cancel
Showing results for 
Search instead for 
Did you mean: 

Very dodgy spam email situation [Part 5]

Community Veteran
Posts: 4,729
Registered: 04-04-2007

Very dodgy spam email situation [Part 5]

282 REPLIES
N/A

Very dodgy spam email situation [Part 5]

Thanks Chilly

Just drinking from the chalice of life.

Thanks Plusnet - If it doesn't kill you it only makes you stronger.

Still the best ISP in the UK for me.
kathie1101
Grafter
Posts: 55
Registered: 20-08-2007

Very dodgy spam email situation [Part 5]

You really must have had too much to drink!!! Cheesy Cheesy


[Moderator's note by Jonathan (Chillypenuin): Full quote of preceding post removed..]
sophos9
Grafter
Posts: 760
Registered: 12-09-2007

Very dodgy spam email situation [Part 5]

Quote
If it doesn't kill you it only makes you stronger.


why does that not apply to Jack Daniels?
mitchell20
Grafter
Posts: 424
Registered: 30-07-2007

Very dodgy spam email situation [Part 5]

Windows Mail in Windows Vista seems much better at handling SPAM than Outlook Express or Outlook ever was.

Since I upgraded to Vista, Windows Mail has caught everything it should (both Plus.net SPAM tagged and non-tagged SPAM) and I've only had 1 or 2 false positives (all from the same sender as well - marketing emails so no great lose anyway)

It moves SPAM to a specific folder automatically without having to create rules. You also have the option to delete SPAM straight away rather than moving it to the spam folder if you wish.
Liam
Grafter
Posts: 2,083
Registered: 04-04-2007

Very dodgy spam email situation [Part 5]

That is very interesting to know. Must get me a play with that at some point.
sophos9
Grafter
Posts: 760
Registered: 12-09-2007

Very dodgy spam email situation [Part 5]

Quote
Windows Mail in Windows Vista seems much better at handling SPAM than Outlook Express or Outlook ever was.


Thats great, make sure that Vista is fully patched up, there is a vulnerability in Windows Mail - pretty nasty actually (remote code exploit leading to PC takeover)
N/A

Very dodgy spam email situation [Part 5]

apologies for posting this out-of-thread, so here it is in the proper place


http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2153

details a vulnerability in Atmail (@Mail) that sounds very like the one that the PlusNet webmail interface went down with on 09 May 2007, e.g.

http://usertools.plus.net/status/archive/1179240249.htm

This vulnerability was known to security professionals on 19 April 2007 - three weeks before the PlusNet attack.
Community Veteran
Posts: 6,111
Thanks: 1
Registered: 05-04-2007

Very dodgy spam email situation [Part 5]

In a similar vein, Mac OS X Mail is also pretty good at filtering out junk mail - I'd advise anyone who hasn't got it enabled to do so.
sophos9
Grafter
Posts: 760
Registered: 12-09-2007

Very dodgy spam email situation [Part 5]

Quote

This vulnerability was known to security professionals on 19 April 2007 - three weeks before the PlusNet attack.


Was actually discovered by Dave Kurz on 5/4 and PoC released on 11/4

I think you may find that this is not the vulnerability used to access the transaction tables, the cookie hijacking is worse but localised
J_i_m
Grafter
Posts: 54
Registered: 01-08-2007

Very dodgy spam email situation [Part 5]

I was wondering if the @mail breach was something to do with this http://blog.atmail.com/?p=50 Smiley
Community Veteran
Posts: 1,160
Thanks: 1
Registered: 01-08-2007

Very dodgy spam email situation [Part 5]

Quote
In a similar vein, Mac OS X Mail is also pretty good at filtering out junk mail - I'd advise anyone who hasn't got it enabled to do so.

Yes. It marks anything that PlusNet doesn't. I've set mine up so it all ends up in the same folder.
Plusnet user since November 2003
Currently on Unlimited Fibre Extra and Unlimited UK & Mobile Calls
Community Veteran
Posts: 26,341
Thanks: 595
Fixes: 8
Registered: 10-04-2007

Very dodgy spam email situation [Part 5]

Quote
apologies for posting this out-of-thread, so here it is in the proper place


http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2153

details a vulnerability in Atmail (@Mail) that sounds very like the one that the PlusNet webmail interface went down with on 09 May 2007, e.g.

http://usertools.plus.net/status/archive/1179240249.htm

This vulnerability was known to security professionals on 19 April 2007 - three weeks before the PlusNet attack.


Similar except for the fact that it refers to a totally different version of @Mail. Plusnet's @Mail was based in version 4 which is pl not php.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£13/month)
Mobile: iD mobile (£4/month)
sophos9
Grafter
Posts: 760
Registered: 12-09-2007

Very dodgy spam email situation [Part 5]

Quote
I was wondering if the @mail breach was something to do with this http://blog.atmail.com/?p=50 Smiley


Thats the same thing, XSS and cookie manipulation... the exploit will pop up somewhere online pretty soon I'm sure, a million monkeys were given a million typewriters

Cookie manipulation is localised and XSS *should* not be able to lead to actual compromising of a server

Calacode had bigger problems with SQL Injection back in 03, dead easy to view emails from anyones box - silly coders lol
The_10th
Grafter
Posts: 1,090
Registered: 08-04-2007

Very dodgy spam email situation [Part 5]

Read this from the detailed FAQ:
Quote
Following on from this serious incident, my default mailbox has been receiving spam emails. I've changed my password etc, but I would also like to rename my default mailbox. Can I do that?

Yes, this is possible to achieve using our new ‘Manage My Mail’ tool. Here you can select any mailbox you like to be your ‘catch-all’ mailbox. You can also turn it off here, and setup any individual mailboxes / aliases that you wish to use. See this guide for information.


How exactly can a default mailbox be changed as when clicking 'edit' it just asks for new password?

Also, will the stronger passwords allow special characters and not just upper/lower case? In for a penny...