If you get these damned things there is a place to report them

http://www.antiphishing.org/report_phishing.html


do so.

The Natural Philosopher wrote:
If you get these damned things there is a place to report them

http://www.antiphishing.org/report_phishing.html


do so.

Life is just *way* too short for me to do this at least 10 times a day. I
feel sorry for pensioners and net newbies who get caught by these scams but
I very much doubt that end recipient reporting is the way to go about
dealing with these.

I'm sure that if the will (and the money) existed, 99.9% of them could be
intercepted at server level. As it is, Yahoo and Google are very good at
filtering them already so the technology exists. Along with that, no one
should leave school or finish a computing course of any kind without being
taught about Internet scams.

Tim

On Feb 23, 2:44*pm, Tim wrote:
The Natural Philosopher wrote:

If you get these damned things there is a place to report them

http://www.antiphishing.org/report_phishing.html

do so.

Life is just *way* too short for me to do this at least 10 times a day. *I
feel sorry for pensioners and net newbies who get caught by these scams but
I very much doubt that end recipient reporting is the way to go about
dealing with these.

I'm sure that if the will (and the money) existed, 99.9% of them could be
intercepted at server level. *As it is, Yahoo and Google are very good at
filtering them already so the technology exists. *Along with that, no one
should leave school or finish a computing course of any kind without being
taught about Internet scams.

They are taught about them. Some even become very goos at them :-)

MBQ

On 23/02/2012 14:08, The Natural Philosopher wrote:
If you get these damned things there is a place to report them

http://www.antiphishing.org/report_phishing.html


do so.

Not worth the effort. If they were half way serious players they would
accept msgs forwarded to a specified email address with full headers.

(In)Action Fraud is worse than a chocolate fireguard too.
They were not even smart enough to configure their own email system to
accept the spam and phishing emails they told the public to send them.

Any antiphishing organisation worth its salt will already have more than
enough honeypot addresses to collect spam and phishing attacks. There is
no point forwarding stuff to these to generic spam sites unless it makes
you feel better. The problem is in getting international cooperation to
close down bad sites and botnets.

--
Regards,
Martin Brown

On Feb 23, 3:03 pm, Martin Brown
wrote:
On 23/02/2012 14:08, The Natural Philosopher wrote:

If you get these damned things there is a place to report them

http://www.antiphishing.org/report_phishing.html

do so.

Not worth the effort. If they were half way serious players they would
accept msgs forwarded to a specified email address with full headers.

(In)Action Fraud is worse than a chocolate fireguard too.
They were not even smart enough to configure their own email system to
accept the spam and phishing emails they told the public to send them.

Any antiphishing organisation worth its salt will already have more than
enough honeypot addresses to collect spam and phishing attacks. There is
no point forwarding stuff to these to generic spam sites unless it makes
you feel better. The problem is in getting international cooperation to
close down bad sites and botnets.

--
Regards,
Martin Brown

well said sir

Jim K

On Thu, 23 Feb 2012 14:44:57 +0000, Tim wrote:

I'm sure that if the will (and the money) existed, 99.9% of them could
be intercepted at server level.

Very little spam arrives in my inbox I think the last bit was about
two weeks ago. The junk mail folder (sorted by Spam Assasasin) has 14
messages in it since the begining of the year. If I look in the logs
I see around a couple of attempts an hour to send me stuff that gets
rejected at the SMTP level. So yes spam is easy to intercept at the
server level. But doing the blacklist lookups etc adds server load so
the big providers are reluctant to do much checking.

--
Cheers
Dave.

"Dave Liquorice" wrote in message
ll.co.uk...
On Thu, 23 Feb 2012 14:44:57 +0000, Tim wrote:

I'm sure that if the will (and the money) existed, 99.9% of them could
be intercepted at server level.

Very little spam arrives in my inbox I think the last bit was about
two weeks ago. The junk mail folder (sorted by Spam Assasasin) has 14
messages in it since the begining of the year. If I look in the logs
I see around a couple of attempts an hour to send me stuff that gets
rejected at the SMTP level. So yes spam is easy to intercept at the
server level. But doing the blacklist lookups etc adds server load so
the big providers are reluctant to do much checking.

I never get spam in my hotmail inbox, it uses a user defined white list so
only people I allow can send me mail.
So M$ are prepared to do the checking if you want to enable it.

The Natural Philosopher wrote:

If you get these damned things there is a place to report them
http://www.antiphishing.org/report_phishing.html

I don't think I shall be reporting anything to website sponsored by
phorm ...

Tim wrote:
The Natural Philosopher wrote:
If you get these damned things there is a place to report them

http://www.antiphishing.org/report_phishing.html


do so.

Life is just *way* too short for me to do this at least 10 times a day. I
feel sorry for pensioners and net newbies who get caught by these scams but
I very much doubt that end recipient reporting is the way to go about
dealing with these.

I'm sure that if the will (and the money) existed, 99.9% of them could be
intercepted at server level. As it is, Yahoo and Google are very good at
filtering them already so the technology exists. Along with that, no one
should leave school or finish a computing course of any kind without being
taught about Internet scams.


well I am just making those people who don't know that something can be
done, aware.

The faster these get reported, the faster they are blacklisted.

Simply forwarding a phish to an address in your address book is almost
as quick as deleting it.


Tim

Martin Brown wrote:
On 23/02/2012 14:08, The Natural Philosopher wrote:
If you get these damned things there is a place to report them

http://www.antiphishing.org/report_phishing.html


do so.

Not worth the effort. If they were half way serious players they would
accept msgs forwarded to a specified email address with full headers.


They do

(In)Action Fraud is worse than a chocolate fireguard too.
They were not even smart enough to configure their own email system to
accept the spam and phishing emails they told the public to send them.

Any antiphishing organisation worth its salt will already have more than
enough honeypot addresses to collect spam and phishing attacks. There is
no point forwarding stuff to these to generic spam sites unless it makes
you feel better. The problem is in getting international cooperation to
close down bad sites and botnets.

Tim Streater wrote:
In article o.uk,
"Dave Liquorice" wrote:

On Thu, 23 Feb 2012 14:44:57 +0000, Tim wrote:

I'm sure that if the will (and the money) existed, 99.9% of them
could be intercepted at server level.

Very little spam arrives in my inbox I think the last bit was about
two weeks ago. The junk mail folder (sorted by Spam Assasasin) has 14
messages in it since the begining of the year. If I look in the logs
I see around a couple of attempts an hour to send me stuff that gets
rejected at the SMTP level. So yes spam is easy to intercept at the
server level. But doing the blacklist lookups etc adds server load so
the big providers are reluctant to do much checking.

What's it got to do with the server?

A hell of a lot.

at least 50% of pure spam never reaches your mailbox.

If it comes from blacklisted mail senders.


*I* get to decide whether mail is
spam or not. What is spam for me may not be for you. A good spam filter
is trainable, but it has to be trained by the end-user.

Have a look at what most of the ISPs use - www.spamhaus.org

And read the FAQs to see WHY having your OWN spam filter wastes YOUR
bandwidth.

I have been busy setting up my own mail service so I don't have to use
an ISPs one and well over 50% of the incoming email is now being
rejected because

- its addressed to users (in domains I own) that do not and never have
existed.
- its coming from IP addresses DIRECTLY to my server that are known
'Dial up' type blocks, and therefore should ONLY be sending mail via
their ISP's relay.
- its coming from other IP addresses that are blacklisted as spam
originators.

That still leaves me with about 20 messages a day that do get by that
are spam.

Actually, since midnight, 23..

On 23/02/2012 19:07, dennis@home wrote:

I never get spam in my hotmail inbox, it uses a user defined white list
so only people I allow can send me mail.
So M$ are prepared to do the checking if you want to enable it.

My wife gets hardly any. But every so often they refuse the emails I
forward on to her.

How many good mails do they throw away?

Andy

The Natural Philosopher wrote:
Tim wrote:
The Natural Philosopher wrote:
If you get these damned things there is a place to report them

http://www.antiphishing.org/report_phishing.html


do so.
Life is just *way* too short for me to do this at least 10 times a day. I
feel sorry for pensioners and net newbies who get caught by these scams but
I very much doubt that end recipient reporting is the way to go about
dealing with these.
I'm sure that if the will (and the money) existed, 99.9% of them could be
intercepted at server level. As it is, Yahoo and Google are very good at
filtering them already so the technology exists. Along with that, no one
should leave school or finish a computing course of any kind without being
taught about Internet scams.

well I am just making those people who don't know that something can be done, aware.

The faster these get reported, the faster they are blacklisted.

Simply forwarding a phish to an address in your address book is almost as
quick as deleting it.


Until your email account gets blocked because you're sending out phishing
emails... (it's happened to me).

Tim

On Thu, 23 Feb 2012 19:07:04 -0000, dennis@home wrote:

I never get spam in my hotmail inbox, it uses a user defined white list
so only people I allow can send me mail.

So when you correspond (in the broadest terms) with some body "out
there" you have to add them to your whitelist? That must be fun if it
was a webform and you don't know the address it was sent to or what
address is going to be used for the response.

--
Cheers
Dave.

On Thu, 23 Feb 2012 22:20:29 +0000, Tim Streater wrote:

What's it got to do with the server?

You reject at the SMTP level, the message body doesn't get transfered
as the connection is rejected before that stage. A real MTA will keep
trying and eventually bounce the message back to the sender. Spammers
tend to only try once, so even simple grey listing can be quite
effective in reducing spam and how much bandwidth you use.

And read the FAQs to see WHY having your OWN spam filter wastes
YOUR
bandwidth.
snip
I have been busy setting up my own mail service so I don't have to
use
an ISPs one and well over 50% of the incoming email is now being
rejected

Didn't you say above that this is a waste of bandwidth? ducks

Something seems to have been lost in the translation. B-)

As you are aware, if you rely on spam filtering after you have
downloaded the body and something turns out to be spam you have
"wasted" that download. If you check at server level you can trap out
a lot of (in my case most) spam before you download it.

--
Cheers
Dave.

Tim Streater wrote:
In article ,
The Natural Philosopher wrote:

Tim Streater wrote:
In article o.uk,
"Dave Liquorice" wrote:
On Thu, 23 Feb 2012 14:44:57 +0000, Tim wrote:

I'm sure that if the will (and the money) existed, 99.9% of them
could be intercepted at server level.

Very little spam arrives in my inbox I think the last bit was about
two weeks ago. The junk mail folder (sorted by Spam Assasasin) has 14
messages in it since the begining of the year. If I look in the logs
I see around a couple of attempts an hour to send me stuff that gets
rejected at the SMTP level. So yes spam is easy to intercept at the
server level. But doing the blacklist lookups etc adds server load so
the big providers are reluctant to do much checking.
What's it got to do with the server?
A hell of a lot.

at least 50% of pure spam never reaches your mailbox.

If it comes from blacklisted mail senders.

Mmm.

*I* get to decide whether mail is
spam or not. What is spam for me may not be for you. A good spam
filter is trainable, but it has to be trained by the end-user.
Have a look at what most of the ISPs use - www.spamhaus.org

And read the FAQs to see WHY having your OWN spam filter wastes YOUR
bandwidth.

Well that's bleeding obvious innit. In my case I wrote my own Bayesian
spam filter in PHP as part of the Eudora-alike email client I have written.

I have been busy setting up my own mail service so I don't have to use
an ISPs one and well over 50% of the incoming email is now being rejected

Didn't you say above that this is a waste of bandwidth? ducks


No, its less bandwidth to reject them THERE in some core connected
machine room, than download em. And they get rejected the moment they
connect.


because

- its addressed to users (in domains I own) that do not and never have
existed.
- its coming from IP addresses DIRECTLY to my server that are known
'Dial up' type blocks, and therefore should ONLY be sending mail via
their ISP's relay.

How do you know they are dialup blocks? You looking them up in RIPE?


Because such blocks are recorded by a spam central monitor - in this
case spamhaus.org - and a quick check as they connect reveals this, and
they get dumped. Before their blather has even been transmitted


- its coming from other IP addresses that are blacklisted as spam
originators.

That still leaves me with about 20 messages a day that do get by that
are spam.

Actually, since midnight, 23..

I appear to have had 3 today. One of these is from the Ideal Home Show
and at the moment I consider that to be spam so I'm leaving it in the
spam folder. If at some time in the future I cease to feel that way,
It's simple enough to retrain the spam filter.

You haven't been online as long as I have or sent as many emails..and
you probably don't have a domain that looks almost like a well known
book company, whose IT department was stupid enough - and probably is
still stupid enough, to tell the users that really yes they were
mydomain.co.uk and not mydomainco.co.uk.

So they still 5 years after I told them to stop, are sending out email
marked as being from my domain, and the replies all bounce back to my
domain, and then get rejected because I am NOT Amanda Walker of the
mydomain book company....

The there is the case of the email identity I used on Ebay. Golly that's
gone all over the world now.

Then my domains were registered at a trusting time too, and my name and
address and email address are still there for anyone who trawls the
whois register ..


So getting 50% dumped before it hits my ADSL is really a good start.

Dave Liquorice :
On Thu, 23 Feb 2012 19:07:04 -0000, dennis@home wrote:

I never get spam in my hotmail inbox, it uses a user defined white list
so only people I allow can send me mail.

So when you correspond (in the broadest terms) with some body "out
there" you have to add them to your whitelist? That must be fun if it
was a webform and you don't know the address it was sent to or what
address is going to be used for the response.

I achieve a similar effect by giving each organisation a different
address. Then, if and when spam starts arriving, I blacklist on
recipient rather than sender. That happens one or two times a year. With
that system in place I have no need for an automated spam filter and no
danger of false positives.

OK, not so similar after all. But it's a system I recommend.

--
Mike Barnes

On Fri, 24 Feb 2012 01:43:52 +0000, The Natural Philosopher wrote:

... a well known book company, whose IT department was stupid enough -
and probably is still stupid enough, to tell the users that really yes
they were mydomain.co.uk and not mydomainco.co.uk.

Maybe you ought to offer to sell it to them? Or rent it to them or
provide an email forwarding service on a cost per email basis, say 1p
each. "email" being anything sent to that domain and forwarded, spam
and all. B-)

Then my domains were registered at a trusting time too, and my name and
address and email address are still there for anyone who trawls the
whois register ..

Depending on the use of the .co.uk domain you can be a "private
individual" and withold your details. Can't (shouldn't!) do that for
a domain used commercially.

--
Cheers
Dave.

On 23/02/2012 20:15, The Natural Philosopher wrote:
Martin Brown wrote:
On 23/02/2012 14:08, The Natural Philosopher wrote:
If you get these damned things there is a place to report them

http://www.antiphishing.org/report_phishing.html

do so.

Not worth the effort. If they were half way serious players they would
accept msgs forwarded to a specified email address with full headers.


They do

Yes. But the *way* they do it on that web page suggests that they are as
thick as two short planks. No half way competent anti-phishing team
needs *humans* to help identify the brand being phished. A list of
common brands checked against the subject header will do that easily.

If they need our help to identify the brand being phished what chance is
there of them understanding the routing path in the headers?

I suppose on the plus side they are not bouncing the stuff sent to them
like Action fraud did.

(In)Action Fraud is worse than a chocolate fireguard too.
They were not even smart enough to configure their own email system to
accept the spam and phishing emails they told the public to send them.

Any antiphishing organisation worth its salt will already have more
than enough honeypot addresses to collect spam and phishing attacks.
There is no point forwarding stuff to these to generic spam sites
unless it makes you feel better. The problem is in getting
international cooperation to close down bad sites and botnets.

These things are little more than bit bins to make the great unwashed
feel a little bit better about receiving spam and scams. Incidentally
some of the latest and greatest phishing attacks are now all but
indistinguishable from the real things. The only bits missing are the
personal identification and shared security salutation.

--
Regards,
Martin Brown

On 23/02/2012 14:44, Tim wrote:
Life is just *way* too short for me to do this at least 10 times a day. I
feel sorry for pensioners and net newbies who get caught by these scams but
I very much doubt that end recipient reporting is the way to go about
dealing with these.

Reluctantly, I agree.

The other problem is the stupid behaviour of financial institutions.
For example I use Nationwide Building Society, who have a perfectly
sensible domain name of nationwide.co.uk, but their on-line banking
system uses a different domain name (nationnet.something if I remember
correctly) and when they send out mass emails these appear to come from
yet another domain. These emails look, at first sight, just like a
phishing attempt, and I was very suspicious. So I reported it to
Nationwide.

They confirmed it was genuine, so I pointed out that using any domain
other than nationwide.co.uk was simply unnecessary and stupid. I
couldn't get this simple point to be accepted by their management, and
after several rounds, I gave up. So now, all customers of Nationwide
have become used to having that institution use at least a handful of
different and unpredictable domain names, and so they won't be surprised
if the next phishing attempt involves yet another one. Sigh.


--
Clive Page

dennis@home wrote:

I never get spam in my hotmail inbox, it uses a user defined white list
so only people I allow can send me mail.
So M$ are prepared to do the checking if you want to enable it.

This demonstrates:

a) why some of these email spam systems are over-sensitive

&

b) what is wrong with denise's thought processes

Scott

On Thu, 23 Feb 2012 20:29:10 +0000, The Natural Philosopher
wrote:

Tim Streater wrote:
In article o.uk,
"Dave Liquorice" wrote:

On Thu, 23 Feb 2012 14:44:57 +0000, Tim wrote:

I'm sure that if the will (and the money) existed, 99.9% of them
could be intercepted at server level.

Very little spam arrives in my inbox I think the last bit was about
two weeks ago. The junk mail folder (sorted by Spam Assasasin) has 14
messages in it since the begining of the year. If I look in the logs
I see around a couple of attempts an hour to send me stuff that gets
rejected at the SMTP level. So yes spam is easy to intercept at the
server level. But doing the blacklist lookups etc adds server load so
the big providers are reluctant to do much checking.

What's it got to do with the server?

A hell of a lot.

at least 50% of pure spam never reaches your mailbox.

If it comes from blacklisted mail senders.

And gets silently deleted in violation of the RFCs. This is done with
good reason but can have bad consequences.


*I* get to decide whether mail is
spam or not. What is spam for me may not be for you. A good spam filter
is trainable, but it has to be trained by the end-user.

Have a look at what most of the ISPs use - www.spamhaus.org

And read the FAQs to see WHY having your OWN spam filter wastes YOUR
bandwidth.

I use a spam filter in addition to the ISPs own. Nearly all spam
never gets to me. However there are always the new spammers and less
obvious spams that get through.

I have been busy setting up my own mail service so I don't have to use
an ISPs one and well over 50% of the incoming email is now being
rejected because

- its addressed to users (in domains I own) that do not and never have
existed.
- its coming from IP addresses DIRECTLY to my server that are known
'Dial up' type blocks, and therefore should ONLY be sending mail via
their ISP's relay.

Why? IIRC, I used to use the MX records when on dial-up.

- its coming from other IP addresses that are blacklisted as spam
originators.

That still leaves me with about 20 messages a day that do get by that
are spam.

Actually, since midnight, 23..

I rarely see any spams at home. At work it's different since their
spam filter is ****e.
--
(\__/) M.
(='.'=) If a man stands in a forest and no woman is around
(")_(") is he still wrong?

On Fri, 24 Feb 2012 07:45:38 +0000, Mike Barnes
wrote:

Dave Liquorice :
On Thu, 23 Feb 2012 19:07:04 -0000, dennis@home wrote:

I never get spam in my hotmail inbox, it uses a user defined white list
so only people I allow can send me mail.

So when you correspond (in the broadest terms) with some body "out
there" you have to add them to your whitelist? That must be fun if it
was a webform and you don't know the address it was sent to or what
address is going to be used for the response.

I achieve a similar effect by giving each organisation a different
address. Then, if and when spam starts arriving, I blacklist on
recipient rather than sender. That happens one or two times a year. With
that system in place I have no need for an automated spam filter and no
danger of false positives.

And it's easy to work out where the spammer got your address from.

OK, not so similar after all. But it's a system I recommend.

I use a similar system but do give out a "real" email address to
trusted people.
--
(\__/) M.
(='.'=) If a man stands in a forest and no woman is around
(")_(") is he still wrong?

On Fri, 24 Feb 2012 10:05:35 +0000, Clive Page
wrote:

On 23/02/2012 14:44, Tim wrote:
Life is just *way* too short for me to do this at least 10 times a day. I
feel sorry for pensioners and net newbies who get caught by these scams but
I very much doubt that end recipient reporting is the way to go about
dealing with these.

Reluctantly, I agree.

The other problem is the stupid behaviour of financial institutions.
For example I use Nationwide Building Society, who have a perfectly
sensible domain name of nationwide.co.uk, but their on-line banking
system uses a different domain name (nationnet.something if I remember
correctly) and when they send out mass emails these appear to come from
yet another domain. These emails look, at first sight, just like a
phishing attempt, and I was very suspicious. So I reported it to
Nationwide.

They confirmed it was genuine, so I pointed out that using any domain
other than nationwide.co.uk was simply unnecessary and stupid. I
couldn't get this simple point to be accepted by their management, and
after several rounds, I gave up. So now, all customers of Nationwide
have become used to having that institution use at least a handful of
different and unpredictable domain names, and so they won't be surprised
if the next phishing attempt involves yet another one. Sigh.

BTDTGTTS .... and left Nationwide. But they all do some things badly.

--
(\__/) M.
(='.'=) If a man stands in a forest and no woman is around
(")_(") is he still wrong?

Tim Streater wrote:
In article ,
The Natural Philosopher wrote:

Tim Streater wrote:
In article ,
The Natural Philosopher wrote:

I have been busy setting up my own mail service so I don't have to
use an ISPs one and well over 50% of the incoming email is now
being rejected
Didn't you say above that this is a waste of bandwidth? ducks

No, its less bandwidth to reject them THERE in some core connected
machine room, than download em. And they get rejected the moment they
connect.

Aggh sorry - too late at night.

You haven't been online as long as I have or sent as many emails..

Early 80s probably.

there wasn't an online in the early 80s.

I think it was 1985 before there was UUCP usenet in the UK.

UUCP itself was only 1979 as an invention.

www.uknof.org.uk/uknof6/Houlder-History.pdf

"Dave Liquorice" wrote in message
ll.co.uk...
On Thu, 23 Feb 2012 19:07:04 -0000, dennis@home wrote:

I never get spam in my hotmail inbox, it uses a user defined white list
so only people I allow can send me mail.

So when you correspond (in the broadest terms) with some body "out
there" you have to add them to your whitelist? That must be fun if it
was a webform and you don't know the address it was sent to or what
address is going to be used for the response.


Well you just go to the webmail and see what replies you have had and click
on the button to allow that user.
Pretty much how you would if you were running the anti spam locally.

"Scott M" wrote in message
...
dennis@home wrote:

I never get spam in my hotmail inbox, it uses a user defined white list
so only people I allow can send me mail.
So M$ are prepared to do the checking if you want to enable it.

This demonstrates:

a) why some of these email spam systems are over-sensitive

&

b) what is wrong with denise's thought processes

Scott

YAI.

On Fri, 24 Feb 2012 13:32:13 -0000, dennis@home wrote:

I never get spam in my hotmail inbox, it uses a user defined
white
list so only people I allow can send me mail.

So when you correspond (in the broadest terms) with some body "out
there" you have to add them to your whitelist? That must be fun if
it
was a webform and you don't know the address it was sent to or
what
address is going to be used for the response.

Well you just go to the webmail and see what replies you have had and
click on the button to allow that user.

That's not waht you said, you said "only people I allow can send me
mail".

So how does some one send you mail when you don't know the address
they are going to send from so you can add it to the the whitelist
manually or see it in webmail and click a button to add it to your
white list?

Pretty much how you would if you were running the anti spam locally.

Mine "just happens" no adding of people to address books or
whitelists or anything. The server rejects most spam at the SMTP
level and it never gets transfered, what little gets past that is
caught by Spam Assasin running on it's defaults with auto learn on.

--
Cheers
Dave.

On 24/02/12 10:05, Clive Page wrote:


The other problem is the stupid behaviour of financial institutions. For
example I use Nationwide Building Society, who have a perfectly sensible
domain name of nationwide.co.uk, but their on-line banking system uses a
different domain name (nationnet.something if I remember correctly) and
when they send out mass emails these appear to come from yet another
domain. These emails look, at first sight, just like a phishing
attempt, and I was very suspicious. So I reported it to Nationwide.

It used to be something really stupid like olb2.nationet.com it recently
changed to https://onlinebanking.nationwide.co.uk/
.. The really annoying thing about Nationwide is that trying to access
the main website using Firefox and Linux it takes forever to load. Which
is why I need to bookmark that obscure internet banking url



They confirmed it was genuine, so I pointed out that using any domain
other than nationwide.co.uk was simply unnecessary and stupid. I
couldn't get this simple point to be accepted by their management, and
after several rounds, I gave up. So now, all customers of Nationwide
have become used to having that institution use at least a handful of
different and unpredictable domain names, and so they won't be surprised
if the next phishing attempt involves yet another one. Sigh.




--
djc

"Dave Liquorice" wrote in message
ll.co.uk...
On Fri, 24 Feb 2012 13:32:13 -0000, dennis@home wrote:

I never get spam in my hotmail inbox, it uses a user defined
white
list so only people I allow can send me mail.

So when you correspond (in the broadest terms) with some body "out
there" you have to add them to your whitelist? That must be fun if
it
was a webform and you don't know the address it was sent to or
what
address is going to be used for the response.

Well you just go to the webmail and see what replies you have had and
click on the button to allow that user.

That's not waht you said, you said "only people I allow can send me
mail".

Pedant.
Anyone can send anyone mail, it may not be delivered.
Just as mail from people not on the list isn't delivered.
However unless you have blacklisted it it will be stored on M$ mail system
in case I do want it.


So how does some one send you mail when you don't know the address
they are going to send from so you can add it to the the whitelist
manually or see it in webmail and click a button to add it to your
white list?

See above, you just look in the "do you want to keep this folder".


Pretty much how you would if you were running the anti spam locally.

Mine "just happens" no adding of people to address books or
whitelists or anything. The server rejects most spam at the SMTP
level and it never gets transfered


Same as mine then, most spam is intercepted, however stuff that isn't
detected as spam isn't delivered either unless its white listed.

, what little gets past that is
caught by Spam Assasin running on it's defaults with auto learn on.

Which is more or less what the spam filter on the M$ server does, except it
has input from millions of users who mark stuff as spam.

Clive Page :
On 23/02/2012 14:44, Tim wrote:
Life is just *way* too short for me to do this at least 10 times a day. I
feel sorry for pensioners and net newbies who get caught by these scams but
I very much doubt that end recipient reporting is the way to go about
dealing with these.

Reluctantly, I agree.

The other problem is the stupid behaviour of financial institutions.
For example I use Nationwide Building Society, who have a perfectly
sensible domain name of nationwide.co.uk, but their on-line banking
system uses a different domain name (nationnet.something if I remember
correctly) and when they send out mass emails these appear to come from
yet another domain.

My bank doesn't have an e-mail address for me. I've never seen any
reason for them to have one.

--
Mike Barnes

Dave Liquorice :
I think the really scary stuff is the "man in the browser".

Best to use a relatively secure browser such a Google Chrome for your
sensitive stuff. And for nothing else.

At least
with an email you can hover over an email/web address and see where
it's really pointing to.

Plain text e-mail neatly side-steps that problem.

--
Mike Barnes

"Mike Barnes" wrote in message
...
Dave Liquorice :
I think the really scary stuff is the "man in the browser".

Best to use a relatively secure browser such a Google Chrome for your
sensitive stuff. And for nothing else.

That would be why they keep issuing fixes then?

Mike Barnes wrote:
Dave Liquorice :
I think the really scary stuff is the "man in the browser".

Best to use a relatively secure browser such a Google Chrome for your
sensitive stuff. And for nothing else.

At least
with an email you can hover over an email/web address and see where
it's really pointing to.

Not if the HTML page is just an attached file. It points to your hard
disk :-)

On 24/02/2012 11:34, Mark wrote:
And it's easy to work out where the spammer got your address from.

That doesn't always help. Here are two sample responses (I paraphrase)

"Terribly sorry, our server was hacked into and the mailing list was
stolen".

"There's nothing wrong with our systems, it must have been you"

In both cases this was for an address that had been used solely for
communications with the organisation involved. Since I have about 30
email addresses I've given out, and only about 4 for spam... and one of
them is "andy@..." which is the generic one I gave out at a more
trusting time...

Andy

"dennis@home" :


"Mike Barnes" wrote in message news:Yiasmco
...
Dave Liquorice :
I think the really scary stuff is the "man in the browser".

Best to use a relatively secure browser such a Google Chrome for your
sensitive stuff. And for nothing else.

That would be why they keep issuing fixes then?

"relatively"

--
Mike Barnes

On 23/02/2012 20:15, The Natural Philosopher wrote:
Tim wrote:
The Natural Philosopher wrote:
If you get these damned things there is a place to report them

http://www.antiphishing.org/report_phishing.html


do so.

Life is just *way* too short for me to do this at least 10 times a day. I
feel sorry for pensioners and net newbies who get caught by these
scams but
I very much doubt that end recipient reporting is the way to go about
dealing with these.

I'm sure that if the will (and the money) existed, 99.9% of them could be
intercepted at server level. As it is, Yahoo and Google are very good at
filtering them already so the technology exists. Along with that, no one
should leave school or finish a computing course of any kind without
being
taught about Internet scams.


well I am just making those people who don't know that something can be
done, aware.

The faster these get reported, the faster they are blacklisted.

The trouble with blacklisting is that smarthosts for major ISPs can and
do end up on the certain blacklists after a botnet or Trojan affects
some of their users. The phishing and spam experts already have more
than enough honeypots to catch generic spam quickly.

Simply forwarding a phish to an address in your address book is almost
as quick as deleting it.

It can even be automated for ones that match certain rules.
What I object to is filling in webpages.

--
Regards,
Martin Brown

On Fri, 24 Feb 2012 22:46:13 +0000, Andy Champ
wrote:

On 24/02/2012 11:34, Mark wrote:
And it's easy to work out where the spammer got your address from.

That doesn't always help. Here are two sample responses (I paraphrase)

"Terribly sorry, our server was hacked into and the mailing list was
stolen".

Then they have admitted it's their poor security that caused the
problem.

"There's nothing wrong with our systems, it must have been you"

Then they're lying.

Either way I would not deal with them again.
--
(\__/) M.
(='.'=) If a man stands in a forest and no woman is around
(")_(") is he still wrong?

On Sun, 26 Feb 2012 10:44:27 +0000, Martin Brown
wrote:

Worse than that they sometimes cold call me and demand that *I* prove to
them who I am. My response is tell me the first line of my address (and
they won't because of data protection) we deadlock at that point.

Even worse is when this is an automated system and you can't tell them
that their security model is flawed.
--
(\__/) M.
(='.'=) If a man stands in a forest and no woman is around
(")_(") is he still wrong?

On Mon, 27 Feb 2012 09:11:06 +0000, Martin Brown wrote:

The trouble with blacklisting is that smarthosts for major ISPs can and
do end up on the certain blacklists after a botnet or Trojan affects
some of their users.

But a decent ISP will get their machines off blacklists quickly and
being a proper MTA will retry sending the queued messages or, if the
recipient completely rejects(*) the message, bounce it back to the
sender.

(*) Safer to say "temporary problem, call back later" rather an out
and out rejection, spammers rarely retry, proper MTAs do.

--
Cheers
Dave.