Before you freak out about whether or not your passwords were leaked
please understand that this is might be a complete hoax that takes
advantage of the fact that e-mail is just a string of text passed from
server to server. Using telnet you can forge the From: field in an
e-mail message provided
On 24 Mar 2019, at 09:32, Michael wrote:
> header CUST_DMARC_FAIL Authentication-Results =~ /mydomain\.com; dmarc=fail/
> score CUST_DMARC_FAIL 4.0
Have you checked this against your spam?
You're going to have a lot of problems with a score of 4.0, I expect.
--
"Some cause happiness wherever
I've been getting these types of email lately too. They're spoofing the
from header from to make it look like it comes from my domain, but the
full email headers show the real source:
Received: from mail.promiks.com (unknown [95.130.173.217])
Received: from ([80.38.233.163])
by mail.promik
On Sat, Mar 23, 2019 at 04:59:46PM -0700, Alice Wonder wrote:
> > This is not necessarily true. A hashed password can be brute-forced.
>
> Only with a weak password and/or a weak hash algorithm, and it is harder
> with just the latter.
Yes, but "not weak" in the context of password hashes mean
On 3/23/19 4:53 PM, Peter wrote:
On 24/03/19 05:49, Alice Wonder wrote:
I have gotten then where they displayed throwaway passwords I used
only once for one site (and thus I know that site doesn't hash
passwords and never use it again)
This is not necessarily true. A hashed password can be b
On 24/03/19 05:49, Alice Wonder wrote:
I have gotten then where they displayed throwaway passwords I used only
once for one site (and thus I know that site doesn't hash passwords and
never use it again)
This is not necessarily true. A hashed password can be brute-forced.
Peter
Greetings, Christian Schmitz!
> 3)Dear Andrei
>> mmu.ac.ug. 86400 IN TXT "v=spf1 include:_spf.google.com ~all"
>> See, ~all was your undoing.
> My domain is **schweb.com.ar** and the email come from **mmu.ac.ug**
> My spf is:
> v=spf1 mx a ip4:24.232.174.73 mx:schweb.com.ar a:schlabs.com.a
On 3/22/19 5:54 PM, Kevin A. McGrail wrote:
On 3/22/2019 7:55 PM, Viktor Dukhovni wrote:
No. The scareware alerts are generally completely fake. They
are spammed indiscriminately to users the scammer knows nothing
about.
Viktor, that does not agree with my significant experience studying thi
On 23 Mar 2019, at 11:32, Christian Schmitz wrote:
3)Dear Andrei
mmu.ac.ug. 86400 IN TXT "v=spf1 include:_spf.google.com
~all"
See, ~all was your undoing.
My domain is **schweb.com.ar** and the email come from **mmu.ac.ug**
My spf is:
v=spf1 mx a ip4:24.232.174.73 mx:schweb.com.ar a
Wow !! how many answers. First to deep into matter i want give the thanks you
to all. While i was reading (and read all answers)i was taking note of some
items that require my answer o clarification.
1) My topology
1.0)My server is in my office phisically and is located at 1 meter of me (3ft)
1.
Greetings, Christian Schmitz!
> Info extra 1: LOG: /var/log/mail
> connect from mmu.ac.ug[62.75.235.12]
> Anonymous TLS connection established from mmu.ac.ug[62.75.235.12]: TLSv1.2
> with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
> : SPF softfail (Mechanism '~all' matched): Envelope-from:
On Mar 22, 2019, at 7:34 PM, Kevin A. McGrail wrote:
They do know the passwords but they didn't hack your PC. See
haveibeenpwned.com. They compromised other services you use and you need
better password management.
On 22.03.19 19:55, Viktor Dukhovni wrote:
No. The scareware alerts are ge
Greetings, Kevin A. McGrail!
> On 3/22/2019 7:55 PM, Viktor Dukhovni wrote:
>
>> No. The scareware alerts are generally completely fake. They
>> are spammed indiscriminately to users the scammer knows nothing
>> about.
>
>
> Viktor, that does not agree with my significant experience
On 22 Mar 2019, at 19:45, Bill Cole
wrote:
> Do not accept mail claiming to be from any address in a local domain on the
> port 25 (smtp) smtpd service. Only accept such mail via port 587 (submission)
> and 465 (smtps) services configured to require authentication.
And the way to do this is:
On 22 Mar 2019, at 20:54, Kevin A. McGrail wrote:
On 3/22/2019 7:55 PM, Viktor Dukhovni wrote:
No. The scareware alerts are generally completely fake. They
are spammed indiscriminately to users the scammer knows nothing
about.
Viktor, that does not agree with my significant experience study
On 3/22/2019 10:45 PM, Benny Pedersen wrote:
> Kevin A. McGrail skrev den 2019-03-23 00:34:
>
>> Also see KAM.cf and the KAM_CRIM ruleset for spamassassin for this
>> exact run of spams.
>
> will you add good rules to core spamassassin ?
>
> so above is testing rules, not yet ready for core, if its
Kevin A. McGrail skrev den 2019-03-23 00:34:
Also see KAM.cf and the KAM_CRIM ruleset for spamassassin for this
exact run of spams.
will you add good rules to core spamassassin ?
so above is testing rules, not yet ready for core, if its stable just
not in core i can see why thay could not be
On 22 Mar 2019, at 21:56, Mauricio Tavares wrote:
I would add that spamassassin does not seem to have much of a
problem catching that
True. This is due to a lot of work by John Hardin to create and maintain
a focused rule cluster that catches a big slice of this garbage. It has
morphed subs
On Fri, Mar 22, 2019 at 9:46 PM Bill Cole
wrote:
>
> On 22 Mar 2019, at 19:19, Christian Schmitz wrote:
>
> > Hi everyone:
> > I have a small mail server with fewer emails account, The server is:
> > Opensuse/Postfix/apache
> >
> > Today i receive a pishing email Words more or less say that
On 3/22/2019 9:31 PM, Viktor Dukhovni wrote:
>> Have you checked on haveibeenpwned for the email addresses and domains
>> in question?
> There's no need. The team mailboxes in question are not associated
> with any login accounts, they're just public contact addresses
> scraped from websites.
You
On 22/03/2019 23:19, Christian Schmitz wrote:
Hi everyone:
I have a small mail server with fewer emails account, The server is:
Opensuse/Postfix/apache
Today i receive a pishing email Words more or less say that i was hacked, that
he know my passwords blah blah blah and i must pay on bit
On 22 Mar 2019, at 19:19, Christian Schmitz wrote:
Hi everyone:
I have a small mail server with fewer emails account, The server is:
Opensuse/Postfix/apache
Today i receive a pishing email Words more or less say that i was
hacked, that
he know my passwords blah blah blah and i must pay
On Fri, Mar 22, 2019 at 09:23:13PM -0400, Kevin A. McGrail wrote:
> > Sure they may also be scraping email addresses from breaches, but
> > that's one source. These scams are not a specific indication that
> > one's passwords are at risk. That's true or false with or without
> > receipt of these
On 3/22/2019 9:06 PM, Viktor Dukhovni wrote:
> Sure they may also be scraping email addresses from breaches, but
> that's one source. These scams are not a specific indication that
> one's passwords are at risk. That's true or false with or without
> receipt of these scams.
Have you checked on h
On 3/22/19 9:11 PM, Julian Opificius wrote:
>
> On 3/22/2019 7:54 PM, Kevin A. McGrail wrote:
>> On 3/22/2019 7:55 PM, Viktor Dukhovni wrote:
>>> No. The scareware alerts are generally completely fake. They
>>> are spammed indiscriminately to users the scammer knows nothing
>>> about.
>>
>> Vikt
On 3/22/2019 7:54 PM, Kevin A. McGrail wrote:
On 3/22/2019 7:55 PM, Viktor Dukhovni wrote:
No. The scareware alerts are generally completely fake. They
are spammed indiscriminately to users the scammer knows nothing
about.
Viktor, that does not agree with my significant experience studying
On 3/22/2019 7:55 PM, Viktor Dukhovni wrote:
> No. The scareware alerts are generally completely fake. They
> are spammed indiscriminately to users the scammer knows nothing
> about.
Viktor, that does not agree with my significant experience studying this
particular spam threat. Yes, they are "
> On Mar 22, 2019, at 7:34 PM, Kevin A. McGrail wrote:
>
> They do know the passwords but they didn't hack your PC. See
> haveibeenpwned.com. They compromised other services you use and you need
> better password management.
No. The scareware alerts are generally completely fake. They
a
On 3/22/2019 7:19 PM, Christian Schmitz wrote:
> Hi everyone:
> I have a small mail server with fewer emails account, The server is:
> Opensuse/Postfix/apache
>
> Today i receive a pishing email Words more or less say that i was hacked,
> that
> he know my passwords blah blah blah and i mu
Hi everyone:
I have a small mail server with fewer emails account, The server is:
Opensuse/Postfix/apache
Today i receive a pishing email Words more or less say that i was hacked, that
he know my passwords blah blah blah and i must pay on bit_coins. The email
content is 100% pishing and
30 matches
Mail list logo
