Hashemian Blog
Web, Finance, Technology, Running

A Better Way to Fight Scam Calls

by @ 8:22 pm
Filed under: social — Tags: ,

The usual advice on handling scam calls has been to not answer unknown caller id’s or hang up immediately and to not interact, lest the scammers will flag the number as live and will call it more often.

However, a recent extensive study out of NC State has confirmed what I’d always suspected and that is the scammers pay scant attention to if and how the calls are answered and blindly keep on calling. That means they fire up their auto-dialers, sequentially calling numbers and connecting the answered calls to agents regardless of past history.

I get plenty of these calls myself with the immediate telltale sign being a local but unknown caller id. If I have some time to kill, I pick up the call, go through the initial robot IVR qualification steps and when the live agent finally comes on, I just waste their time.

There are plenty ways to waste scammers' time. You can hang up after the initial greeting, talk gibberish, ask them to wait a minute and set the phone down, or just go along pretending that you are interested in whatever junk they are peddling. The scammers are pretty savvy in recognizing time-wasters and hang up rather quickly, but by then you have wasted a bit of their time.

Now If everyone wasted a few seconds of the scammers’ time, that can add up quickly to a substantial loss to them with the effort not justifying the potential gains. That should drive some if not the majority of the scam call centers out of business.

So, go ahead and answer the scam calls. Every time you waste a scammer’s time, there’s the satisfaction of knowing that it might have saved a vulnerable person from falling victim or at least from being annoyed.

From Sendmail To G Suite Gmail

by @ 1:04 pm
Filed under: email,google — Tags: , ,

In a previous post I covered updating my self-hosted Sendmail program to the newest version with some additions such as TLS 1.2 and DKIM. The version 8.15.2 at the time of my update was nearly five years old.

Interestingly, less than two months after my update Sendmail released a new version 8.16.1 . Now it must have been a coincidence that after 5 years of hibernation Sendmail decided to release a new version only a few weeks after I had gone to the trouble of updating my install but I wasn’t about to go through the pain of building, testing and deploying the new version and all its supporting components again.

Sendmail is a rock solid MTA and I could have happily stayed with the 8.15.2 version, but as I had mentioned in that blog post there were bigger concerns about continuing to self-host an email server. I was simply burned out from combating spammers and hackers and since all my emails (including uncaught spam) were forwarded to Gmail, my server’s reputation with Google wasn’t exactly stellar.

The time had come to end self-hosting and migrate to cloud hosting and G Suite was the perfect platform. G Suite by Google is one of several cloud products that companies can migrate their online presence to, including email service for their entire organization.

In my case that decision was even easier since I already had an unused free legacy G Suite account that had been languishing for many years. The legacy account has many limitations compared to the paid versions but it was good enough to proceed with the migration.

I configured hashemian.com as an alias domain for the G Suite account and created two users to handle the 55 or so email addresses. Each user can have a maximum of 30 email aliases which is why two users were needed. After adding all the aliases to the users, I logged into Gmail with each user account and configured them to forward all incoming emails to my regular Gmail account and then to delete those emails.

The final step was to the configure the DNS MX records and emails bound for hashemian.com started to flow to the G Suite users and subsequently to my regular Gmail inbox.

Since my Sendmail install was no longer used to receive email, I blocked it from all outside traffic to stop all spam attempts from external hosts. Scanning the maillog file proved that all spam activity directed at my server had come to a halt which also had a nice side effect of significantly lowering the stress on my server.

Sendmail isn’t completely gone from my server. It’s still used to send out all internal and web page generated messages. At this point I can fully disable it and use a lightweight outbound SMTP program such as ssmtp, msmtp, or nullmailer to submit emails via Gmail’s SMTP relay service. Perhaps some day that may happen, but for now Sendmail is working fine sending outbound messages without much stress on the server, so there’s little reason for me to fully terminate it.

After over 10 years with Sendmail, it was time to hand the email service reigns over to the cloud and so far the only regret is not doing it sooner. My server isn’t the only one benefiting. I also have a lot less stress since the migration.

* G Suite is now known as Google Workspace.

Super Organic Raspberries

by @ 7:36 pm
Filed under: health — Tags: ,

Hiking has a lot of benefits, but if done at the right time, at the right place and with a bit of attention, treasures like this super organic cluster of raspberries can be had for the price of zero.

No rinsing required!

Does It Make Sense To Self-Host Mail Server?

by @ 9:51 pm
Filed under: email,internet — Tags: ,

I have operated hashemian.com for over 2 decades now, earlier on hosted servers and eventually on my own server. During that time the domain has also been email capable, accepting and delivering emails sent to/from addresses such as [email protected] This was also originally hosted but was eventually ported to my own server. The product of choice for hosting my own mail server (MTA) has been Sendmail. At one time Sendmail was the king of the hill. It's still in use today, albeit vastly eclipsed by other products such as Exim and Postfix, as can clearly be seen here.

Years ago I would use email clients such as Squirrelmail to read emails but eventually for the sake of convenience I configured Sendmail to forward all @hashemian.com emails to my Gmail account. With Gmail I also gained great spam detection but there are also potential adverse effects in forwarding emails. One drawback is Gmail could and in fact does block access from my server, especially if a few too many emails are forwarded. Gmail does not recognize that the forwarded emails are from various original senders and instead assume all the emails originate from my server and takes punitive measures against what it perceives to be an abusive server. This periodic blacklisting has been happening for years now and I’m sure it doesn’t bode well for my server’s reputation.

421 4.7.28 [XXX.XXX.XXX.XXX] Our system has detected an unusual rate of unsolicited mail originating from your IP address. To protect our users from spam, mail sent from your IP address has been temporarily rate limited. Please visit https://support.google.com/mail/?p=UnsolicitedRateLimitError to review our Bulk Email Senders Guidelines. - gsmtp

There are steps I can take to correct or at least mitigate this issue. One would be to identify and block spammers from my server and I do that from time to time when I find egregious activities. It helps, but it’s a manual chore and hardly efficient. Another would be utilizing products such as Fail2ban and SpamAssassin to combat spammers at network and application levels. But that would mean more work for me in terms of configuring, tweaking, updating and patching, and I’m too lazy for that. Also instead of pushing emails to it, I can have Gmail pull emails utilizing IMAP or POP. But that means maintaining another product such as Dovecot and opening ports on my server inviting additional exploit activity. No thanks, not at this time, even if those ports can be restricted to Gmail’s IP addresses only.

Recently I undertook the effort to build from source and update Sendmail to its latest available version 8.15.2 on my ancient but functional Fedora 14 server. As can be imagined it wasn’t a simple task, especially since I wanted to bring as many features of ESMTP aboard as possible, including support for STARTTLS on TLS 1.2. In some cases that meant hunting around for newer library source codes to build into Sendmail. The effort was an eventual success, specially after I installed and started the service and mail began to flow. Then to build on that momentum, I also added DKIM authentication to Sendmail by building and installing dkim-milter.

I must admit that even though the effort was successful it wasn’t really cause for celebration. The latest version of Sendmail, while stable and rock solid, is nevertheless 5 years old now, not as ancient as the kernel it’s running on but still pretty aged as software goes these days. Still doubtful I would have felt any better had I switched the MTA to the more modern Exim or Postfix.

Fact is times have changed and with cloud services maturing and prices falling, there’s little reason to maintain a server. Sure, there’s the educational aspect to it and some pride and autonomy, but it can be exhausting to keep up with all the updates and patches when you can spin up a fully loaded droplet on Digital Ocean for $5 or get cheap domain email service on G Suite or Office 365 (soon called Microsoft 365).

And with that in mind, I am slowly warming up to moving my domain’s email setup to my G Suite account. It’s an account I registered for years ago and thankfully Google has kept it free so far. It’ll be a bittersweet moment when I shut down Sendmail for the last time (although I may continue to use it for a bit longer for outbound messages) handing over the reigns to G Suite. I suppose one concern would be if on that same day Google will flip the existing free G Suite accounts to paid versions.

To be continued…

Powered by


Read Financial Markets  |   Home  |   Blog  |   Web Tools  |   News  |   Articles  |   FAQ  |   About  |   Privacy  |   Contact
Donate Bitcoin: 1K9TzBvQ2oaEb4tX9t2vKDtZouMcpfV6QF
paypal.me/rhashemian
© 2001-2020 Robert Hashemian   Powered by Hashemian.com