Fake, Fake, Fake

A large part of the Internet is fake! What? Yip, emails, websites, mobile app store, social networking plugins and apps, banking, etc. All fake. Because there are a lot of clever people out there trying to con you out of money or whatever else they can. With 1.8 Billion current Internet users ( 5.1 Million in SA ), that’s a lot of potential revenue.

84% of the 250 Billion emails sent across the Internet on a daily basis is spam ( 17 out of 20 ). And a lot of those have phishing and pharming content – emails that masquerade as coming from legitimate companies and sites in a bid to get you to divulge personal security information like account numbers, passwords and PIN codes, by clicking on malicious links.

A recent phishing email purported to be from Standard Bank and in fact, it’s likely the clever scammers behind this email, and the subsequent website, had actually ‘stolen’ the website code from SB directly in a bid to make their fake site look as legitimate as possible. The only point at which one could see that there was a problem is if you inspected the code behind the Internet Banking login page. At the point of submitting your login details, these would be sent to the scammers system instead of SB.

  • Emails regularly request that you click on links to confirm your banking or other account details, leading to your information being snapped up by scammers
  • The SSL certificates used in securing access to websites with encrypted communications ( between your browser and the site ) have periodically been subjected to hacks, resulting in a system that’s not entirely foolproof
  • DNS poisoning tricks pollute DNS results meaning that it could look like you’re on the site you’re expecting but the actual content is coming from elsewhere
  • Google, and other search engine, results are regularly polluted with pharming information resulting in redirections to fake sites
  • A large percentage of well-known websites have malicious packages embedded in those sites, causing drive-by infections of visiting users
  • The latest trick is to put up complete fake App Stores ( eg. Apple and Android ),  causing those who normally stick to official app stores, to become  victims of fake sales of apps for their mobile devices

To say it’s the Wild Wild West out there is putting it very mildly indeed. Understatement of the century! It’s vitally important that Internet users safeguard themselves with the best defence possible: Logic

Logic will allow one to look at a piece of information objectively and determine the validity of that information. No matter if you’re Spock ( logic personified ) or Rembrandt ( artistic with not a shred of logic in your bones ), take the time to look at the information you’re presented and based on the idea that you expect to be fooled, try to determine the validity of that information as best you can. Assume the worst, and you’ll increase your chances of detecting malicious attempts at being conned.

Safe surfing!

Email woes and etiquette

Based on issues that a client of mine has had in recent times with email, I decided to resurrect and rehash my XStore IT Bulletin no. 1 from July 2006.

One of the biggest issues with email is the lack of understanding of how it works. In addition, the requirement to implement anti-spam solutions falls foul of the lack of etiquette and/or knowledge of most email senders. Most email users don’t understand that their misuse ( due to ignorance or lack of knowledge ) of email solutions directly impacts the smooth operation of email systems. The more misuse, the more issues there are.

And so it’s in everyone’s interest to learn how to use email properly and effectively. What are the main issues?

The 1st cardinal sin is the forwarding of emails without merit. Chain emails are often carriers of virus and malware, and as such, the forwarding of these emails, directly impacts the security of your recipients.

The 2nd major issue is formatting of emails. This includes content, subject lines and addressing. Anti-spam solutions look at all these areas  to make a decision as to whether they think an email is spam or not.

3rd is the idea ( and expectation ) that email systems offer guaranteed delivery. SMTP ( the protocol used to send email ) was never designed with guaranteed delivery in mind. Although mechanisms were built-in to work around Internet and system failures, delivery of emails is a haphazard affair. The fact that it works well most of the time is a testament to the original specification’s quality, and additions that have been made since then. However, don’t assume that if you send an email, that it will received. And don’t count on it for critical business or life-threatening situations.

How does email work?

When you send email from your email application, it will travel as follows:

  • from your desktop to your sending/outgoing server ( you may have one at your business or use your ISP’s )
  • from your business email server or ISP to the recipient’s email server
  • the recipient then reads the email off their server

Along the way, there are a number of checks done, both by your sending server and by the receiving server. Your server would for example, make sure that the recipient domain ( @domain.co.za ) exists. The recipient server would perform a number of anti-spam checks.

Spam is an unfortunate reality of life when it comes to email usage. There are a number of ways we can reduce the spam volume received everyday using our email servers without negatively impacting our users.

a. Anti spam engine

Anti spam engines such as SpamAssassin and PureMessage work using a multitude of modes and tests including header and text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases. A score is calculated based on these tests and if that score exceeds a preset value, the email is tagged as spam.

b. DNS blocklists ( RBL / DNSBL )

When an email is received, the email server checks the name of the sending server. If that name exists on a preset database ( there are many of these on the Internet ), the email is blocked or rejected.

c. Content filtering

Checks can be done on the header and body contents of emails to find specific instances of words, characters or phrases. If found, the email is blocked or rejected

d. Grey listing

When an email is received with a first time combination of sender, recipient and sending server, the email is temporarily rejected. On retry the email will be accepted. The basis for this mechanism is the fact the very few spam servers would resend an email.

Email servers can deal quite effectively with spam but one needs to make use of all the available options to combat this problem. The flip side is that we need to take care when sending emails, as this will assist the server actions that are taken.

Here are some basic ideas that one should use when sending email:

  • do not forward chain letters or suspicious emails
  • do not cc recipients in a general email, use bcc instead – most recipients do not want their email addresses being seen by others and in addition this is a security hazard ( most email clients automatically add cc’d address in received emails to their address books; a subsequent virus infection on one those recipients would then be sent to everyone in their address book )
  • only use cc where a recipient is directly required to respond to your email
  • do not respond to unsubscribe requests in spam
  • never reply to spam
  • use text email where possible instead of rich text email with pictures, etc.
  • clearly think about the contents of email with respect to spam filters and the like
  • check the size of an email before sending it – many companies do not have much Internet bandwidth and these emails
  • might be blocked or filtered as a result
  • check with your IT support if you’re unsure whether an email address is valid or not
  • make use of filters in your email client to filter out spam
  • learn about the built-in anti-spam features in your email client
  • make use of good email etiquette – you are representing your company
  • do not use your business email address to subscribe to websites on-line unless they are business-related

There is much more to email etiquette and use; if you’d like to know more, please check the following links:

http://www.emailreplies.com/

http://iwillfollow.com/email.htm

The misuse and incorrect use of email systems can directly cause one to receive more spam and security-related emails, so it’s in your interest to learn how to use email more effectively and safely.

eMailStor launched

The eMailStor service was launched last week! Currently being provided as a welcome addition to our existing clients, it has been quite an exciting time. We’ve got a real issue to solve, and that is the constraining controls that most ISPs are imposing on their clients in terms of sending email. Not without merit though seeing as they have to protect both themselves and their other clients. But it does mean that those with more than a handful of staff or the requirement for customised email solutions ( eg. large volume ), will no longer find their ISP a useful mechanism in sending email.

eMailStor was born out of the requirement to solve issues relating to the sending of email such as:

  • sending email from high risk networks ( eg. dynamic ADSL networks )
  • rate control by ISPs on their relays
  • incorrect classification of valid business email as spam
  • limited control of businesses over their email usage
  • listing on blocklists

At eMailStor, we’ve put the following products together:

eMailStor Relay

  • email rate and volume control ( quotas ) per domain and/or per user
  • email address and domain aliases/forwards
  • mailing lists
  • bandwidth control
  • standards compliant
  • alternate port connections if your ISP blocks port 25
  • weekly and/or monthly reports on domain and user usage

eMailStor Mailbox

  • IMAP/POP3 storage for domains up to 500 users
  • customisable storage quotas  per domain and/or per user
  • email client agnostic
  • send and receive using any connection type ( ADSL, Leased Line, Wireless, Cellular )
  • access your email anywhere with any client and device
  • real-time and dns blacklists
  • Anti-Spam / Anti-Virus controls
  • greylisting removes 90%+ of all Spam
  • white-list your regular recipients
  • daily backups of your IMAP email

eMailStor BackupMX

  • peace of mind for those running their own email servers
  • provides email, to your domain, a temporary store should your system go off-line/become unavailable
  • spooling up to 7 days
  • custom white-list on your email platform for our BackupMX so your email is transferred correctly once your system becomes available

eMailStor Storage

  • Internet-based storage pools
  • access via a web browser or your OS file explorer
  • use like a local drive and store your documents, photos and wotnot
  • daily backups of your data

eMailStor Web

  • virtual web hosting with PHP, FastCGI and Perl support
  • daily backups
  • secure ftp access to your web store

So if you need a customised email solution or your ISP is giving you the run-around, drop me an email and we’ll get you back on track asap.

www.emailstor.co.za

New email service coming from XStore and SilcomIT

ISPs have recently been getting very strict in terms of email usage on their ADSL networks and have implemented quota management for outbound email when using their smtp relays. As a result, a client could:

  • have email rejected once a certain threshold is reached ( eg. 30 emails per sender per hour )
  • be disconnected from the internet once a 2nd higher threshold is reached

This obviously causes serious issues for those who deal with marketing emails, emailing lists and generally a higher usage than what the ISPs allow. I’ve already seen 2 clients this week be disconnected from the  internet due to UBE ( unsolicited bulk email ) notices.

As a result, XStore and SilcomIT are combining under the name of EmailStor to offer a relay service for all clients who need a customised service for sending email. The service will be available from this week coming and will include a myriad of additional email features like:

  • selectable rate and storage quotas per domain and/or per user
  • mailing lists
  • forwarding/bounces ( eg. single to multiple – simple mailing list )
  • aliases

The sequence is currently:

user -> company email server -> ISP relay -> recipient server

this will change to:

user -> company email server -> EmailStor relay -> recipient server

The system is still being built as we speak but will have initial relay services available from next week. Additional services and features will come on-line in the next few weeks.

In addition, we will be offering other internet services:

  • email hosting with POP3 and IMAP support
  • backup email service
  • web hosting
  • ftp/data storage
  • dns hosting

We’re busy putting the website, pricelists and business documentation together – this will be available from tomorrow and we’ll send out an email explaining the service.

Note, to limit the possibility of UBE being sent from your network ( eg. from a virus-infected PC ), please consult XStore to make sure your firewall allows ( and has enabled ) the ability to block outbound smtp traffic from all internal computers except your mail server.