cancel
Showing results for 
Search instead for 
Did you mean: 

Is PN's mail server secure?

parish
Grafter
Posts: 71
Registered: ‎08-08-2007

Is PN's mail server secure?

In the last couple of weeks or so I've started receiving large amounts of spam addressed to @<username>.plus.com addresses. A lot are, as usual, random usernames and are therefore going to the default account, however what concerns me is that some are perfectly addressed to real user accounts I have set up, e.g. my daughters, and also to some test accounts I set up which were only ever used when I was setting up my mail server when I first joined PN. Since one daughter has a very unusual Christian name and the other a more common name but spelled in an unusual way the chances of these being purely random from a dictionary-based spam sender are remote IMO.
I strongly suspect that these have been acquired from my PN account. We don't use, and never have used, the @<username>.plus.com addresses as I have my own domain which, incidentally, is now hosted with a third party hosting company so normal mail no longer comes through PN's servers.
When there was a security issue a couple of months ago I changed passwords as advised but these spam mails have only appeared recently but if the usernames had been obtained when the security issue occurred then I would have expected to see them sooner.
Anyone else seeing this, or can shed any light?
17 REPLIES 17
Peter_Vaughan
Grafter
Posts: 14,469
Registered: ‎30-07-2007

Re: Is PN's mail server secure?

Many users had their mail addresses harvested from the webmail security breach. When and how those addresses are used by the spammers is anyones guess. You have probably been lucky to not see the reams of spam many of us now get (although most of mine is detected and put in the spam folder).
Note: even if you did not actually use webmail, PN copied many users email accounts to it when it was set-up hence why many are now receiving lots of spam.
Given that they have your email addresses, it does not take much effort to extract the part after the @ and do a dictionary spam attack, which is what you are seeing.
Your email addresses will have been 'sold on' to many spam senders so it is unknown when they would have been used.
dave
Plusnet Help Team
Plusnet Help Team
Posts: 12,257
Thanks: 306
Fixes: 4
Registered: ‎04-04-2007

Re: Is PN's mail server secure?

Hi,
I would very much suspect that the email addresses came from the webmail incident a few months back especially if it's not an address you've used. If you'd used webmail then these addresses would have been in the webmail database that was taken. The spammers are probably now upping the volume of spam sent out. The best thing to do if you don't use the plus.com address is to just turn it off, you can do that by raising a ticket.
Dave Tomlinson
Enterprise Architect - Network & OSS
Plusnet Technology
puddy
Grafter
Posts: 1,571
Registered: ‎10-06-2007

Re: Is PN's mail server secure?

I was quite suprisied to find that anybody with a web site hosted by isp that its easy to find  your name and address
I don't want my name and address shown.  why is this done?
Please advise
Michael
dave
Plusnet Help Team
Plusnet Help Team
Posts: 12,257
Thanks: 306
Fixes: 4
Registered: ‎04-04-2007

Re: Is PN's mail server secure?

I presume you mean the Whois information for a domain name. If so then most domain registrars have this as part of their T's & C's. For .uk domains Nominet allow individuals to opt out of the whois information (not businesses or organisations). If you have a .uk domain with us as an individual then raise a ticket and we can opt you out.
Dave Tomlinson
Enterprise Architect - Network & OSS
Plusnet Technology
430
Grafter
Posts: 135
Thanks: 1
Registered: ‎06-08-2007

Re: Is PN's mail server secure?

Quote from: dave
Hi,
I would very much suspect that the email addresses came from the webmail incident a few months back especially if it's not an address you've used. If you'd used webmail then these addresses would have been in the webmail database that was taken. The spammers are probably now upping the volume of spam sent out. The best thing to do if you don't use the plus.com address is to just turn it off, you can do that by raising a ticket.

I used to receive no spam at all, and suddenly earlier this year, the level has increased dramatically. I have never used webmail though. Does that mean that my spam is nothing to do with the PN security breach?
430
Grafter
Posts: 135
Thanks: 1
Registered: ‎06-08-2007

Re: Is PN's mail server secure?

I'm probably being dense, but I don't and never have used webmail, so was puzzled by the PN comment that the spam increase only affects webmail users.
cp:blue Full quote of previous post removed. mod:end
spraxyt
Resting Legend
Posts: 10,063
Thanks: 674
Fixes: 75
Registered: ‎06-04-2007

Re: Is PN's mail server secure?

Has anyone that emails you used your email address from webmail?  It doesn't have to be you personally.
David
430
Grafter
Posts: 135
Thanks: 1
Registered: ‎06-08-2007

Re: Is PN's mail server secure?

Quote from: spraxyt
Has anyone that emails you used your email address from webmail?  It doesn't have to be you personally.

Not really sure what you mean? Anyone who has my email address could send it to the spammers?
Not applicable

Re: Is PN's mail server secure?

Can you let us know when you joined Plusnet?  I only ask because following the security breach I began to receive spam in my Ukonline account which was always spam-free and I have now closed it.  This turned out to be due to the fact (as spraxyt has said) that the address was the one that was in the database when I joined in 2004. Could this be the case with you?
JamesUK
Newbie
Posts: 2
Registered: ‎05-08-2007

Re: Is PN's mail server secure?

Quote from: 430
I'm probably being dense, but I don't and never have used webmail

What it actually said was
"Note: even if you did not actually use webmail, PN copied many users email accounts to it when it was set-up hence why many are now receiving lots of spam."
bobpullen
Community Gaffer
Community Gaffer
Posts: 16,869
Thanks: 4,950
Fixes: 315
Registered: ‎04-04-2007

Re: Is PN's mail server secure?

Quote from: 430
Quote from: spraxyt
Has anyone that emails you used your email address from webmail?  It doesn't have to be you personally.

Not really sure what you mean? Anyone who has my email address could send it to the spammers?

No, not exactly. The Webmail database that was compromised contained some entries for email addresses people had sent mail to/received mail from whilst using webmail.
If you had sent email to another PN user who collected it via Webmail, or another user emailed your address whilst using Webmail themselves then there is a possibility that the spammers got your address  Sad

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

430
Grafter
Posts: 135
Thanks: 1
Registered: ‎06-08-2007

Re: Is PN's mail server secure?

Joined in Feb 05. Maybe just a coincidence that it suddenly started at the same time as the PN derived problems then?
dave
Plusnet Help Team
Plusnet Help Team
Posts: 12,257
Thanks: 306
Fixes: 4
Registered: ‎04-04-2007

Re: Is PN's mail server secure?

Could be coincidence but could also be that someone else had your email address in their webmail address book or sent an email to you from webmail or read an email from you via webmail. Even if you yourself never used webmail someone you know may have done.
Dave Tomlinson
Enterprise Architect - Network & OSS
Plusnet Technology
sloany
Grafter
Posts: 153
Registered: ‎08-06-2007

Re: Is PN's mail server secure?

I know its probably a massive undertaking, but, why dont PN give members who have been affected by the hack an option to change their username and hence their mailboxes. So the afflicted mailboxes would exist. Obviously some members will not want to do this due to the amount of people to have their email address, but it would just be like starting with a clean sheet.