cancel
Showing results for 
Search instead for 
Did you mean: 

FAKE ME! by courtesy Postini

Luzern
Hero
Posts: 4,823
Thanks: 872
Fixes: 9
Registered: ‎31-07-2007

FAKE ME! by courtesy Postini

Today I received a message purporting to come from
someone@mydomain.plus.com. I am actually the sole user of the domain, so am puzzled how it got through Postini, as I thought something had been done to prevent such occurrences. Is there anything that one can do to counteract the events, like blacklisting  anything unauthorised before the @?
No one has to agree with my opinion, but in the time I have left a miracle would be nice.
7 REPLIES 7
bobpullen
Community Gaffer
Community Gaffer
Posts: 16,869
Thanks: 4,950
Fixes: 315
Registered: ‎04-04-2007

Re: FAKE ME! by courtesy Postini

How are your spam settings configured?

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Luzern
Hero
Posts: 4,823
Thanks: 872
Fixes: 9
Registered: ‎31-07-2007

Re: FAKE ME! by courtesy Postini

@Bob Smiley Is this what you want?
Spam filtering ON
Edge Protection ON
Add SPAM to subject line selected
Move to SPAM folder selected
Aggressiveness @2
Catch all OFF
BTW It's the use of my domain as the return path that I am concerned about. And which I thought some patch to prevent was in the offing
No one has to agree with my opinion, but in the time I have left a miracle would be nice.
oliverb
Grafter
Posts: 606
Registered: ‎02-08-2007

Re: FAKE ME! by courtesy Postini

We're probably stuck with this until we get SPF or similar...
I took a peek at some of the bounces from a recent bout of address forging and one of the targets of the spam appears* to have been using postini. The message appears* to have passed straight through.
* according to information in the bounce, which is unknown so cannot be trusted
ChrisL
Rising Star
Posts: 760
Thanks: 4
Fixes: 1
Registered: ‎13-12-2007

Re: FAKE ME! by courtesy Postini

Anything seeming to come from a Plusnet domain will be whitelisted by Postini (so your example headers include forward (org good)).
But anything like your example that didn't actually go through Plusnet relays will have the whitelisting ignored and be treated like any other email.
The reason your example was not tagged as spam is that the Postini bulk filter gave it the all clear (with a score of X-pstn-levels: S:16.49120).
bobpullen
Community Gaffer
Community Gaffer
Posts: 16,869
Thanks: 4,950
Fixes: 315
Registered: ‎04-04-2007

Re: FAKE ME! by courtesy Postini

ChrisL is spot on in his analysis.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Luzern
Hero
Posts: 4,823
Thanks: 872
Fixes: 9
Registered: ‎31-07-2007

Re: FAKE ME! by courtesy Postini

Quote from: oliverb
We're probably stuck with this until we get SPF or similar...

SPF,,, refresh me... what's that?
No one has to agree with my opinion, but in the time I have left a miracle would be nice.
bobpullen
Community Gaffer
Community Gaffer
Posts: 16,869
Thanks: 4,950
Fixes: 315
Registered: ‎04-04-2007

Re: FAKE ME! by courtesy Postini

Wikipedia is (sometimes) your friend.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵