Recent Entries
Topics
Recommended links

RSS icon Subscribe

» View my profile
Technorati

del.icio.us My links on del.icio.us

Tags
antivirus application security auditing botnets breaches cloud computing DNS encryption forensics humor interesting intrusion prevention Linux Malware marketing network pdf pentest phishing php Privacy rant reference security education software spam ssl standards sysadmin tool tools trends ubuntu Virtualization virtualization security vmware vulnerabilities web web application security webappsec web security windows Windows security wireless xss

Archive for 'Email security' Category

SpamAssassin p0f plugin catches bot spam

25 July 2007

Most spam right now originates from compromised Windows desktop systems. Bot herders are more than happy to sell or rent a few thousand infected Windows home computers to spammers.

If only there was a way for a mail server to detect when a Windows XP box is the source of [...]

Read the rest of this entry...
 

Posted by D Webber Filed in Email security
6 Comments »

Nasty little bug in Gnu Privacy Guard (GPG)

8 March 2007

Time to upgrade if you use Gnu Privacy Guard to encrypt or sign email or files.

It turns out that if you prepend unencrypted text to a GPG-signed (or signed and encrypted) file, when the file is decrypted by GPG the prepended text is spit out immediately followed by the decrypted plaintext. There is with no [...]

Read the rest of this entry...
 

Posted by D Webber Filed in Email security
1 Comment »

Blocking image spam with FuzzyOCR

10 September 2006

Image spam has been growing lately. Spam where the scumbags hide their advertising for bogus products and scams inside an image file is nothing new, but it’s been steadily rising for the past several months, especially for pump-and-dump stock scams.
To reduce it for one of our clients, we added the FuzzyOCR plugin to SpamAssassin on [...]

Read the rest of this entry...
 

Posted by D Webber Filed in Email security
Comments Off

Postfix now supports milter

17 August 2006

This is not quite breaking news, but I thought it worth noting that the latest production version of the Postfix mailer now officially supports the Sendmail "milter" API. This opens the world’s best mailer to a world of added functionality that previously was restricted to the Sendmail MTA.
Personally I’m conflicted about this. On the positive [...]

Read the rest of this entry...
 

Posted by D Webber Filed in Email security
2 Comments »

A simple tool to track and control spammers

21 April 2006

You trustingly sign up on a web site using your valuable main e-mail address, get what you need then forget about it.

Weeks later, spam starts arriving with details you provided in that registration. The web site lied! They did sell your registration info to some scumbag or are spamming you themselves.

There is a feature supported by almost all mail servers that lets you give out a unique e-mail address to anyone who asks, yet have messages all wind up in your regular e-mail box. No more checking web mail accounts! Further, if your mail administrator allows blocking, if the address is abused you can forever reject mail to that address before it gets in.

Read the rest of this entry...
 

Posted by D Webber Filed in Best practices, Email security
Comments Off


Article contents copyright © Advosys Consulting Inc. Comments are copyright of the author
Icons courtesy Wikimedia Commons and are copyright of their authors.