Postini Email Security Trial
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Re: Postini Email Security Trial
Re: Postini Email Security Trial
20-02-2008 11:41 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: ChrisL I agree that postini should have caught ^^this with BSB. What it did instead was catch it for breach of a Global Rule -- hence X-pstn-xfilter: y -- but PlusNet are not checking for that header so it didn't get quarantined.
Would tagging mails with that header add to our problem with false positives? I don't think so from what I've seen. Perhaps PN could look at this next time they visit the [-SPAM-] tagging scripts?
Seconded.
Re: Postini Email Security Trial
23-02-2008 12:21 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
What happened. Do you all suddenly have no problems with receiving any spam on your Plusnet account??!!!
Re: Postini Email Security Trial
12-03-2008 2:48 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote The following additions to the Manage My Mail tool are currently in development (should go to QA testing next week at the earliest): Ability to switch off Blatant Spam Blocking Ability to whitelist/blacklist domains/email addys Ability to tweak the sensitivity of the spam tagging filter Ability to switch on Postini's quarantine service and have a daily quarantine report emailed to you Ability to move mail to the Spam folder without marking the subject line with [-SPAM-]
I think this level of control should keep everybody happy. What do people think?
Rgds,
--
|Bob Pullen
jelv (a.k.a Spoon Whittler) Why I have left Plusnet (warning: long post!) Broadband: Andrews & Arnold Home::1 (FTTC 80/20) Line rental: Pulse 8 Home Line Rental (£14.40/month) Mobile: iD mobile (£4/month) |
Re: Postini Email Security Trial
12-03-2008 9:11 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Postini Email Security Trial
12-03-2008 11:09 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
What I would also have liked is a daily BSB report (with BSB left on). That way I get to know if emails have been rejected and can take steps to (a) whitelist and (b) get them re-sent. I suspect this is something Postini don't offer.
jelv (a.k.a Spoon Whittler) Why I have left Plusnet (warning: long post!) Broadband: Andrews & Arnold Home::1 (FTTC 80/20) Line rental: Pulse 8 Home Line Rental (£14.40/month) Mobile: iD mobile (£4/month) |
Re: Postini Email Security Trial
13-03-2008 12:07 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Postini Email Security Trial
14-03-2008 9:56 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote -------- Original Message --------
From: - Fri Mar 14 09:44:57 2008
X-Account-Key: account4
X-UIDL: UID13959-1149066516
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Envelope-to: xxxxx@xxxxx.plus.com, xxxxx@xxxxx.plus.com
Delivery-date: Fri, 14 Mar 2008 09:41:24 +0000
Received: from exprod5mx229.postini.com ([64.18.0.115] helo=psmtp.com) by pih-sunmxcore09.plus.net with smtp (PlusNet MXCore v2.00) id 1Ja6Pi-0000jv-Ra ; Fri, 14 Mar 2008 09:41:23 +0000
Received: from source ([85.75.195.74]) by exprod5mx229.postini.com ([64.18.4.10]) with SMTP; Fri, 14 Mar 2008 02:41:20 PDT
Received: from 11249479087099745.15496377166122559.18389290309703974.14605946968434302 (HELO localhost.localdomain) (10756287201663786.14879309288144070.12089683828233471.14740124481428027) by 16039850186795887.14929519133916842.16806051310263158.10855176238696196 with SMTP; Fri, 14 Mar 2008 11:40:46 -0200
Date: Fri, 14 Mar 2008 11:40:46 -0200
Message-Id: <6IX182EJXVWDA936@acne-treatment-answers.com>
X-Mailer: MIME::Lite 3.01 (F2.72; A1.62; B3.01; Q3.01)
X-Header-CompanyDBUserName: hpccm
X-Header-MasterId: 029891
X-Header-Versions: Hewlett-Packard.4t2bn2nd4.fk@us.newsgram.hp.com
X-FID: 44E96DBC-7315-47AF-B9E3-83CDEA75DCB9
Content-Type: text/plain;
X-pstn-neptune: 18/18/1.00/86
X-pstn-levels: (S: 3.38304/99.90000 CV:99.9000 R:95.9108 P:95.9108 M:97.0282 C:98.6951 )
X-pstn-settings: 1 (0.1500:0.1500) cv gt3 gt2 gt1 r p m c
X-pstn-addresses: from <BerrysyrupyClements@acne-treatment-answers.com> [52/4]
X-pstn-neptune-cave-rslt: qtine
To:
X-pn-pstn: Spam 5
X-PN-Spam-Filtered: by PlusNet MXCore (v4.00)
X-Antivirus: avast! (VPS 080313-0, 13/03/2008), Inbound message
X-Antivirus-Status: Clean
charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: <xxxxx@xxxxx.plus.com>
Cc: <xxxxx@xxxxx.plus.com>
From: "Claudio Kinney" <BerrysyrupyClements@acne-treatment-answers.com>
Subject: USA players too! Download and GO!
We're serious about fun.
http:///
Re: Postini Email Security Trial
14-03-2008 12:28 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
This seems to be a malformed email of the type being discussed here. The subject line has been moved to the body of the email because of the addition of the blank line rather than appearing in the header so [-SPAM-] tagging doesn't take place. The from and subject lines are no longer in the header so are not picked up by webmail, Outlook Express, Thunderbird, etc. and appear empty.
Re: Postini Email Security Trial
14-03-2008 3:01 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
[Moderators Note by Daniel (Assos) Full quote of preceeding post removed, as it is not needed and contravenes the link:rules.]
Re: Postini Email Security Trial
14-03-2008 6:13 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Postini/neptune would have caught it and dumped it in quarantine because of its sending behaviour. But AFAIK Plusnet are not using the neptune headers to tag these as spam.
This is another spam that is being sent out with a garbage date-time group in the headers:
Quote 10756287201663786.14879309288144070.12089683828233471.14740124481428027) by 16039850186795887.14929519133916842.16806051310263158.10855176238696196 with SMTP; Fri, 14 Mar 2008 11:40:46 -0200
Date: Fri, 14 Mar 2008 11:40:46 -0200
The time zone -0200 should be +0200 for this to make sense -- probably one reason why neptune didn't like it...?
I'm afraid this doesn't help you, Capvermell, but it might help Plusnet/Postini to help us....
Re: Postini Email Security Trial
15-03-2008 9:18 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
My biggest concern is about the Google search links which almost no one sending legitimate email ever includes in an email (they instead provide the URL of the actual website they are referring to). So isn't it possible to either edge filter all emails containing a Google search link in the body or at the very least to classify them as Spam1?
Below is the latest example of such an email. However I have seen web search engines other than Google used in this way lately ,presumably because at least some Spam blocking programs are now blocking emails containing Google links. However Plusnet merrily continues to allow the Google search link emails to arrive in my Inbox, despite having Spam filtering to my IMAP spam folder enabled.
Quote -------- Original Message --------
From: - Sat Mar 15 08:59:21 2008
X-Account-Key: account4
X-UIDL: UID13977-1149066516
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Envelope-to: xx@xxxx.plus.com
Delivery-date: Sat, 15 Mar 2008 07:04:37 +0000
Received: from exprod5mx247.postini.com ([64.18.0.167] helo=psmtp.com) by pih-sunmxcore14.plus.net with smtp (PlusNet MXCore v2.00) id 1JaQRY-0005SZ-Br for xx@xxxx.plus.com; Sat, 15 Mar 2008 07:04:37 +0000
Received: from source ([121.63.251.246]) by exprod5mx247.postini.com ([64.18.4.14]) with SMTP; Fri, 14 Mar 2008 23:04:30 PST
Received: from [192.168.1.1] ([]) by parch.com (Sendmail 8.7.1) with ESMTP (SSL) id IYT24475 for <xx@xxxx.plus.com>; Sat, 15 Mar 2008 15:03:26 -0500
Date: Sat, 15 Mar 2008 15:03:26 -0500
Message-id: <MAILSENDERNG3GKeD271410c0e6@64.18.4.14>
X-Mailer: ColdFusion MX Application Server
X-PGP-Key: PAHvkuLT0TkQCqLOKqdZ8nxOD91P1a6==
Organization: wasRND_WORD
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: xx@xxxx.plus.com
From: Rickie Overton <Barlowj69@openworld.co.uk>
Subject: A Larger Male Organ
X-pstn-neptune: 59/21/0.36/49
X-pstn-levels: (S: 0.60755/99.78231 CV:99.9000 R:95.9108 P:95.9108 M:97.0282 C:98.6951 )
X-pstn-settings: 1 (0.1500:0.1500) cv gt3 gt2 gt1 r p m c
X-pstn-addresses: from <Barlowj69@openworld.co.uk> [52/4]
X-pstn-xfilter: y
X-pn-pstn: Spam 3
X-PN-Spam-Filtered: by PlusNet MXCore (v4.00)
X-Antivirus: avast! (VPS 080314-0, 14/03/2008), Inbound message
X-Antivirus-Status: Clean
http://google.co.uk/pagead/iclk?sa=l&ai=maintain&num=408760580&adurl=http://jopies.com?8
Re: Postini Email Security Trial
15-03-2008 9:29 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I can assure you that we haven't lost interest in feedback regarding Postini, and will pick up these questions with my networks colleagues on Monday morning and report back.
Bob has not spent much time in the forums recently, due to other duties. We are still reading and reporting issues back though.
Re: Postini Email Security Trial
15-03-2008 9:53 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Mand I can assure you that we haven't lost interest in feedback regarding Postini, and will pick up these questions with my networks colleagues on Monday morning and report back.
Bob has not spent much time in the forums recently, due to other duties. We are still reading and reporting issues back though.
That's certainly good to hear Mand. Also I'm impressed that you are giving up your time to read this thread on a Saturday.
As to the sudden quietness in the thread I suppose either other participants now feel most of their spam is being successfully filtered or that they have nothing further to learn as Plusnet has not recently changed any of the spam filtering configuration options (even though it will do shortly).
Re: Postini Email Security Trial
15-03-2008 8:16 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote Received: from source ([121.63.251.246]) by exprod5mx247.postini.com ([64.18.4.14]) with SMTP; Fri, 14 Mar 2008 23:04:30 PST
Received: from [192.168.1.1] ([]) by parch.com (Sendmail 8.7.1) with ESMTP (SSL) id IYT24475 for <xx@xxxx.plus.com>; Sat, 15 Mar 2008 15:03:26 -0500
Date: Sat, 15 Mar 2008 15:03:26 -0500
Postini has date-stamped it with Pacific Standard Time, whereas yesterday's was stamped with Pacific Daylight Time -- what's that about? But the relevant thing is that it was received by "parch.com" just ten minutes ago! Even changing the time zone from -0500 to +0500 wouldn't make sense of this.... The headers are a blatant (and very bad) forgery.
Either this or something else has led postini to give this the header "X-pstn-xfilter: y" -- ie. the mail is in breach of a global rule. Unlike Plusnet, Postini would have dumped this in quarantine -- I think they only let them past the BSB for analysis purposes(?).
Re: Postini Email Security Trial
15-03-2008 8:30 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: ChrisL Either this or something else has led postini to give this the header "X-pstn-xfilter: y" -- ie. the mail is in breach of a global rule. Unlike Plusnet, Postini would have dumped this in quarantine -- I think they only let them past the BSB for analysis purposes(?).
So Postini is getting it right but Plusnet is making a mess of interpretation by failing to class this blatant Spam under its Spam 1 heading. Spam 2 to 5 look as though they will never be much use as quite a fair bit of legitimate email is also caught by these Plusnet spam classifications. Why does Plusnet think it can do a better job than Postini of deciding what are actually Spam emails?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Re: Postini Email Security Trial