RANT: Spam and Sonic.net

General discussions and other topics.
148 posts Page 5 of 15
by patty1 » Thu May 15, 2014 12:54 pm
Kelsey, I'm glad to hear that there's hope on the horizon for dealing with the latest spam flood. The default Sonic settings are definitely not working well these days. I've tightened up my SA settings and also added some things to my .procmailrc, but as you say, that shouldn't be necessary. And even with those changes, I'm still getting 8-12 spam messages per day, up from a handful per week until a couple of months ago.
by kgc » Thu May 15, 2014 1:52 pm
Are they from a consistent sender or ISP?
Kelsey Cummings
System Architect, Sonic.net, Inc.
by jneal » Thu May 22, 2014 9:09 am
I've been getting a bunch of these types of spam with virus attachments over just he past couple of months. None of them are even addressed to me so I don't know how they show up in my mailbox. (my address isn't fsheffer@sonic.net) Anyone know how this is possible? I can't possibly guess which domain they'll spoof next time to blacklist them.
I don't know what to do other than kill my 10 year old email address and try to transfer all my contacts over to another sonic address.

Code: Select all

Return-Path: <aspirinspn4@auktionshaus-mustermann.com>
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on c.spam.sonic.net
X-Spam-Level: ***
X-Spam-Status: No, score=3.6 required=5.0 tests=DCC_CHECK,DCC_REPUT_99_100,
        FSL_HELO_NON_FQDN_1,HELO_NO_DOMAIN,HTML_MESSAGE,RDNS_NONE autolearn=disabled
        version=3.3.2
Received: from d.mx.sonic.net (d.mx.sonic.net [69.12.208.73])
        by c.spam.sonic.net (8.14.4/8.14.4) with ESMTP id s4LGJsOp011423
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
        Wed, 21 May 2014 09:19:54 -0700
Received: from PNLTMKAVPT ([81.181.34.67])
        by d.mx.sonic.net (8.13.8.Beta0-Sonic/8.13.7) with ESMTP id s4LGJiMV019843;
        Wed, 21 May 2014 09:19:51 -0700
From: "Latasha Garner" <aspirinspn4@auktionshaus-mustermann.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_05A00A6E-9B3A-09B1-5A7C-A4D455BEC200"
Subject: present movies invite
Message-Id: <81D61AE6-5743-6A2E-0662-7B82D2329B5A@auktionshaus-mustermann.com>
Date: Wed, 21 May 2014 15:20:36 +0200
To: <fsheffer@sonic.net>
Mime-Version: 1.0 (Mac OS X Mail 6.5 \(1508\))
X-Mailer: Apple Mail (2.1508)
X-Spam: Not detected
X-Mras: Ok
X-Sonic-SB-Tests:  ID_Perm
X-Sonic-SB-IP-RBLs: IP RBLs .


Hello! 

There are three invitations to the cinema in the attached document. 
Time: Sun, 13:50. 
- 
Faithfully yours, Latasha. 


 Tickets_mov.zip 
by wa2ibm » Thu May 22, 2014 9:51 am
I run my own mail server, so I'm not too familiar with how SA works, but maybe SA or Sonic has a setting to allow them to reject mail from servers whose IP address doesn't resolve back to a name such as this case:

Received: from PNLTMKAVPT ([81.181.34.67])

I have my server set up to reject connections from any source that doesn't resolve through RDNS. Tons of things are rejected that way.
by cdkeen » Thu May 22, 2014 10:56 am
jneal wrote:I've been getting a bunch of these types of spam with virus attachments over just he past couple of months. None of them are even addressed to me so I don't know how they show up in my mailbox. (my address isn't fsheffer@sonic.net) Anyone know how this is possible?
Your address was BCC'd which is why the to: header field has fsheffer@sonic.net but you received the message.
cdkeen - Sonic.net System Operations
by jneal » Thu May 22, 2014 2:15 pm
cdkeen wrote:
jneal wrote:I've been getting a bunch of these types of spam with virus attachments over just he past couple of months. None of them are even addressed to me so I don't know how they show up in my mailbox. (my address isn't fsheffer@sonic.net) Anyone know how this is possible?
Your address was BCC'd which is why the to: header field has fsheffer@sonic.net but you received the message.
Thanks, cdkeen, I can't remember ever getting BCC'd so it didn't occur to me. So obvious now. :oops:
by patty1 » Thu May 22, 2014 4:04 pm
kgc wrote:Are they from a consistent sender or ISP?
No, the spam making it through to my inbox is from many different sources.
by tensigh » Fri May 23, 2014 6:22 am
I've added tons of blacklist/whitelist subjects and I got some spams in my inbox. The spammers have definitely learned how to get past the spam filters at Sonic.
by Gene F. » Fri May 23, 2014 2:08 pm
My strategy is to keep the spam from getting on to Outlook on my PC. I've disabled the Sonic account there, and will use Sonic's Webmail. Since these malware attachments are targeted at Windows, I just use my smartphone and iPad to screen them. It will do until Sonic can get a handle on this. I've very sure the staff at sonic are working hard on it but are maintaining "radio silence" for the time being.

I've gotten about 5 "court appearance" malware emails since this morning.

I had thought I was being targeted, but found out from support someone is going wild firing these off.

I'm very sure this will be dealt with.

Gene
by xanuser » Sun May 25, 2014 8:11 am
im wondering how everyone's alternate email boxes are doing on the spam influx? for me the only address getting spammed is my main sonic username account, the others seem to be handling it fine.
148 posts Page 5 of 15

Who is online

In total there are 24 users online :: 1 registered, 0 hidden and 23 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: Google [Bot] and 23 guests