Cloudmark anti-spam migrations October 2011...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- :
- Cloudmark anti-spam migrations October 2011...
Re: Cloudmark anti-spam migrations October 2011...
20-10-2011 7:57 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I can still send emails via Outlook on Windows desktops but any email originating from the Linux server (using postfix) appear to be accepted by relay.plus.net but is then 'black holed' and never delivered. I've checked the spam folder via webmail which is empty but it seems too much of a coincidence that 12th Oct was the first stage of Plusnet customer migration to the new anti-spam platform.
Is it possible to confirm if such emails are being impacted by the anti-spam platform migration and if so, what steps should I take to ensure these emails are delivered?
Thanks, Phil
Re: Cloudmark anti-spam migrations October 2011...
20-10-2011 10:08 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
[quote author="Bob Pullen"]Planned Anti-spam/Email Platform Maintenance - Thursday 20th October
When's this work happening?
Today, 20th October.
What does it affect?
Inbound email delivery, spam and virus filtering.
How long will it take?
The work itself will be completed by the end of the working day, however the changes may take 24-48 hours to come into effect.
What does the work involve?
We're migrating the final batch of customers across to a new anti-spam platform.
Am I likely to notice this work?
The work is designed to be as transparent as possible, however the more astute may notice subtle changes to the way email is delivered across our network.
Is there anything else I need to know?
For further details surrounding this maintenance, please see the recently published blog article over on our Community Site - http://community.plus.net/blog/2011/10/04/plusnet-look-to-the-clouds-for-email-security-solution/
Kind Regards,
Bob Pullen
Customer Support
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: Cloudmark anti-spam migrations October 2011...
20-10-2011 10:19 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
[quote author="Bob Pullen"]Planned Anti-spam/Email Platform Maintenance - Thursday 20th October
When's this work happening?
Today, 20th October.
What does it affect?
Outbound email delivery, spam and virus filtering.
How long will it take?
The work itself will be completed by the end of the working day, however the changes may take 24-48 hours to come into effect.
What does the work involve?
We're migrating FreeOnline and Force9 customers' email to a new outbound email and anti-spam platform.
Am I likely to notice this work?
The work is designed to be as transparent as possible, however the more astute may notice subtle changes to the way email is delivered across our network.
Is there anything else I need to know?
For further details surrounding this maintenance, please see the recently published blog article over on our Community Site - http://community.plus.net/blog/2011/10/04/plusnet-look-to-the-clouds-for-email-security-solution/.
Kind Regards,
Bob Pullen
Customer Support
Edit: Just to note at this stage that all Madasafish customers inbound email has already been moved across. We'll be moving Madasafish outbound along with FreeOnline and Force9.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: Cloudmark anti-spam migrations October 2011...
20-10-2011 12:09 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: PhilipStyles I can still send emails via Outlook on Windows desktops but any email originating from the Linux server (using postfix) appear to be accepted by relay.plus.net but is then 'black holed' and never delivered. I've checked the spam folder via webmail which is empty but it seems too much of a coincidence that 12th Oct was the first stage of Plusnet customer migration to the new anti-spam platform.
Alter your setup so that the emails get sent to an address where they *don't* go missing, raise a support ticket including the full headers/body of one of these emails and I'll look into it. You'll need to give me a nudge here once the ticket's raised though. It won't be anything to do with our relay servers because the outbound Plusnet VIP hasn't been moved across yet.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: Cloudmark anti-spam migrations October 2011...
20-10-2011 12:54 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: jelv Should we be reporting false positives and negatives to notspam@spamtraining.plus.com and spam@spamtraining.plus.com as previously?
Should they still be sent as attachments (as per the help pages)?
Will action be taken in respect of the emails we forward to those mailboxes?
I've been moved over and first impression is that I'm not impressed!
I too am unimpressed.
But at least this thread and the information contained in it goes some way to explaining the 5 fold (and growing) increase in spam getting through the filters that has occured in the last few days but unfortunately it does nothing to explain the reasons why the system is suddenly rejecting all the mails I wish to send to spamtraining and other anti spam addresses.
Stiil, it is plusnet and a new anti spam toy, we all have far too much experience with this scenerio in the past to expect it to actually work from day 1 and while we wait the criminal scum are free to do their work unhindered..
I do hope Plusnet haven't actually paid for this new system yet.
Re: Cloudmark anti-spam migrations October 2011...
20-10-2011 3:18 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: essexboy but unfortunately it does nothing to explain the reasons why the system is suddenly rejecting all the mails I wish to send to spamtraining and other anti spam addresses.
Can you elaborate on this please?
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: Cloudmark anti-spam migrations October 2011...
20-10-2011 3:43 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Cloudmark anti-spam migrations October 2011...
20-10-2011 3:49 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
By the way we've backed out Force9 (outbound) due to an influx of customers reporting the above errors when trying to send mail (ref: 68791).
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: Cloudmark anti-spam migrations October 2011...
20-10-2011 4:43 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Bob
Quote from: essexboy but unfortunately it does nothing to explain the reasons why the system is suddenly rejecting all the mails I wish to send to spamtraining and other anti spam addresses.
Can you elaborate on this please?
This is strange.
When I made my comment, some hours ago, forwarding a spam email to spamtraining and other destinations resulted in a rejection on the grounds it is either spam or contained a virus.
This seems now to have changed. Spammy mail is now accepted but appears to be being silently dropped. I have tried to send to bothj f9 and non f9 destinations.
<edit>
More time passes and the waters clear.
The first batch of spam mail I sent out today (mainly to spamcop) were delayed for some hours. Copies of those same emails, (sent at the same time by the same process to spamtraining) appear to be the ones which were rejected as I have described.
Now it all seems to be working seemlessly but I don't have overnight batches anymore, just two or three an hour.
<edit #2>
More time passes and a few minutes ago when I turned on my machine and went for the mail, the 20 odd Facebook phishing emails I tried to forward were rejected with the following message:
"An error occurred while sending mail. The mail server responded: randomstring message rejected due to spam or virus. If you believe this is in error please login to your portal or contact your ISP support team.. Please check the message and try again."
This is wonderful, now the problem seems to be intermittent.
And I get this as well:
"Sending of message failed.
The message could not be sent because the connection to SMTP server relay.force9.net was lost in the middle of the transaction. Try again or contact your network administrator."
I have changed nothing, not a single thing and up until a couple of days ago hardly knew my email was there and now you have installed a new antispsm system and all of a sudden my email is having hysterics. I wonder how long it will take you to tell me to reenter all my details.
.
Re: Cloudmark anti-spam migrations October 2011...
21-10-2011 9:02 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Bob Alter your setup so that the emails get sent to an address where they *don't* go missing, raise a support ticket including the full headers/body of one of these emails and I'll look into it. You'll need to give me a nudge here once the ticket's raised though. It won't be anything to do with our relay servers because the outbound Plusnet VIP hasn't been moved across yet.
Thanks, but I've tried to send emails from root and standard users to both a specific mailbox and the catchall (both known to be successfully delivering email from other sources) but everything sent from the Linux box 'black holes'. I've also tried sending to <user>@<account>.plus.com rather than <user>@<my-hosted-domain> which are also not delivered. I do have received emails from 12th Oct and earlier; are those are likely to be of any use?
Re: Cloudmark anti-spam migrations October 2011...
21-10-2011 9:16 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
jelv (a.k.a Spoon Whittler) Why I have left Plusnet (warning: long post!) Broadband: Andrews & Arnold Home::1 (FTTC 80/20) Line rental: Pulse 8 Home Line Rental (£14.40/month) Mobile: iD mobile (£4/month) |
Re: Cloudmark anti-spam migrations October 2011...
21-10-2011 10:18 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote Dear Customer,
Your Halifax Account security validation has expired,
this maybe as a result of wrong or incomplete data
entered during the last update.
It's strongly required that you should validate your
Account Ownership Security.
for the safety of Your Accounts,
UPDATE NOW.
Best Regards,
Customer Security Department
HALIFAX BANK
Headers:
Return-path: <helpdesk@halifax.co.uk>
Envelope-to: xxx@yyy.me.uk
Delivery-date: Fri, 21 Oct 2011 08:39:42 +0100
Received: from [212.159.8.109] (helo=avasin11)
by inmx05.plus.net with esmtp (PlusNet MXCore v2.00) id 1RH9he-0002UB-Sb
for xxx@yyy.me.uk; Fri, 21 Oct 2011 08:39:42 +0100
Received: from smtp4.clear.net.nz ([203.97.37.64])
by avasin11 with Plusnet Cloudmark Gateway
id nKff1h00D1P2N8B01Kfhev; Fri, 21 Oct 2011 08:39:42 +0100
X-CM-Score: 0.00
X-CNFS-Analysis: v=2.0 cv=DfuVW4RW c=1 sm=1 a=9c5kbP3iZEeg/9f9OOkSVQ==:17
a=Dyoqhi_TatcA:10 a=tk2nSNPLgPYA:10 a=1qt-rfWeYskA:10 a=8EU9Q7FnrCoA:10
a=Cfj4BQAnxiAA:10 a=JfO1Bi99ImcA:10 a=485j-6XuAAAA:8 a=9TbDINelAAAA:8
a=PZmg7PAiAAAA:8 a=c0BbRnQLOoJyV7DufQUA:9 a=JBKYUPF6hJuIVNXibXcA:7
a=Ft8UYL4EG9YA:10 a=tXsnliwV7b4A:10 a=jrg6b1KfSToA:10 a=e9aCGUqdqY8A:10
a=EJqDOWstUFk4nGjb:21 a=rf1-Zt80QpKH-te5:21 a=b0AJ5KisJ0lDkPDDnoldNA==:117
Received: from User (graeme53.lnk.telstra.net [120.151.153.151])
by smtp4.clear.net.nz (CLEAR Net Mail)
with ESMTPA id <0LTE00ERZNOSRY10@smtp4.clear.net.nz> for xxx@yyy.me.uk;
Fri, 21 Oct 2011 20:35:05 +1300 (NZDT)
Date: Fri, 21 Oct 2011 18:35:46 +1100
From: "helpdesk@halifax.co.uk" <helpdesk@halifax.co.uk>
Message-id: <0LTE00ES0NOTRY10@smtp4.clear.net.nz>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
Content-type: text/html; charset=Windows-1251
Content-transfer-encoding: 7bit
X-Priority: 3
X-MSMail-priority: Normal
X-PN-Virus-Filtered: by PlusNet MXCore (v5.00)
X-PN-Spam-Filtered: by PlusNet MXCore (v5.00)
Subject: ACCOUNT SECURITY VALIDATION !
jelv (a.k.a Spoon Whittler) Why I have left Plusnet (warning: long post!) Broadband: Andrews & Arnold Home::1 (FTTC 80/20) Line rental: Pulse 8 Home Line Rental (£14.40/month) Mobile: iD mobile (£4/month) |
Re: Cloudmark anti-spam migrations October 2011...
21-10-2011 9:03 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Makes me wonder if some emails are being discarded as blatant spam.
I'm fast losing confidence in the new system!
jelv (a.k.a Spoon Whittler) Why I have left Plusnet (warning: long post!) Broadband: Andrews & Arnold Home::1 (FTTC 80/20) Line rental: Pulse 8 Home Line Rental (£14.40/month) Mobile: iD mobile (£4/month) |
Re: Cloudmark anti-spam migrations October 2011...
22-10-2011 5:58 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Return-path: <customer.violations@barclays.com>
Envelope-to: ~~~
Delivery-date: Sat, 22 Oct 2011 11:31:35 +0100
Received: from [212.159.8.109] (helo=avasin07)
by inmx17.plus.net with esmtp (PlusNet MXCore v2.00) id 1RHYrX-0008H1-5r
for ~~~; Sat, 22 Oct 2011 11:31:35 +0100
Received: from mailrelay.tugraz.at ([129.27.2.202])
by avasin07 with Plusnet Cloudmark Gateway
id nmXY1h00L4MWSbl01mXaxp; Sat, 22 Oct 2011 11:31:35 +0100
X-CM-Score: 0.00
X-CNFS-Analysis: v=2.0 cv=AcYz7grG c=1 sm=1 a=nJ6H7NrM4/Ni9HCRgd6XOg==:17
a=eWf7rtoKYN4A:10 a=FXcmsGrf5tmp5Mmss00A:9 a=QEXdDO2ut3YA:10 a=Xll4MCe3AAAA:8
a=hew50mKzfEX9hLTXSPQA:9 a=RVOdhQqTS6RwXsvkkekA:7 a=ud8QlHq_ve8A:10
a=nJ6H7NrM4/Ni9HCRgd6XOg==:117
Received: from 24-217-226-64.dhcp.stls.mo.charter.com (24-217-226-64.dhcp.stls.mo.charter.com [24.217.226.64])
(authenticated bits=0)
by mailrelay1.tugraz.at (8.14.4/8.14.4) with ESMTP id p9MASLOa015531
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
Sat, 22 Oct 2011 12:28:49 +0200 (CEST)
Message-ID: <A2016BA2F6BD407A8F9251A6A926CBCA@kwsy>
From: "Barclays Bank PLC" <customer.violations@barclays.com>
Date: Sat, 22 Oct 2011 11:21:56 +0100
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_07A9_01CC90AC.CEF66290"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Mail 6.0.6001.18000
X-MimeOLE: Produced By Microsoft MimeOLE V6.0.6001.18049
X-TUG-Backscatter-control: uhWSJkmt3053U4aeH7sHCg
X-Spam-Scanner: SpamAssassin 3.003000
X-Spam-Score-relay: 5.5
X-Scanned-By: MIMEDefang 2.70 on 129.27.10.18
X-PN-Virus-Filtered: by PlusNet MXCore (v5.00)
X-PN-Spam-Filtered: by PlusNet MXCore (v5.00)
Subject: Security Alert !
Quote Barclays Notification
We noticed a violation of our services on your account, this may have occurred due to a viral infection on your computer when you last accessed our online services.
For security reasons, we have temporarily disabled access to your account until you complete the account restore process.
Click Here To Resolve Now <http://www.**************.pt/includes/js/LoginMember.login.htm>
Best Regards,
Customer Service Team
My spam folder is still empty, where can I find email that has been marked as spam?
Re: Cloudmark anti-spam migrations October 2011...
22-10-2011 10:14 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
jelv (a.k.a Spoon Whittler) Why I have left Plusnet (warning: long post!) Broadband: Andrews & Arnold Home::1 (FTTC 80/20) Line rental: Pulse 8 Home Line Rental (£14.40/month) Mobile: iD mobile (£4/month) |
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- :
- Cloudmark anti-spam migrations October 2011...