender to electronically sign legitimate emails in a way that can be verified by recipients. Prominent email service providers implementing DKIM (or its slightly different predecessor, DomainKeys) include Yahoo and Gmail. Any mail from these domains should carry a DKIM signature, and if the recipient knows this, they can discard mail that hasn’t been signed, or that has an invalid signature.

SenderId is primarily used by Microsoft mail services like Hotmail/MSN, while DomainKeys and DKIM are primarily used by Yahoo. SPF is used by many mail services.

I’m going to walk you through setting up these anti-spam technologies. I will be setting them up for my domain, digitalsanctuary.com, and using my mail server, which is postfix running on Debian. Your setup and requirements may vary.
(more…)

Read More

Please Stop Using Yahoo Mail

Yahoo mail servers have been consistently delaying or rejecting e-mails for over a year. You can read about it here:

http://www.ahfx.net/weblog.php?article=107

Or just Google for “4.16.50”.

The short of it is that even with a low volume personal mail server, with the correct spf records, without running an open relay, without being blacklisted by ANY blacklist site/service, Yahoo still won’t deliver e-mail from you. And they aren’t responsive about addressing the problem.

So please, if you use Yahoo mail, switch to GMail. You’ll like it more, and more importantly, you’ll actually get e-mail people are trying to send you.

Read More