I've heard from a few sources that people who have previously signed up to Jobsike.co.uk have been receiving massive amounts of Spam starting just today. This leads me to believe that Jobsite.co.uk's database has been stolen and now many members are being spammed from what appears to be job offers from Jobsite.co.uk. Of course there is no message or anything on the Jobsite website so for now nothing can be confirmed, however this does look like it's almost confirmed.

The IPs being used for this are not those of Jobsite. They look like compromised home computers, most probably running the award winning operation system called Windows...

Of course this would be a different issue they would at least use SPF records, and I don't mean that Softfail lame stuff that makes SPF completely useless.... this is their current record:

and the ~all means "hey I have SPF but I don't use it". Hopeless.

I have been receiving some spam from authenticated hotmail users lately, so I thought it could be useful to report it to them. Remembering some of the Microsoft logic I decided to use the Bing search engine to find out what kind of process they may have set up for the common people to use. Of course I did this because they do not respond to the recommended "abuse@domain.tld" addresses, they are above that sort of thing anyway.

I finally found this very informative page on how to report spam to hotmail and I think "what if I click the link titled How to report abusive e-mail with full headers to MSN?". So I do just that, and guess what, it's a link to a a page titled Dealing with Pornography Online, and the page does not even contain any information on how to deal with porn online... . It's the same for the link to the page that is supposed to explain how to identify if the mail has been sent using their systems. It's hopeless.

It seems I spoke to soon, they have taken note of my email, however their auto replies have been blocked because the ACK emails are sent from misconfigured SMTP servers:

I of course set up some stuff to at least be able to see where this goes.. .. I will update this article when they send the actual response.

These days it is very easy to get your emails blocked and very difficult to reach anyone for an explanation, however after searching for ideas I found some things for Postini (email spam filtering company bought by google). Now it seems they are impossible to contact but they do have a tool too analyze Postini email headers, I am not yet sure how helpful it is.

From a false positive (my personal account to my work account (Postini scanned)):

Postini has a page with some long and boring concise and exciting explanations which in this case did not seem to fit the scenario. From what I understand the line X-pstn-settings shows a bunch of letter codes which correspond to tests, the ones that cause flagging should be capitalised. In this case none are, but still I'm spam.

After playing with my Postini user settings (and un-quarantining my mail) I sent another mail to my Postini filtered account:

The only differences are the "S" score in X-pstn-levels and of course the X-pstn-addresses. The S being the Spam score, and all the other points being the same, I am having a hard time guessing what has changed. The one thing that I see in the first header is [db-null] next to my (fake) email, which means I was not in the postini user's allowed recipients, now I am.

It's a complicated situation these days, you can't just write an email to someone saying your father has left you money that you cannot move out of the country and easily recruit people you have personally chosen to setup a Western Union money wormhole for you. You must be approved by your interlocutor in order to send them an email.

Stupid anti spam services, that is the future of the Internet, everyone delegating their email filter (and comment filtering as well) to third parties. Well guess what is happing people, the filtering systems are lazy and now it's simple: If your domain does not generate enough traffic or is not "important" enough then your emails just get junked. Done. You can be as careful as you want, as strict as you can possibly be it does not matter. After 8 years of operating my mail server, not 1 spam has been sent and yet my emails get tagged and junked half the time while at the same time I receive so much spam from actual verified hotmail accounts (that have been hacked of course) as well as from other domains.

What can you do ? For starters you can contact your email provider, tell them you would like to know how their filters work, on what basis does a domain become a suspected spam source ? Ask if you can change the level of filtering and such (I offer this to my users, they chose if they filter and to what extent). Oh but wait, because it's all free (and you are too cheap to consider email services worth any of your money) I don't think you have ANY say in that. So maybe you could get a real email service, you know the thing that you pay for and that owes you some kind of service and such things. I only say this because I have sent many emails to hotmail and apart from the auto-replies I have received nothing. The situation has changed, back in the olden days I'd get the AOL people on the phone and we'd solve things (like adding my static home IP to their whitelist), (never thought I'd say anything good about AOL).

So there are now 2 solutions for me, 1. give up and get a gyahoomail account, or 2. or start rejecting emails from servers/domains who don't have any respect for proper SMTPing. This is the price of a privatised Internet.

You know those lists that determine what IPs should be blocked from mail servers ? Well, maybe the idea at one point was interesting (maybe not)... . I realized today that I'm again on a couple of lists, nothing major, I realized this because an email I tried to send was blocked. After investigation it appears that these would be the among the different reasons:

• Dynamic IP (which is not true of course)
• Someone on the same netblock sent a "bad" email .... in November !!!
• A server on my netblock bounced an email
• I bought a can of SPAM and I'm sure they know about it

Some of those lists are like "Minority Report", like aspews.org who base their list on "preventive" action, meaning you don't have to have done anything wrong to be listed.. It's like when you get stopped and searched just because you're... .. you know. read more about apews and it's origins

But people are allowed to use lists, of course.. . feel free... however you might want to compare, oh because some will require payment for delisting (or a huge amount of time), some don't care.. . so be careful if you do use lists, you can compare them if you want, and/or check if/where your IP is listed

If you are using Spamassassin you may edit "/etc/spamassassin/local.cf" and add:

Yah, basically I just decided that I HATE THOSE LISTS, they are just there because people are to lazy to properly configure their servers, many don't even respect the basics. I noticed that many mail servers, and I'm talking about corporate mail servers don't even know how to properly issue the "HELO" command !!! So I'm currently testing a couple of settings, if you have Postfix you can also try:

It's amazing how much crapmail is rejected before being sent to any filter or mailbox lookup, and this is just because the proper BASIC configuration hasn't been met..

Another tip from workaround.org (please follow this link for full implementation info):

This feels alot better, so much cleaner is the postqueue and happy I am. As for the list guys/gals, I'm sure there are plenty of them with very good intentions and such but they can still go screw themselves because they contribute to enabling crappily configured servers to function and disabling legitimate emails from properly configured mail servers... . Of course this does not change the fact that my emails might still be unjustifiably rejected by mail servers using RBL/DNSBL but at least I'm not a part of it..

One MX at a time.