Hashemian Blog
Web, Finance, Technology, Running

Gawker's Hack, Spammers' Treasure

by @ 11:40 pm
Filed under: hacking — Tags: , ,

Today, out of curiosity, I downloaded the hacked Gawker files from The Pirate Bay. I'm not sure if I broke any laws by doing that, but I was only interested in checking out their PHP source files. You can learn a lot by looking at production code other than your own.

While my intentions were harmless, I'm sure many others downloaded the files for more sinister purposes. I was blown away by the size and scope of the membership file dumps. There are thousands and thousands of records of login name, passwords and emails. One of the first things the bad guys will do is to try breaking into the members' bank accounts, email accounts, and Facebook, Twitter, Amazon, and eBay accounts since many tend to use the same password everywhere online.

I hope people change their passwords quickly enough to mitigate the damage from the criminals, but there is one damage that will be hard to contain, and that is the sheer number of valid emails that spammers will promptly exploit.

Granted, most emails appear to mysteriously land in spammers' databases almost as soon as they're created. Nevertheless, even those users who guard their emails tooth and nail, had better be ready. If they had a Gawker account, they will be getting valuable offers from a number of spammers real soon.

1&1 Missing SPF Record

by @ 11:08 pm
Filed under: email — Tags: , , , , ,

One of my Web applications is hosted on 1&1 and it generally performs fine except for one problem. I have the application set up to send me emails based on certain events and I have noticed that some of those emails land in my spam folder. Here's why.

The problem with applications on 1&1 shared hosting (and maybe other hosting companies) is that outbound emails undergo Sender Rewriting Scheme (SRS) which changes the return path in the mail envelope to a domain owned by 1&1. For example the return path is changed from me@mydomain.com to SRS0=pikB=NE=mydomain.com=me@srs.perfora.net and the email is launched from one of the 1&1 email servers, for example a server at ip address 74.208.4.194.

Since I don't own the domain srs.perfora.net, I can't add that ip address to the list of authorized senders. A quick SPF record check for srs.perfora.net shows the following:

"v=spf1 ip4:217.160.230.0/25 ?all"

This is telling other servers that any @srs.perfora.net email originating from 217.160.230.0/25 is legitimate, and all others may or may not be spam. And so receiving servers could route incoming emails from unknown ip addresses to spam folders and that is what's happening in my case.

I contacted 1&1 support regarding this issue, but they replied that spf record is not
supported for 1&1 domains and referred me to this link.

So at this point I have no choice but to check my spam folders frequently looking for misidentified emails. And if you have a 1&1 hosted application that sends emails, be warned. Those emails could be landing in your users' spam folders.

And finally to 1&1, the time to fix this issue is way overdue, and it's so simple to fix.

1&1 Missing SPF Record

by @ 11:08 pm
Filed under: email — Tags: , , , , ,

One of my Web applications is hosted on 1&1 and it generally performs fine except for one problem. I have the application set up to send me emails based on certain events and I have noticed that some of those emails land in my spam folder. Here's why.

The problem with applications on 1&1 shared hosting (and maybe other hosting companies) is that outbound emails undergo Sender Rewriting Scheme (SRS) which changes the return path in the mail envelope to a domain owned by 1&1. For example the return path is changed from me@mydomain.com to SRS0=pikB=NE=mydomain.com=me@srs.perfora.net and the email is launched from one of the 1&1 email servers, for example a server at ip address 74.208.4.194.

Since I don't own the domain srs.perfora.net, I can't add that ip address to the list of authorized senders. A quick SPF record check for srs.perfora.net shows the following:

"v=spf1 ip4:217.160.230.0/25 ?all"

This is telling other servers that any @srs.perfora.net email originating from 217.160.230.0/25 is legitimate, and all others may or may not be spam. And so receiving servers could route incoming emails from unknown ip addresses to spam folders and that is what's happening in my case.

I contacted 1&1 support regarding this issue, but they replied that spf record is not
supported for 1&1 domains and referred me to this link.

So at this point I have no choice but to check my spam folders frequently looking for misidentified emails. And if you have a 1&1 hosted application that sends emails, be warned. Those emails could be landing in your users' spam folders.

And finally to 1&1, the time to fix this issue is way overdue, and it's so simple to fix.

Powered by


Read Financial Markets  |   Home  |   Blog  |   Web Tools  |   News  |   Articles  |   FAQ  |   About  |   Privacy  |   Contact
Donate Bitcoin: 1K9TzBvQ2oaEb4tX9t2vKDtZouMcpfV6QF
paypal.me/rhashemian
© 2001-2019 Robert Hashemian   Powered by Hashemian.com