cancel
Showing results for 
Search instead for 
Did you mean: 

[-SPAM-] NETGEAR Security Log [xx:xx:xx]

Community Veteran
Posts: 4,729
Registered: 04-04-2007

[-SPAM-] NETGEAR Security Log [xx:xx:xx]

Arr!
Now the spam filter is picking up Netgear Security logs;
[tt]From - Sun Nov 04 17:01:19 2007
X-Account-Key: account2
X-UIDL: UID57181-1152494740
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:                                                                               
X-Daemon-Classification: SPAM
Envelope-to: my@emailaddressat.plus.com
Delivery-date: Sun, 04 Nov 2007 17:00:04 +0000
Received: from pih-criticalpath01.plus.net ([84.92.7.52] helo=cp3a.criticalpath.priv)
  by pih-sunmxcore09.plus.net with esmtp (PlusNet MXCore v2.00) id 1IoipP-00038B-I7
  for my@emailaddressat.plus.com; Sun, 04 Nov 2007 17:00:03 +0000
Received: from pih-relay06.plus.net (212.159.14.133) by cp3a.criticalpath.priv (7.3.118.15)
        id 472061DE02060EFD for my@emailaddressat.plus.com; Sun, 4 Nov 2007 17:00:03 +0000
Message-ID: <472061DE02060EFD@> (added by postmaster@cp3a.criticalpath.priv)
Received: from [xx.xx.xx.xx] (helo=unknown)
by pih-relay06.plus.net with smtp (Exim) id 1IoipO-00045l-CR
for my@emailaddressat.plus.com; Sun, 04 Nov 2007 17:00:02 +0000
Date: Sun,4 Dec 2007 17:00:02 -0000 (GMT Daylight Time)
From: my@emailaddressat.plus.com
Subject: [-SPAM-] NETGEAR Security Log [B7:29:89]
To: my@emailaddressat.plus.com
X-PN-VirusFiltered: by PlusNet MXCore (v4.00)
X-DSPAM-Result: Spam
X-DSPAM-Processed: Sun Nov  4 17:00:04 2007
X-DSPAM-Confidence: 0.5134
X-DSPAM-Improbability: 1 in 107 chance of being ham
X-DSPAM-Probability: 0.9957
X-DSPAM-Factors: 27,
Received*4+Nov, 0.00252,
Subject*Log, 0.00458,
Subject*NETGEAR, 0.00493,
Subject*NETGEAR+Security, 0.00615,
Subject*Security+Log, 0.00756,
Message-ID*(added+by, 0.99000,
Success!+This, 0.01000,
Received*Nov+2007, 0.99000,
Received*Nov+2007, 0.99000,
Date*Dec+2007, 0.99000,
Message-ID*by, 0.99000,
Message-ID*postmaster, 0.99000,
Message-ID*by+postmaster, 0.99000,
01+Send, 0.01000,
Received*relay06.plus.net+(212.159.14.133), 0.99000,
mail+Success!, 0.01000,
Message-ID*>+(added, 0.99000,
Received*(212.159.14.133)+by, 0.99000,
Message-ID*cp3a.criticalpath.priv), 0.99000,
Message-ID*(added, 0.99000,
Message-ID*>, 0.99000,
Message-ID*postmaster+cp3a.criticalpath.priv), 0.99000,
Delivery-date*Nov, 0.01309,
Sat+2007, 0.02416,
Received*Nov, 0.02520,
Received*Nov, 0.02520,
Delivery-date*04+Nov, 0.04184
X-Antivirus: AVG for E-mail 7.5.503 [269.15.20/1108]
Mime-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=ISO-8859-1
Sat, 2007-11-03 18:00:01 - Send E-mail Success![/tt]
15 REPLIES
mcgurka
Grafter
Posts: 764
Registered: 09-10-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Im not too sure how plusnets filtering actually works, but it seems to be picking up on single words/phrases within the email itself.
Most likely because your log contains a lot of tech information, and I suppose is something the spam filters arent used to seeing!
I think in the fight to tackle spam, the problem is now that the filter levels are too high!
Maybe Plusnet can tell you if there is a way to whitelist an email address for the spam filter, that would be the easiest way.
I dont know, i dont use PN email, it gets sent out to my own server.
Scott
Community Gaffer
Community Gaffer
Posts: 13,430
Thanks: 1,187
Fixes: 92
Registered: 04-04-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Quote from: mcgurka
Maybe Plusnet can tell you if there is a way to whitelist an email address for the spam filter, that would be the easiest way.

No there isn't. The Spam filter is always going to pick up the odd false positive. It's when this happens to frequently that it causes concern. It's unlikely that dspam will be a permanent fixture with the Critical Path Trial and other longer term plans we have. Remember, Critical Path isn't actually spam tagging at the moment.
Chilly, can you do me a favour and chuck as many of these emails as you can into an IMAP folder on your account and I'll see if there's anything I can do (although I can't promise anything).

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Tony_W
Grafter
Posts: 745
Registered: 11-08-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Bob, sorting out each individual's problems is laudable, but inevitably with hundreds of thousands of customers, more and more are going to find out that the spam filtering is over-aggressive.
This seems to be yet another example of an email from a PlusNet address to a PlusNet address being marked as spam.
About a quarter of recent posts to this forum have been about the spam filter blocking emails that it shouldn't.
Please can we find out why the spam is being misidentified, rather than retrain the filter on a case-by-case basis?
Tony
Community Gaffer
Community Gaffer
Posts: 13,430
Thanks: 1,187
Fixes: 92
Registered: 04-04-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Tony,
It's because the training is slightly out that it's happening. This isn't something new and has been occurring for a while.
Where do we draw the line? There are always going to be false positives/negatives and it's unrealistic to think that we'll be able to completely eliminate these at the the moment until we have a more permanent long term anti-spam solution in place - even then it will not be 100% reliable.
I can try and train any individual emails you may have but there's not been a sudden influx of support requests to the CSC about this issue so despite the volume of posts on this forum I don't think the problem's as severe as you're implying (Of course I may well be wrong).
We're going to look at excluding any PlusNet mail headers from future training exercises which may well help reduce the volume of email between accounts that ends up marked incorrectly.

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

Community Veteran
Posts: 4,729
Registered: 04-04-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Hi Tony
Also with the popularity of the Netgear range of routers, I doubt that "I am the only one suffering this issue" Even if only 5% of users are using Netgear routers then there is a potential for over ten thousand users to be effected.
Chilly
Tony_W
Grafter
Posts: 745
Registered: 11-08-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Hi Chilly,
Yes, it is just that they don't know it yet.
Bob has said in another topic that we need to keep training the spam filters.
So, if you could sweet talk your router into issuing 100's of emails and "not spam" them all, you might eventually get some of them through....
Tracer
Grafter
Posts: 76
Registered: 17-07-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

I'm with chilly
I also have a netgear router that 'sometimes' has its logs marked as spam, its not all the time just the odd one (none in my webmail atm tho).
Community Veteran
Posts: 4,729
Registered: 04-04-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Same here Tracer, its not all of them, in fact the minority.
Since I sent the e-mails over to Bob, I don't think any have been marked.
Chilly
Ianwild
Grafter
Posts: 3,835
Registered: 05-04-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

I have exactly the same issue - With My Googlemail. Whatever training I do, after a few days Google still insists all the mail from my Netgear router is Spam. It's slightly annoying, but I'm thinking there might not be a good answer given the nature of the emails.
Ian
Tracer
Grafter
Posts: 76
Registered: 17-07-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Quote from: Bob
We're going to look at excluding any PlusNet mail headers from future training exercises which may well help reduce the volume of email between accounts that ends up marked incorrectly.

I think what bob said there would be the best and easiest option, just train up so PlusNet headers are not marked as spam.
I'm surprised PN headers haven't been excluded before as the chance of getting spam on the PN network is zero anyway and will probably solve a lot of issues people are having with innocent emails being marked as spam.
Tony_W
Grafter
Posts: 745
Registered: 11-08-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Hi Tracer,
I did not interpret the sentence that Bob wrote in the same way as you.
I think that it just means that they are not going to run any plusnet sourced emails through the training process. That does not mean that they will be whitelisted, or bypass the spam filter in any way.
An automatic whitelisting/exclusion would be great, but I have read in one of the other recent topic posts (or perhaps on a web site about DSPAM) that you can't whitelist with DSPAM.
Perhaps Bob could shed some light on the interpretation....
BoneMan
Grafter
Posts: 163
Thanks: 5
Registered: 01-08-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Quote from: Tracer
as the chance of getting spam on the PN network is zero anyway

Um, may I add a disenting voice here please? If a PlusNet customer catches some nasty piece of malware that uses their system as a mail bot, won't those appear to come from PlusNet addresses? I would love to believe that everything inside the PlusNet boundary is 'clean' but I have some bad news  Sad. There is no Father Christmas  Shocked
Regards,
Ray. 
Tony_W
Grafter
Posts: 745
Registered: 11-08-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Ray, perhaps what Tracer meant (or implied) was that any inadvertent spamming could be detected and the user notified/warned.
It is likely that the outgoing mail servers could be blocked for that user until things are sorted. I don't know, I am only guessing.
PN must have more control over in-house spam generation than they have over spam coming from another ISP.
Tony
Tracer
Grafter
Posts: 76
Registered: 17-07-2007

Re: [-SPAM-] NETGEAR Security Log [xx:xx:xx]

Yeah sorry Tony .. first post of the day and i'm incoherent till my 5th cup of coffee. Grin
Whitelisting is what i meant but i'm not sure what will happen with malware like Boneman said whether PN would detect alot of outgoing mail and warn the user.
Just clutching at straws here tho.