Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Webmail Incident Report
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Broadband
- :
- Webmail Incident Report
- « Previous
-
- 1
- 2
- Next »
Re: Webmail Incident Report
17-10-2007 8:14 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
In the Webmail Incident Report written in May it says "From the suggestions we have received from customers so far we will implement the following:"... seven actions were listed. Then "We will contact all our customers with firm timescales for the above improvements."
Five months on, I raised a ticket asking what the "firm timescales" were. No information was available on planned changes (although some changes were said to have been made already). I find it incredible that SSL is not yet available for POP3 email. Not only has it not been implemented but no target date for its implementation has been announced.
PlusNet does not seem to be taking customers' security concerns seriously.
Five months on, I raised a ticket asking what the "firm timescales" were. No information was available on planned changes (although some changes were said to have been made already). I find it incredible that SSL is not yet available for POP3 email. Not only has it not been implemented but no target date for its implementation has been announced.
PlusNet does not seem to be taking customers' security concerns seriously.
Message 16 of 19
(344 Views)
Re: Webmail Incident Report
17-10-2007 8:42 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Hi there.
We made several announcements regarding the deliverables post the Webmail incident.
These can be read via these links:
http://community.plus.net/blog/2007/06/07/webmail-deliverables-follow-up/
http://community.plus.net/blog/2007/07/05/more-mail-antispam-improvements/
http://community.plus.net/comms/2007/07/17/emailspam-deliverables-update-part-ii/
Hopefully these articles will address any queries you may have. Dont hesitate to post back if you have any remaining queries.
Nothing could be further from the truth. Security is of paramount concern to us and hopefully once you have read the articles, our actions and approach will prove how serious we view security.
We made several announcements regarding the deliverables post the Webmail incident.
These can be read via these links:
http://community.plus.net/blog/2007/06/07/webmail-deliverables-follow-up/
http://community.plus.net/blog/2007/07/05/more-mail-antispam-improvements/
http://community.plus.net/comms/2007/07/17/emailspam-deliverables-update-part-ii/
Hopefully these articles will address any queries you may have. Dont hesitate to post back if you have any remaining queries.
.
Quote PlusNet does not seem to be taking customers' security concerns seriously
Nothing could be further from the truth. Security is of paramount concern to us and hopefully once you have read the articles, our actions and approach will prove how serious we view security.
Message 17 of 19
(344 Views)
Re: Webmail Incident Report
18-10-2007 11:22 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thank-you for the links, Mark. Clearly much has been to combat spam following the exploitation of a security flaw that was present in May. However, PlusNet POP3 email continues to be insecure. The report promised firm timescales for changes including "3) SSL encrypted connections for POP3 and IMAP email and FTP" but, after five months, we have not got them. Thus, it seems that the issue is not receiving the priority it deserves.
Message 18 of 19
(344 Views)
Re: Webmail Incident Report
18-10-2007 4:09 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote It all depends how you use your email. with the anything@ when signing up to a site/suppiler/software registration etc a useful option is to use the company/site name as your sign up email address eg. you could have BT@username and Powergen@username etc etc.
I agree with that. I have used a similar method for years to be able to trace the origin of some spam, and it works well. As a consequence, I managed to undo most of the damage quite quickly. The chief difference is that I have my own domain which redirects my various aliases to Plusnet - at the last count I had about 60 - and means that I only have to change / delete an alias if I suspect it has attracted the attention of a spammer, and then notify the correspondent of my new email address. So for instance there would be :
Plusnet@anyname.co.uk
Water@anyname.co.uk
Electric@anyname.co.uk
Insurance@anyname.co.uk
Shopping@anyname.co.uk etc.
and all of these would be redirected to say :
inbox@anyname.plus.com
That way, I can even still use Atmail without having to log into lots of separate mailboxes or use an email client to receive mail, while still being able to control the distribution of my email address. If I get attacked, I only have to change those that are affected. By doing this, the consequences of the incident for me were fairly short-lived.
On a lighter note, the most recent advance notice of payment from Plusnet got tagged by their own spam filter as spam ! Freudian ?!
Nick
Message 19 of 19
(344 Views)
- « Previous
-
- 1
- 2
- Next »
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page