They did not respond to the key problems: they still allow their systems to
host zipped malware, they allow their clients to upload it, they allow the
delivery of mass mail with a link to their hosted malware. These three problems
are still in place. Stopping specific clients will not prevent fu
MailChimp has said that they believe that they have terminated all accounts
that were responsible for this. BUT, they say, this is a group that keeps
cropping up (think whack-a-mole), so to please report any more of these that
anyone receives.
Anne
Anne P. Mitchell,
Attorney at Law
Author: S
Here you go:
https://www.google.co.uk/search?q=what+is+esq+after+a+lawyer%27s+name
On 20 October 2017 18:44:15 BST, Antony Stone
wrote:
>On Friday 20 October 2017 at 19:29:31, Anne P. Mitchell Esq. wrote:
>
>> Anne P. Mitchell,
>> Attorney at Law
>
>I'm intrigued as to what the "Esq." in your
Sorry for top-posting, but just to let folks know, our contact has just let me
know that he is on this; I'll report back with anything I hear that I can share.
Anne
>
> Hi,
>
>>> Another email from a whitelisted mailchimp address that contains malware.
>>>
>>> https://pastebin.com/ay83iWjC
>
The address "i...@scria.org.au" may not be directly responsible for the hack.
You need a forensic report from someone who has access to a recipient's server
log.
R
Sent from ProtonMail Mobile
On Fri, Oct 20, 2017 at 7:29 PM, Anne P. Mitchell Esq.
wrote:
>> > Hi, > > Another email from a whi
Here you go:
https://www.google.co.uk/search?q=what+is+esq+after+a+lawyer%27s+name
On 20 October 2017 18:44:15 BST, Antony Stone
wrote:
>On Friday 20 October 2017 at 19:29:31, Anne P. Mitchell Esq. wrote:
>
>> Anne P. Mitchell,
>> Attorney at Law
>
>I'm intrigued as to what the "Esq." in your
Usually Esquire a title used in American Law.
(I'm sure Google has more details.)
On 20 October 2017 18:44:15 BST, Antony Stone
wrote:
>On Friday 20 October 2017 at 19:29:31, Anne P. Mitchell Esq. wrote:
>
>> Anne P. Mitchell,
>> Attorney at Law
>
>I'm intrigued as to what the "Esq." in your F
Hi,
>> Another email from a whitelisted mailchimp address that contains malware.
>>
>> https://pastebin.com/ay83iWjC
>>
>> It's also not tagged when not whitelisted, and I hoped someone had
>> some ideas on what further can be done to block it.
>>
>> Complicating things, it's in Italian.
>>
>> I'v
On Friday 20 October 2017 at 19:54:08, Anne P. Mitchell Esq. wrote:
> > On Friday 20 October 2017 at 19:29:31, Anne P. Mitchell Esq. wrote:
> >> Anne P. Mitchell,
> >> Attorney at Law
> >
> > I'm intrigued as to what the "Esq." in your From address indicates?
>
> In the U.S., Esq. (short for 'Es
>
> On Friday 20 October 2017 at 19:29:31, Anne P. Mitchell Esq. wrote:
>
>> Anne P. Mitchell,
>> Attorney at Law
>
> I'm intrigued as to what the "Esq." in your From address indicates?
>
> Please feel free to reply offlist if appropriate.
In the U.S., Esq. (short for 'Esquire') means speci
On Friday 20 October 2017 at 19:29:31, Anne P. Mitchell Esq. wrote:
> Anne P. Mitchell,
> Attorney at Law
I'm intrigued as to what the "Esq." in your From address indicates?
Please feel free to reply offlist if appropriate.
Thanks,
Antony.
--
90% of networking problems are routing problems.
>
> Hi,
>
> Another email from a whitelisted mailchimp address that contains malware.
>
> https://pastebin.com/ay83iWjC
>
> It's also not tagged when not whitelisted, and I hoped someone had
> some ideas on what further can be done to block it.
>
> Complicating things, it's in Italian.
>
>
On 10/19/2017 08:15 PM, Alex wrote:
On Thu, Oct 19, 2017 at 6:22 PM, Bill Cole
wrote:
On 19 Oct 2017, at 17:59 (-0400), Alex wrote:
Hi,
On Thu, Oct 19, 2017 at 4:04 PM, Bill Cole
wrote:
On 19 Oct 2017, at 15:38 (-0400), Alex wrote:
Third day, third set of false-negatives (20 this time)
MailChimp allows their clients to send links to MailChimp-hosted zipped
malware. This is negligence at best, criminal at worst.
Sent from ProtonMail Mobile
On Thu, Oct 19, 2017 at 10:00 PM, David Jones wrote:
> On 10/19/2017 02:38 PM, Alex wrote: > Hi, > > On Thu, Oct 19, 2017 at 12:32
> PM,
Hi,
On Thu, Oct 19, 2017 at 10:35 PM, Bill Cole
wrote:
> On 19 Oct 2017, at 21:15 (-0400), Alex wrote:
>
>> Why wouldn't you just run the sample I provided through spamassassin
>> again?
>
>
> 1. I have no way of knowing what your LOCAL configuration is but I'm certain
> that it is substantially
>> Why wouldn't you just run the sample I provided through spamassassin
>> again?
>
> 1. I have no way of knowing what your LOCAL configuration is but I'm certain
> that it is substantially unlike any I would put into production use. It
> includes rules not in the standard set, short-circuits at le
On 19 Oct 2017, at 21:15 (-0400), Alex wrote:
Why wouldn't you just run the sample I provided through spamassassin
again?
1. I have no way of knowing what your LOCAL configuration is but I'm
certain that it is substantially unlike any I would put into production
use. It includes rules not in
On Thu, Oct 19, 2017 at 6:22 PM, Bill Cole
wrote:
> On 19 Oct 2017, at 17:59 (-0400), Alex wrote:
>
>> Hi,
>>
>> On Thu, Oct 19, 2017 at 4:04 PM, Bill Cole
>> wrote:
>>>
>>> On 19 Oct 2017, at 15:38 (-0400), Alex wrote:
>>>
Third day, third set of false-negatives (20 this time) whitelisted
>
On 19 Oct 2017, at 17:59 (-0400), Alex wrote:
Hi,
On Thu, Oct 19, 2017 at 4:04 PM, Bill Cole
wrote:
On 19 Oct 2017, at 15:38 (-0400), Alex wrote:
Third day, third set of false-negatives (20 this time) whitelisted
through mailchimp
https://pastebin.com/6vkxNXxX
I had removed the mcsv.net b
Hi,
On Thu, Oct 19, 2017 at 4:04 PM, Bill Cole
wrote:
> On 19 Oct 2017, at 15:38 (-0400), Alex wrote:
>
>> Third day, third set of false-negatives (20 this time) whitelisted
>> through mailchimp
>>
>> https://pastebin.com/6vkxNXxX
>>
>> I had removed the mcsv.net but forgot mcdlv.net. It's still
Hi,
On Thu, Oct 19, 2017 at 4:00 PM, David Jones wrote:
> On 10/19/2017 02:38 PM, Alex wrote:
>>
>> Hi,
>>
>> On Thu, Oct 19, 2017 at 12:32 PM, Alex wrote:
>>>
>>> Hi,
>>>
>>> On Thu, Oct 19, 2017 at 10:54 AM, Reindl Harald
>>> wrote:
Am 19.10.2017 um 16:50 schrieb Alex:
>
>
>
On 19 Oct 2017, at 15:38 (-0400), Alex wrote:
Third day, third set of false-negatives (20 this time) whitelisted
through mailchimp
https://pastebin.com/6vkxNXxX
I had removed the mcsv.net but forgot mcdlv.net. It's still not being
tagged properly without the whitelisting.
That one hit USER_I
On 10/19/2017 02:38 PM, Alex wrote:
Hi,
On Thu, Oct 19, 2017 at 12:32 PM, Alex wrote:
Hi,
On Thu, Oct 19, 2017 at 10:54 AM, Reindl Harald wrote:
Am 19.10.2017 um 16:50 schrieb Alex:
My bayes is trained such that most marketing emails are bayes99. I've
also now removed mcsv.net from the wh
Hi,
On Thu, Oct 19, 2017 at 12:32 PM, Alex wrote:
> Hi,
>
> On Thu, Oct 19, 2017 at 10:54 AM, Reindl Harald
> wrote:
>> Am 19.10.2017 um 16:50 schrieb Alex:
>>>
>>> My bayes is trained such that most marketing emails are bayes99. I've
>>> also now removed mcsv.net from the whitelist and see it
Hi,
On Thu, Oct 19, 2017 at 10:54 AM, Reindl Harald wrote:
> Am 19.10.2017 um 16:50 schrieb Alex:
>>
>> My bayes is trained such that most marketing emails are bayes99. I've
>> also now removed mcsv.net from the whitelist and see it resulted in 70
>> messages from mcsv.net being caught today, all
Hi,
>> Another email from a whitelisted mailchimp address that contains malware.
>>
>> https://pastebin.com/ay83iWjC
>>
>> It's also not tagged when not whitelisted, and I hoped someone had
>> some ideas on what further can be done to block it.
>>
>> Complicating things, it's in Italian.
>>
>> I'v
On 17 Oct 2017, at 15:42, David Jones wrote:
How did Mailchimp respond to your abuse report? If they quickly
handled it, then I see no need to remove them from the local
whitelist. They have a serious interest to keep their reputation
intact so they should handle this rogue customer of their
We have a server-side filter that drops MC into "/Junk/massmail/", being a
folder we train people to ignore, unless they are looking for something
specific. We do reject any massmail that links to scripts or zipped stuff.
Blacklists and whitelists play no role whatsoever here.
Sent from ProtonM
On 10/17/2017 02:14 PM, Alex wrote:
Hi,
Another email from a whitelisted mailchimp address that contains malware.
https://pastebin.com/ay83iWjC
It's also not tagged when not whitelisted, and I hoped someone had
some ideas on what further can be done to block it.
Complicating things, it's in I
Hi,
Another email from a whitelisted mailchimp address that contains malware.
https://pastebin.com/ay83iWjC
It's also not tagged when not whitelisted, and I hoped someone had
some ideas on what further can be done to block it.
Complicating things, it's in Italian.
I've reported it to MailChimp
30 matches
Mail list logo
