jump to navigation

Using Yahoo SBC Outbound mail and Sending Address May 24, 2008

Posted by paragonhost in Uncategorized.
Tags:
add a comment

If your using Yahoo SBC DSL and you are using your DSL providers “out bound” mail server (as you should be in most case’s) and you have a outside pop3 email acocunt with your own domain CustomerDomain.com and you wish to have your User@CustomerDomain.com email show up when sending email then :

Review the following Yahoo Mail setup and change the Name and Email you wish to have presented when others receive email from you:

http://help.yahoo.com/l/us/yahoo/mail/classic/manage/sendfrom-07.html

 

  1. Access Yahoo! Mail by logging in with your ID and password.
  2. Once you’re logged in, click Options in the upper-right area of the page, then click Mail Options.
  3. Under “Management”, click Mail Addresses.
  4. Click Add.
  5. In the Account Name field, enter a name for your own reference (for example, Work, School, My Domain, etc.) and click Continue.
  6. In the Name and Email fields, enter the name you want the person receiving email from this address to see, and the alternate email address you would like send mail from (we’ll send a confirmation code to this email address, which you’ll use to complete this setup).
  7. Click Continue in the lower-left corner.
  8. Next, you’ll see “Step 3 Setup Mail Server.” Click Skip this Step.
  9. On the next page, click the Send Verification button.

    This transmits a verification email from Yahoo! Member Services to the email address you just specified. Here’s the easiest way to complete your setup and start sending mail from the new address:

    1. Leave the “Verify Account” page open.
    2. Retrieve the email sent by Yahoo! Member Services to your alternate email address.
    3. Enter the “confirmation code” from this email into the Confirmation Code field in the “Verify Account” page in Yahoo! Mail.
    4. Click Verify Account.
    5. Sign in with your Yahoo! Password on the final page.
    6. Your alternate email address is now verified and can be used for sending emails through Yahoo! Mail or your email software.

Note: Every primary and secondary Yahoo! Mail ID can verify up to 10 alternate email addresses each.

Special notice for Outlook 2003 users: You might need to download a program update to resolve this problem. Please click here for detailed instructions.

phpFox DHTML Menu plus Arcade Mod Patch May 22, 2008

Posted by paragonhost in ParagonHost, Technology News.
Tags: , , , , , , , ,
add a comment
DHTML Menu + Games Patch

David C reported a problem in which, while using a DHTML menu, the menu goes behind the games when playing in the arcade.

If you need to use the DHTML menu, add the following to your arcade:

Open:

\design\templates\default\public\arcade.html

Find:

<object width=”{$pa.width}” height=”{$pa.height}”>

Change to:

<object width=”{$pa.width}” height=”{$pa.height}” wmode=”transparent”>

Then, find:

<param name=”movie” value=”file/arcade/swf/{$pa.file}”>

Below this, add:

<param name=”wmode” value=”transparent”>

And you’re done!

-Cit
 
  dsafley [2008.05.22 6:20:05 AM]
Cit,
 
RE: Konsort.org Arcade
RE: FW: DHTML Menu Mod (Solution found)
 
We are now using DHTML menus from David Choi / phpsns on http://www.MyClearSkin.net/portal
 
Citzen what we have noticed is, within your Arcade mod, if a user is playing a flash game, the DHTML menu is “behind” the flash window.
 
David C, found this solution in relation to html tags and adobe flash.
 
=====================================
 
Editing HTML code manually
To edit an existing HTML page, add the WMODE parameters to the HTML code.
 
Add the following parameter to the OBJECT tag:
 
<param name=”wmode” value=”transparent”>Add the following parameter to the EMBED tag:
wmode=”transparent”
 
=====================================
 
The entire solution is here:
 
 
Cit,
 
Can we add this to future release’s of Arcade so that it will work with David C. new DHTML menus?
 
If so,
 
Can I add the code to my current build and if so which file?
 
Thanks David C. for point this out..
 
Citizen,
 
Let me know…
 
Thanks!

XP AntiVirus - Fake AntiVirus Software / Howto: Remove May 16, 2008

Posted by paragonhost in Internet, Security Focus, Technology News.
Tags: , , , , ,
add a comment

XP Antivirus Protection AKA: XPAntivirus is fake antivirus software program. This program is typically known to infect a computer just after performing an install of specific video codec. This corrupted video codec is usually distributed with a Trojan, Malware and Virus. It is crucial to remove all the components of XP Antivirus and all malware and trojans such as zlob.trojan, trojan.vundo and trojan.downloader that may have been installed along with it. The following tutorial explains how to remove this XP Antivirus Protection.

 

How to remove XP Antivirus Protection:

  1. Navigate to Start-> Run, type cmd in the box and click Open
  2. In the command window, type regsvr32 /u shlwapi.dll and press Enter
  3. Next type regsvr32 /u wininet.dll and press Enter
  4. Next Press Ctrl + Shift + ESC
  5. Right click on XPAntivirus.exe from the processes window and select the option to end process
  6. Right click on XPAntivirusUpdate.exe from the processes window and select the option to end process
  7. Navigate to Start-> Search, then click on Files and Folders. Search for and delete the following files:
    1. XPAntivirus.exe
    2. XPAntivirusUpdate.exe
    3. shlwapi.dll
    4. wininet.dll
    5. XP Antivirus 2008.lnk
    6. Uninstall XP Antivirus 2008.lnk
    7. XP antivirus
    8. XPAntivirus.lnk
    9. Uninstall XPAntivirus.lnk
    10. XPAntivirus on the Web.lnk
    11. XPAntivirus.url
  8. Navigate to Start-> Run, type regedit in the box and click Open
  9. Delete XP antivirus in the following path: HKEY_USERS\Software\
  10. Restart your PC and everything should be back to normal

This entry was posted on Friday, February 22nd, 2008 at 6:26 pm and is filed under Windows Tips and Tricks.

Increase in NDR (Bounce) Messages (Backscatter) May 14, 2008

Posted by paragonhost in Hosting News, Internet, ParagonHost, Security Focus, Technology News.
add a comment

Increase in NDR (Bounce) Messages

 

Over the last several weeks there has been a major increase in the quantity of “backscatter” junk email - specifically, undeliverable email notices (also known as Non-Delivery Receipts).

 

This generally occurs when spammers ’spoof’ a valid domain as the supposed ‘From’ address of the junk mail messages. When the junk mail messages are sent to non-existent email addresses, the receiving mail server sends a bounce message to the supposed sender of that junk mail, i.e. to the unsuspecting domain that was spoofed. Given the very high volume of junk mail that spammers send, the unfortunate spoofed domain can see a large number of these bounce messages.

 

Unfortunately, there is no way to prevent a spammer from spoofing any email address that they want to use. (Techniques such as DKIM authentication or SPF will help identify those messages as spam, but they do not prevent the spammer from sending those messages in the first place.) Similarly, there is no way to prevent mail servers that receive these junk messages from sending bounce messages to that spoofed domain.

 

These bounce messages can be difficult for a spam filter to block, as these bounces generally look very similar to ‘legitimate’ bounce messages that people receive if they mistakenly send an email to a nonexistent address. Sometimes there is enough left over ’spammy’ content in the bounce messages that the messages can be identified as junk mail, but it generally does not make sense to block all bounce messages as an ongoing, long-term policy, due to the risk of blocking the occasional ‘legitimate’ bounce messages as well.

 

(TSB) TheSpamBusters.com has added a mechanism that allows us to temporarily block all bounce messages for a domain, so that if or when a domain has been spoofed, an administrator can simply change one setting in the web interface and all the bounce messages to that domain will be temporarily handled as junk mail. After a day or two (when the bounce messages subside), this setting can be disabled.

 

*** If you would like more information on how to protect scrub your email and add protection from Spam Mail before it reachs your computer, contact The Spam Busters a Service of ParagonHost, LLC (866) 412-HOST (467 8)

 

ParagonHost, LLC

http://www.ParagonHost.com

“World Class Internet Services”

(866) 412-HOST (467 8)

Bounced Email or Backscatter May 12, 2008

Posted by paragonhost in Hosting News, Internet, Internet Protection, Linux, Network 101, ParagonHost, Security Focus, Technology News, cPanel.
Tags: , , , , , , , , ,
add a comment

Bounced Email or Backscatter

April 28, 2008 10:07 AM

Email Bounces

In the past few weeks, we have seen a sharp rise in email bounces. These bounces are for emails that the person did not send. While there are many reasons you can get a bounce, the current wave appears to be a spamming technique where spammers spoof reply-to addresses.

Backscatter
Backscatter occurs when a Mail Transport Agent (aka email server) sends a bounce to a person who did not really send the email. Spam Links has a good description of Backscatter and why it happens. Essentially, someone is spoofing the Reply-To field in an email. They then send it to a mail server and it bounces not back to the sending server but to the Reply-To address. Thus you may receive hundreds of spam messages this way.

Symantec, in their April 2008 Spam Report, also noted an upward trend in backscatter attacks. So if you are seeing this issue, you are certainly not alone.

Backscatter Victim?
Unfortunately, there is little you can do. The protocols for email permit anyone to craft a Reply-To address. There is nothing you can do to force someone not to do it. There are some emerging tools that can help. SPF, sender policy framework, is a DNS based method to try to prevent email forgeries. Using DNS, you can specify what servers and IPs are allowed to send email from your domain. SPF can work very well, however, the technique is not widely adopted. Gmail, HotMail and some other major ISPs do use SPF records; however, using SPF alone will not prevent backscatter. The mail administrators must also configure their systems not to bounce emails that fail SPF tests.

If you are being bombarded by these bounces, you may be able to use your own spam filtering to drop the emails. They often have similar subjects, like failed delivery, Delivery Status Notification, or something similar. Typically the attack stops in 2-3 days.

Otherwise, you just have to keep deleting those emails.

Don’t Backscatter
A main source of backscatter is MTA’s that bounce email to unknown users. You should not bounce email that is sent to unknown users. On Plesk and Cpanel there are setting to reject/fail email to unknown users. On Ensim, there is a problem in that the system creates a default catch-all. From a management standpoint this is very poor. The default prevents you from rejecting email to unknown users. As a result, Ensim servers can become overloaded with dictionary-based email attacks. If your server does bounce emails, you could potential end up in RBLs like Spamcop.net, which not treats backscatter as spam.
Catch-22
Hackers are taking advantage of a key feature of email delivery. Bounces are important for system administrators as they are the first notification that something in the email systems may be awry. However, when they become hijacked by spammers, they become useless as you have to sort through the emails to find real bounces. As a result, some admins just route all bounces to the bit bucket. Disabling bounces can be dangerous however as they can give you an earlier indication if your system has been exploited by a spam bot. Many spammers use web based exploits to use your system to send out the messages. Disabling bounces or null-routing them prevents you from seeing these messages.

Headers, Headers, Headers
To determine if you are the victim of backscatter or if your server is really spamming, you have to analyze the email headers. If the headers do not contain your server as a source for the email, then backscatter is the cause.

Many attackers now spoof many headers in attempts to obfuscate the true sender, but with careful analysis you can often find the source.

Summary
If your inbox is full of those “Delivery Failure Notification” messages then you are likely seeing backscatter. Check the email headers and if the header nearest the bottom is not your server, then it is definitely backscatter.

Tags:

Posted by Jeff Huckaby on April 28, 2008 10:07 AM |

TrackBack

TrackBack URL for this entry:
http://www.rackaid.com/cgi-bin/mt/mt-tb.cgi/54

Comments (2)

Frank:

Three quick additions, SPF is actually about the envelope sender address (Return-Path, MAIL FROM), not the Reply-To address.

Receivers checking SPF hopefully reject a forged mail from, if it was spam that’s it. If it was no spam (erroneous sender policy or receiver rejected FAIL elsewhere, relevant for forwarding) the legit sender gets an error code, and will create a good bounce (non-delivery notification) for the user.

Spammers won’t reach many of their targets with an SPF FAIL protected address, and hopefully give up using an unprotected address after some time.

Posted by Frank | May 2, 2008 10:20 AM

Posted on May 2, 2008 10:20

Jeff Huckaby:

Thanks. I was being careless with my wording. I will make a clarification in the post.

For the backscatter issue, the field is the return-path field. For SPF, I am pretty sure most filters key off of the mail from header. So you could still spoof a reply-to even with SPF filtering provided the mail from headers were correct.

Currently, when we implement SPF filtering for a client, we reject all messages that have a hardfail. Also, on control panels like Plesk, we setup the default templates to include SPF records by default.

I suspect SPF’s ability to curtail spam will be short lived, but at least it should cut down on the email forgeries which are much more dangerous than the spam.

*** Back Scatter 101

http://spamlinks.net/prevent-secure-backscatter.htm

Bounces are messages, officially called non-delivery reports (NDR) or delivery status notifications (DSN), that are generated by a mail server to report on the delivery status of an email message.

Problems arise with bounces if they are sent by a mail server to a non-local recipient. If a message did not originate locally, then a mail server cannot know for sure if the address it is sending the bounce to is forged or not. This quickly leads to unsolicited “backscatter” (or more rarely “outscatter”), sent to sites that never originated the email.

 

Are there trademark issues related to the use of “Got” Marketing? May 9, 2008

Posted by paragonhost in Hosting News, Internet Protection, ParagonHost, Technology News, cPanel.
Tags:
add a comment

California Milk Processor Board Threatens PETA with trademark infringement over “Got Pus?”

After years of allowing numerous parodies (and even some similar third party trademark registrations) of its famous “Got Milk?” trademark, the California Milk Processor Board (”CMPB”) is threatening to sue People for the Ethical Treatment of Animals (”PETA”) over its use of the phrase “Got pus? Milk does.” on T-shirts, mugs, and other merchandise. See Associated Press article here.

In response to CMPB’s cease and desist letter, PETA’s lawyer wrote:

Your client cannot seriously contend that an appreciable number of consumers who see a T-shirt bearing the “Got Pus? Milk Does” slogan would be confused into thinking that your client is the source of the T-shirt, attempting to sell milk by letting the public know that when they drink milk they are also consuming pus.

So apparently, CMPB is ok with the myriad of “Got Milk?” ripoffs — so long as you don’t bash milk.


Source: http://www.vegastrademarkattorney.com/2007/12/california-milk-processor-board.html

Managed Hosting: http://www.ParagonHost.com
cPanel Hosting - GotCpanel.com: http://www.GotcPanel.com