Category Archives: Technology

mailbait redux

For anyone who runs a mailing list and has gotten pummeled recently with a rash of subscription attempts, they may be coming from mailbait.info.

A while ago I blogged on how to block mailbait, but it appears they have changed their host.

Their new host is ‘themailbait.bitbucket.org’.

I suggest you update your web server configuration to block any referrer that references the word ‘mailbait’ in the URL.

Here’s my new httpd.conf entry to block mailbait…

SetEnvIf Referer mailbait mailbait
Deny from env=mailbait

Responsive Web Design

As part of my fundraising effort for the Tour de Cure, I registered the domain “ridewithdavid.com”. I wanted an easy to remember domain that I could use as a portal to the fundraising page that the ADA provided.

So I created a basic web page that would redirect the visitor to my fundraising page after a few seconds pause.

I designed the page with some graphical elements and got it to a point that I thought it looked good.

The problem was, while the page looked fine on a normal desktop or tablet browser, it looked horrible on a mobile phone browser.

Here’s a screen shot of the page that is displayed on a desktop or tablet browser … notice the two graphical elements on the sides?

Continue reading

WordPress Under Attack

If you run a wordpress blog, you really should  be aware that there is a global attack on wordpress blogs going on.

It’s coming from a bot net and is an attempt to find blogs that have their admin account enabled with easy to guess passwords.

I noticed the attack a couple of months ago when, while watching my web server log scrolling by, I noticed a significant number of attempts to use the wp-login.php script from random IP addresses.

A bit of research turned up information on the global attack.

Obviously I wanted to do something about it to protect my server.

Continue reading

Yahoo SMTP Deferrals Take 2

Well, our good friends at Yahoo are at it again.

Once again they are deferring mail for no apparent reason.

Nothing has changed on my system and yet they haven’t accepted a message to deliver to one of their users in 3 days (maybe more).  And, of course, there’s no way to actually contact a human to find out what is going wrong.

I’m on Yahoo’s email feedback loop … so I’m notified when someone complains about a message.  Nothing has come in recently from the feedback loop.

I used to be on their bulk sender white-list.  There was never a mention of having to renew the white-list approval.

A note to all my friends … DO NOT USE YAHOO FOR EMAIL!  Especially for business email.  The folks at Yahoo do NOT know how to provide service.

Gmail doesn’t have this problem … nor does Hotmail (much as I love to hate Microsoft).

Oh, and FWIW, yahoo customer service tends to ignore questions that are too complex for their script reading drones to answer.

Tech Tip: Don’t use qmail as a mail server

A while ago I added a new anti-spam technique to my mail server setup called “No Listing”.

No listing basically means putting a high priority MX record in the DNS that always rejects mail server connections..

It seems, however, that the qmail mail server can’t cope with that.  It’s not RFC compliant.

Continue reading

Flight Status, Siri?

OK, I admit it … I kind of like Siri on my iPhone.

Some of the features are darn right useful … being able to tell the phone to remind me about something based on location, get the current weather, send a text message by voice, etc.

Recently I found a case that Siri seems to know how toparse … but can’t answer.  Which I find very odd.

Continue reading

whois

Here’s a tip for internet domain owners:

Make sure the contact information for your domain has more than one email address.  And make sure at least one of those email addresses is not in the domain itself.

If your email starts malfunctioning, you want people to be able to tell you about the problem … and if the only email addresses you list are in the actual domain, they won’t be able to contact you.

For example … if the mail server for example.com is having problem … and all the domain registration in the whois database shows ‘joe@example.com’, Joe won’t be able to be notified there is a problem.

The contact information is publicly accessible via the ‘whois’ databases.

Domain registrars that offer whois privacy capabilities should let you list more than one email address when they redirect the email address that they list in the whois look-ups.

For privacy sake, I like using a PO Box for the mailing address on all my domains.

Adding Envelope Sender in sendmail

Fair warning: This post is pretty darn technical and is of little interest to people who don’t muck around with Linux and/or mail servers.

Recently I had a problem with someone on a midrange.com mailing list where they sent obvious spam.

The problem was, they were a subscriber to the list and had posted before … so the normal counter measures for that didn’t work (the first post for all subscribers are held until approved, to prevent people from subscribing, posting spam, and unsubscribing).

The puzzling thing about this was … the ‘from address’ on the message was not in the subscriber list.

Turns out that Mailman will accept message based on the FROM address of the message or the SENDER address (also known as the envelope-from).  The sender addressed is set by the sending mail server and is not normally in the body of the message.

After a bit of digging around, I figured out a way to add this information to the message headers so I can more easily diagnose the problem in the future.

Continue reading

Blocking Mailbait

Recently I’ve been getting a lot of mail from the feedback loops I subscribe to indicating that someone has gotten a subscription confirmation message and they considered it spam.

After digging into my logs I noticed a few things …

  • The subscription requests are being initiated from TOR exit nodes.
  • The web requests that initiate the subscription have “mailbait.info” as their referrer.

This ‘mailbait.info’ service is supposed to allow you to fill your mailbox … why anyone would want to do this is beyond me … and it has absolutely ZERO protections against submitting someone else’s email address.  As such, it just ends up generating spam.  And a lot of the twits that are using this ‘service’ are hiding behind TOR nodes, which protects their IP address.

Continue reading