" spam Archives - HIPAA News, Web & Email Security Tips & News - Plus More | LuxSci
LuxSci

Posts Tagged ‘spam’

Should I click on this crazy looking URL?

Thursday, November 2nd, 2017

Read the rest of this post »

Save Yourself From “Yourself”: Stop Spam From Your Own Address

Friday, September 22nd, 2017

I just got junk email … from me!

It is surprisingly common for users to receive Spam email messages that appear to come from their own address (i.e. “joe@domain.com” gets a Spam email addressed so it appears to be from “joe@domain.com”).  We discussed this issue tangentially in a previous posting: Bounce Back & BackScatter Spam – “Who Stole My Email Address”?  However, many users wonder how this is even possible, while others are concerned if their Spam filters are not catching these messages.

Spam from your own email address

How can Spammers use your email address to send Spam?

The way that email works at a fundamental level, there is very little validation performed on the apparent identity of the “Sender” of an email.  Just as you could mail a letter at the post office and write any return address on it, a Spammer can compose and send an email address with any “From” email address and name.  This is in fact extremely easy to do, and Spammers use this facility with almost every message that they send.

Read the rest of this post »

Does secure email make you more vulnerable to spam and viruses?

Monday, August 28th, 2017

Read the rest of this post »

Why am I still getting spam at my old email provider?

Wednesday, January 18th, 2017


This question came in through “Ask Erik:”

Hi Erik,

I came across your article entitled Split Domain Routing: Getting Email for Your Domain at Two Providers while trying to figure out why one of the people in the small 3 person company I am affiliated with got a call from our web hosting and domain name company asking him to increase his email storage capacity even though we had migrated our email service away from them 2 years ago and at that time had redirected our DNS MX records to our new email provider.

When I looked at my colleague’s email on the old service, I saw that he is still receiving spam mail there even though he is getting all his business mail through the new provider. How is it possible that he gets any mail at the old place at all now? I think the money he paid them is a completely ripoff as that is not his working email! Unfortunately I am the only one of the 3 of us that understands any of this…and that isn’t saying much. Thanks for any thoughts.

Hello!  This is actually quote a common scenario.  If you do not close down your account with your old email provider, then that provider will usually still accept inbound email addressed to you which arrives at its servers.

Read the rest of this post »

How do I fix the reputation of my IP address?

Tuesday, April 19th, 2016


It happens — you’re sending email messages without issue, and then suddenly they’re not being delivered, or they’re being tagged as spam.  A little digging reveals that the problem is that your “IP reputation” is now poor, and you need to fix it somehow.

This is our latest “Ask Erik” question, from Angelo Correa or Living Legacy, Inc.

How do I fix the reputation of my IP address?

What is IP Reputation?

Email service providers (e.g. AOL, Gmail, LuxSci) and email filtering systems (e.g. Barracuda, McAfee, Proofpoint, SenderScore) collaborate on and track the sending of unwanted email in order to reduce the blight of email spam that continues to plague the Internet.  Some of the significant factors that they track include:

  1. Quantity of email sent from your IP address
  2. The spam-like characteristics of these messages (based on spam filter analysis)
  3. The number of spam complaints by recipients of these messages
  4. The number of messages sent to invalid recipients or honey pots. Honey pots are email addresses that do not belong to real people and only exist as traps for senders who have acquired these email addresses via web site scraping or some other illegitimate manner.

Put together, these factors end up determining the reputation of that IP address with respect to the sending of email messages.  If the reputation becomes poor, then spam filters will start to quarantine or reject your messages, resulting in poor deliverability.

Read the rest of this post »

Infographic: Steps to Avoiding Forged Email

Friday, February 12th, 2016


Forged emails are extremely common. Most of the time forged emails are merely a nuisance.However, if you accidentally share information with or click on a link from someone who sent a forged email, the results can devastate your goal or even your site, or if it’s really evil, an entire computer. Here’s some information about how to recognize and stop forged emails.

How to Avoid Forged Email: Forged Email Facts & SPF Significance

Avoiding Forged Email. Significance of SPF

Read the rest of this post »

Train your Filters with Bayesian Email Filtering

Tuesday, November 17th, 2015

LuxSci’s Basic Spam Filtering service has just been augmented to include Bayesian analysis.  with Bayesian analysis, each user can train his/her own Spam filters with examples of what that user considers “Spam” and “not Spam”.  With enough examples, Bayesian analysis allows for the classification of new messages by their likelihood to be Spam or not and this drastically  increases the accuracy of your Spam filtering.

All users of LuxSci’s Basic Spam Filtering system get Bayesian analysis at no additional charge — all you have to do is (1) enabled it and then (2) train it.

Read the rest of this post »

Stopping Forged Email 2: DKIM to the Rescue

Monday, February 23rd, 2015

We have recently looked at how hackers and spammers can send forged email and then seen how these forged messages can be almost identical to legitimate messages from the purported senders.  In fact, we learned that generally all you can trust in an inbound email message is the internet IP address of the server talking to your inbound email server — as this cannot realistically be forged in any way that would still enable you to receive the message.

In our last post in this series, we examined how SPF can be used to help weed out forged email messages based on validating if a message was sent by an approved server by looking at the IP address delivering the email message to you.  We found that while SPF can work, it has many significant limitations that cause it to fall far short of being a panacea.

So — besides looking at the sending server IP address — what else can we do to determine of a message was forged?

It turns out that there is another way — through the use of encryption techniques and digital signatures — to have the sender’s servers transparently “sign” a message in a way that you can verify upon receipt.  This is called DKIM.

DKIM – Domain Keys Identified Mail: A Simple Explanation

DKIM stands for “Domain Keys Identified Mail” … or, re-writing this more verbosely, “Domain-wide validation Mail Identity through use of cryptographic Keys”.  To understand DKIM, we need to back up for a second and look at what we mean by “cryptographic keys” and how that can be used.

Read the rest of this post »

8 Ways to Protect yourself from Forged/Fake Email

Monday, January 26th, 2015

The Internet is rife with fake and forged email.  Typically these are email messages that appear to be from a friend, relative, business acquaintance, or vendor that ask you to do something.  If you trust that the message is really from this person, you are much more likely to take whatever action is requested — often to your detriment.

These are forms of social engineering — the “bad guys” trying to establish a trusted context so that you will give them information or perform actions that you otherwise would not or should not do.

Here we address some of the actions you can take to protect yourself from these attacks as best as possible.  We’ll present these in the order of increasing complexity / technical difficulty.

Read the rest of this post »

8 Factors Governing your IP Reputation: Increasing Email Marketing Deliverability

Monday, January 12th, 2015

Getting your email marketing messages into your recipient’s INBOXes is key to a successful mailing campaign.  This is “deliverability.” One of the central factors governing the deliverability of your messages is the reputation of the Internet Protocol (IP) Address of your sending email server — its “IP Reputation.”

Here you can learn how to manage 8 factors that affect your server’s IP Reputation in order to maximize your reputation and increase the number of eyeballs that see your marketing email messages.

But first, you may want to check to see if you are on any common blacklists using mx toolbox.

Read the rest of this post »