Plusnet server on Trend blacklist
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- :
- Re: Plusnet server on Trend blacklist
Re: Plusnet server on Trend blacklist
24-05-2012 10:17 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
As I see the same error I suggest you try it yourself.
Note that this was from one Plusnet email to another (both mine) and the Internet Header on the bounce is blank
This is the bounce
Quote Your message did not reach some or all of the intended recipients.
Subject: test
Sent: 24/05/2012 10:01
The following recipient(s) could not be reached:
'Jim' on 24/05/2012 10:01
552 Dl0h1j00D2ZcWc101l0ifA message rejected due to spam or virus. If you believe this is in error please login to your portal or contact your ISP support team.
Re: Plusnet server on Trend blacklist
24-05-2012 10:20 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Plusnet server on Trend blacklist
24-05-2012 10:21 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Anotherone As helpful as ever.
And there was reply #96
Sorry, i don't think that comment is called for. We are trying to help but we need the ticket raising!!
Re: Plusnet server on Trend blacklist
24-05-2012 10:35 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Plusnet server on Trend blacklist
24-05-2012 10:38 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Well I'm sorry about that, but it was the curt way in which you responded along with the fact that I'm niggled because I've also hightlighted a question I asked days ago in this thread to which Plusnet still haven't responded - last mentioned at http://community.plus.net/forum/index.php/topic,104609.msg894923.html#msg894923
Re: Plusnet server on Trend blacklist
24-05-2012 10:54 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: snozboz However, in the longer term, isn't there something that can be done to improve the Plusnet email system? I'm not all that knowledgeable about these things, but there are a few ideas on the Plusnet Usergroup Issue Tracker (PUGIT) that seem to offer the potential for the Plusnet email system to more easily prevent spam being sent through Plusnet, which would mean anti-spam services like Trend would trust Plusnet servers more. For example, Sender Policy Framework ...
Already enabled for Madasafish domains and wouldn't stop spam being sent. It would just result in messages getting refused/spammed at the recipient's side by MTA's that reject/spam mail based on SPF mismatches. Not too dissimilar to how the NHS etc. are rejecting mail now based on Trend's RBL/
Quote from: snozboz ... and Authorised outgoing SMTP email...
We already support SMTP AUTH however you can still send mail without it as long as you're on our network. If we were to make it a requisite then the vast majority of our customer-base would need to reconfigure their email clients and I'm sure you can imagine what sort of disruption/support overhead something like that would entail? FWIW, the new Webmail platform already uses SMTP AUTH when sending messages. Forcing it would be an exercise in futility anyway because if an account gets compromised, the spammers already have the SMTP AUTH credentials for the customer in question.
Quote from: snozboz ... and Encrypted SMTP...
That would only help if accounts were getting compromised by people 'sniffing' customer's usernames/passwords if they're using SMTP AUTH on a public Wi-Fi network or similar. I'm pretty confident this won't be happening in any large scale though (far too much hassle for people to go to). I reckon the majority of accounts get compromised by people replying to/responding to phishing emails.
Quote from: snozboz ... and Changing rDNS to ip.plus.com.
I don't see this helping either. Somebody would have to pull our netblocks from RIPE or similar, rDNS lookup them all for the usernames and then try brute-forcing the passwords associated with each username. It's possible yes, but I doubt it's contributing in any large scale to the problem at hand. Again, it's too much effort to go to when there's people out there who'll still willingly reply/respond to phishing disclosing their account passwords etc.
Quote from: Robtheplod I have 16 customers who can no longer email any NHS clients and it's really starting to cause problems......
As Matt's pointed out in a previous post. Most servers have been delisted. There's 8 in total and you've pretty much a 1 in 8 chance of hitting each one when you send a message. If a message gets bounced on the first attempt then try again.
Quote from: purleigh Aren't the examples of SPAM for the stated IP addresses on the TrendMicro website good enough ?
http://www.mail-abuse.com/cgi-bin/show_listing.cgi?5188053
Old examples from last month. You'll notice there's Madasafish and Waitrose accounts in that lot, both of which use SPF (see my comments about SPF up there ^)
Quote from: Anotherone I know Bob is a very busy person, but someone else from Plusnet could have addressed my query in reply #68 which referred to this
Whilst Matt's reply #85 does say that Plusnet now have examples, I still want to know whether the initial information provided by Trend gave Plusnet sufficient detail to look for sources of the SPAM.
Yes, they provide headers etc. as can be seen by the link Purleigh posted. Let's be clear though - We're not talking about a single customer's account that's causing the problem.
Quote from: x47c .....and I hope at the end compulsorily closing the Plusnet account(s) from whom this is all traced back to.
We've disabled, and continue to disable, any accounts we come across that are spamming. We do monitor our outbound mail queues from day to day and do this anyway as a matter of course.
Quote from: Oldjim Chris,
As I see the same error I suggest you try it yourself.
Note that this was from one Plusnet email to another (both mine) and the Internet Header on the bounce is blank
This is the bounce
Quote Your message did not reach some or all of the intended recipients.
Subject: test
Sent: 24/05/2012 10:01
The following recipient(s) could not be reached:
'Jim' on 24/05/2012 10:01
552 Dl0h1j00D2ZcWc101l0ifA message rejected due to spam or virus. If you believe this is in error please login to your portal or contact your ISP support team.
That's *our* relay servers rejecting the message because the URL in question matches one of Cloudmark's spam fingerprint. So this is us rejecting messages because Cloudmark has identified spam messages containing that URL or originating from an email address associated with the same domain.
So when another company blocks us it's us that gets flak for it, and when we block another company it's us that gets flak for it.
Seems like you can't win when it comes to spam detection
Anyway, I'll have a look at getting the reputation of that URL reset by Cloudmark. It's nothing to do with the Trend situation and discussing it in this thread is likely to start confusing matters.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: Plusnet server on Trend blacklist
24-05-2012 11:10 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
That's fine, because I was quite prepared to have a go at Trend myself if they hadn't provided sufficient information at the outset.
Quote Yes, they provide headers etc. as can be seen by the link Purleigh posted. Let's be clear though - We're not talking about a single customer's account that's causing the problem.
With regard to the Outgoing Server issue, the original problem was raised in reply #86 which might have been more blacklisting, more detail was given in reply #96 which is how it developed.
Re: Plusnet server on Trend blacklist
24-05-2012 11:20 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Bob
Quote from: snozboz ... and Encrypted SMTP...
That would only help if accounts were getting compromised by people 'sniffing' customer's usernames/passwords if they're using SMTP AUTH on a public Wi-Fi network or similar. I'm pretty confident this won't be happening in any large scale though (far too much hassle for people to go to). I reckon the majority of accounts get compromised by people replying to/responding to phishing emails.
Is it still the principal that PlustNet are willing to allow (or indeed forcing) any customer using any network other than PlusNet to expose their login credentials to their entire account (not just email) when using IMAP or SMTP, because only a small proportion are at risk.
Given the fact that the Member Center on the Portal and Webmail only use an encrypted protocol (HTTPS) and the forums can do, why can't we have encyption support for IMAP, POP and SMTP?
Re: Plusnet server on Trend blacklist
24-05-2012 11:37 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: kmilburn Given the fact that the Member Center on the Portal and Webmail only use an encrypted protocol (HTTPS) and the forums can do, why can't we have encyption support for IMAP, POP and SMTP?
You can. The fact is it's not something that we've invested the money/resource into enabling though. It's not as simple as just switching SSL on for the MTAs we're using. There are hardware implications and other things to consider too. I'm not going to lie to you - The work simply isn't on our roadmap at present.
I'd like to see SSL enabled as much as the next man but our resource is pooled elsewhere at the moment
Quote from: Anotherone It's this http://www.holbornwhippet.com/ that it doesn't like
This should now be fixed.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: Plusnet server on Trend blacklist
24-05-2012 11:57 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
While I can see that technically those suggestions for improving the Plusnet email system won't, by themselves, solve all the problems such as the Trend one we're currently experiencing, wouldn't implementing the suggestions help to improve the reputation of Plusnet's servers so that services like Trend will be less inclined to blacklist them in such a blanket way?
Re: Plusnet server on Trend blacklist
24-05-2012 12:04 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I believe you can now use the username+mailbox and mailbox password rather than only the main account details. That means you could setup a mailbox with its own password just for authenticating SMTP.
Quote s it still the principal that PlustNet are willing to allow (or indeed forcing) any customer using any network other than PlusNet to expose their login credentials to their entire account (not just email)
Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.
Re: Plusnet server on Trend blacklist
24-05-2012 12:06 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Edit: Thanks added to ticket and closed.
Re: Plusnet server on Trend blacklist
24-05-2012 12:47 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Re: Plusnet server on Trend blacklist
24-05-2012 1:12 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote Pipex subscribers struggled to send emails for several days after antivirus biz Trend Micro declared the ISP's network a source of spam.
Pipex 'silence' condemned punters' emails to spam blackhole
Re: Plusnet server on Trend blacklist
24-05-2012 1:14 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: kmilburn Is it still the principal that PlustNet are willing to allow (or indeed forcing) any customer using any network other than PlusNet to expose their login credentials to their entire account (not just email) when using IMAP or SMTP, because only a small proportion are at risk.
NO! You can use username+mailbox now (it doesn't have to be the account login).
If you want to be really secure create a new mailbox to give you a login that you will only ever be used when sending emails.
Edit: Reading further on I see MisterW's had the same idea.
jelv (a.k.a Spoon Whittler) Why I have left Plusnet (warning: long post!) Broadband: Andrews & Arnold Home::1 (FTTC 80/20) Line rental: Pulse 8 Home Line Rental (£14.40/month) Mobile: iD mobile (£4/month) |
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- :
- Re: Plusnet server on Trend blacklist