soleros
-
Posts
17 -
Joined
-
Last visited
Posts posted by soleros
-
-
This is an old thread but it brings up some questions:
1. If I were having this problem on a TCH-hosted domain (being hijacked and thus, me getting bounces to made-up emailaddresses@**** used by spammers) -- it isn't clear if this is enough to get an account suspended. It shouldn't be, since the TCH-hosted domain is a victim, not a perp.
2. Does TCH expect us to report abuse to dozens or hundreds of different emails, ip addresses, compromised mail relays, in order to keep from being suspended? This would be unfair to those who are hijacked like this.
3. What is TCH's level of awaress of sender-authentication schemes such as SDF? (sdf.pobox.com). My domains have implemented their DNS TXT records, which ought to indicate a serious attempt on my part to reduce the risk of my domain being framed as a spammer's domain.
The point is, to what extent must the victim go out of their way and spend time responding to this sort of thing to please TCH? Or put another way, at what point does TCH agree that the victim IS a victim (and has no virii) and consider the account in good standing and keep it active?
Also, what exactly is the mechanism by which suspension occurs? Some automated process, or is a human involved? In other words, how much opportunity does a TCH-hosted domain account holder have to alert TCH before TCH takes any adverse action on the account?
Some of this may be in the TOS or AUP but a reiteration in plain English here would be helpful. If any of it is in plain English in those two documents just let me know -- I don't have time to read them at the moment but have recently been a victim of this same problem and want to know the full scoop on response requirements, etc.
-
Oh believe me I've seen THAT happen -- like on a domain that I have never used email (or anything else) on, but for some reason had a catchall address for.
As it happens, though, the domain that was hijacked has existed since 1996. So....that's not what happened in this case.
Frankly, as careful as I am, I am amazed I avoided this sort of thing on that domain for 8 years.
-
I got one of my domains swiped last week for this use as well, so I've been getting about 50 "bounce" messages a day with random email addresses (because I use a catchall address, a practice which may have to end on that domain). Before this I almost never got spam because of the compartmentalization of how I use addresses (facilitated by the catchall address). I won't go into that, but I am a little curious why the first spams I got were at an address I only gave to TCH last year and never to anyone else.
Anyway, it hardly matters now. They've decided they like my domain. I'm sure that there are 100x as many spam email "from" me getting through to unsuspecting victims.
In terms of doing something about it, all is not lost, however. There are several movements afoot to assist with authenticating authorized senders. A good start is to check out this site:
I do not know whether or not TCH's in-house DNS allows the addition of TXT records, but if so (I host my DNS separately), it's worth using the wizard here to create a pertinent record for any domain you own, because more providers are adopting this or similar standards and it's already helping cut down spam and successful forgery.
I added one yesterday for the hijacked domain, but I have no idea if it will do any good. It can't hurt.
-
Well guys, not too thrilled, I'm getting spammed at an email address only assigned to TCH for its correspondence with me. Might want to double-check your security of customer lists. I know it wasn't anyone else; I assign every business I do business with on the 'net an email address that is for its exclusive use.
That's why I get about 3 spam messages a week. Works great...and tells me who needs to button things up a little tighter. - ?
And no it's not because of some virus I got that passed on that address to a spammer. I don't get virii or worms or any of that other malware. I'm on a Mac running OS 9, and I don't play fast and loose with email addresses.
So...please have a look at your end. Thanks.
k.
-
Well, even if they don't, I'll bet ZoneEdit will.
Meanwhile though there still is the SquirrelMail problem. Perhaps I should just clear out all the email and recreate the account? Maybe it needs a good .
-
Great. Thanks for passing that on, I wonder why they are doing that. I'll send them a note. I wondered why I was getting help desk replies promptly and then none at all. They must have put TCH on a blacklist.
I'll have to give you guys a different email address that bypasses that DNS provider until they unblock you.
-
Would you mind editing that entry to remove my address? Thanks.
It has been working for me. Are you getting a bounce?
UPDATE: I just did another test and it still works fine. I have no idea where the Help Desk responses went. (And yes, I believe you probably did respond within 30 minutes, but lacking a response I have no way of getting into the system to see your reply.)
-
Bill, thanks for the test, but you obviously tested from the email account which uses the main login/pw on that domain name, not the account I actually use, which *always* gives me this error and never sends my email anywhere:
ERROR:
Requested action not taken: mailbox unavailable
Server replied: 550 Verification failed for <******+soleros.com@soleros.com>
no such address here
Sender verify failed
So no...it doesn't work perfectly, far from it. Sorry I didn't specify *which* email account, but again, the one you tried I don't use *because* it also contains the login to other services.
I can't send webmail from my usual account, because of the error quoted above.
-
Hi guys. Since the move to 67 I have not been able to send from my personal email account. I have submitted two help desk tickets about this but I never get an email confirmation with instructions to access the help desk area, and the email address you have on file for me does receive email.
So I'm posting here in another attempt to get attention for a service I used daily and now cannot use at all, and also to register yet another complaint that it is improperly configured and appends my email account *login* to my domain name rather than the email address I configured in SquirrelMail's personal options. I would never willingly give out my *login* to anyone. (And please don't explain to me that the login is always part of the visible email address -- I configure my email accounts precisely to avoid this ever happening, and it works on every other installation of SquirrelMail I've ever used -- the real email login is never revealed because an alias is used instead.)
Thanks for your help. The domain name in question is soleros.com. Given the help desk tickets already sent you should have all the login details you need. I can receive email, but I can't reply, so don't expect a response until this is fixed or I have time to do so from a regular standalone email client.
-
I assume that Server 30 is basically going to be uncooperative until the move to a new machine, but nevertheless I must report that while some services are back up, SMTP is not one of them -- I can't *send* any email ... and there's a huge delay in receiving test messages also. (POP)
Should we expect unreliability until further notice?
...add to that no FTP cooperation either. And I haven't received back any of my tests (sent from other email accounts off Server 30), even though my email client can log in to the POP server.
-
IP 69.57.134.136 is still not responding though 69.57.134.37 is.
And since it's been so many years since my email was down for 4 hours, I too would like to know what to expect in terms of bouncing. I have received no email newer than 2p today which given the lists I am on is virtually unheard of.
-
Thanks for the tip. Glad I'm not imagining things, at least. I'm sure you guys will them into shape. Soon. I hope.
-
Enough said. No email, no web sites, no nothing. So naturally I can't even receive a response to a help desk ticket...
Back to add a little more info...the graphics on the Real Time status page for this server have not been loading all this time either. I had someone on another network elsewhere in town try several sites on my reseller account and he couldn't see them either.
Jolly good. Makes me want to go right home and set up my own server again...sorry to be cranky, but I'm not sure how else one would be with such a long outage. This is a serious disruption.
How Do I Stop This?
in Security Discussions
Posted
Thanks for the replies, Mike. So...my impression of SPF configuration is that it happens at the DNS level, where the legitimate mail servers allowed to send mail from a domain are defined in a TXT record. That's what I've done. From what you said it sounds like there may be some reason why that is not sufficient. (?)
Other question I forgot: So if you're a reseller and somebody you're hosting starts sending spam, what gets suspended? *their* domain, or the reseller domain? Since it happens quickly it would be good to know in advance at what level the suspension occurs: The guilty domain, or everything hosted by that reseller account. (?)
Thanks again for the in-depth responses. Thumbs Up