Jaz (IFTAS)
jaz :twt: :wales_flag:
just small circles 🕊
Jaz (IFTAS) and 2 others boosted
Social Web ISAC
@sw_isac@mastodon.iftas.org  ·  activity timestamp 2 days ago

The following modified Mastodon servers are a collection of automated accounts that create ~15,000 posts per day with the intent to generate traffic to related ad-farm web sites, using scraped and republished content.

pubeurope[.]com
newsbeep[.]org
theater[.]im

If your service prohibits uncurated bots, #spam, and/or inauthentic activity, we recommend you review your federation policy for these domains.

Learn more: https://connect.iftas.org/library/iftas-documentation/spam-fediverse-services/
Social Web ISAC
@sw_isac@mastodon.iftas.org  ·  activity timestamp 2 days ago

The following modified Mastodon servers are a collection of automated accounts that create ~15,000 posts per day with the intent to generate traffic to related ad-farm web sites, using scraped and republished content.

pubeurope[.]com
newsbeep[.]org
theater[.]im

If your service prohibits uncurated bots, #spam, and/or inauthentic activity, we recommend you review your federation policy for these domains.

Learn more: https://connect.iftas.org/library/iftas-documentation/spam-fediverse-services/

deutrino
deutrino boosted
clawfulneutral
@clawfulneutral@soc.port0.org  ·  activity timestamp 3 days ago
clawfulneutral
@clawfulneutral@soc.port0.org  ·  activity timestamp 3 days ago
alcinnz
Cory Doctorow
alcinnz and 1 other boosted
Jan Wildeboer 😷:krulorange:
@jwildeboer@social.wildeboer.net  ·  activity timestamp 2 weeks ago
#NerdTalk Wow. A multi-step, sophisticated way of spoofing emails that pass SPF, DKIM, DMARC. Hardcore.

"And most importantly, the key trick is that you can put anything you want in the App Name field in Google"

Le sigh. That's where they put the email text. In the App Name field. Google can fix this by sanitising input better.

https://easydmarc.com/blog/google-spoofed-via-dkim-replay-attack-a-technical-breakdown/

#Spam#Phishing#MailAdmin

Stefano Marinelli
Russ Sharek
Stefano Marinelli and 1 other boosted
Peter N. M. Hansteen
@pitrh@mastodon.social  ·  activity timestamp last week

The BIG MAIL operators disappear valid mail. We have all seen it happen.

I am pondering starting a campaign to collect war stories with as much log data and other relevant data as possible in order to write an article which may
evolve to something else.

If you have potentially useful input, I want to hear from you.

#mail #smtp #bigmail #runyourown #antispam #spam #disappearingmail #smallmail
Peter N. M. Hansteen
@pitrh@mastodon.social  ·  activity timestamp last week

The BIG MAIL operators disappear valid mail. We have all seen it happen.

I am pondering starting a campaign to collect war stories with as much log data and other relevant data as possible in order to write an article which may
evolve to something else.

If you have potentially useful input, I want to hear from you.

#mail #smtp #bigmail #runyourown #antispam #spam #disappearingmail #smallmail
Mark Wyner Won’t Comply :vm:
@markwyner@mas.to  ·  activity timestamp 2 weeks ago

⚠️ SCAM WARNING ⚠️

We’re getting blasted by a bot-driven barrage of accounts requesting Palestine aid.

These are the avatars being used, and account names look like this:

Mahmoud│⟪Hear Our Cries⟫
Mahmoud│⟪Feed Our Hunger⟫
Mahmoud│⟪Dry Our Tears⟫

The person in the photo may be real, but the accounts are not. They use signature spam methods.

Report, block, and DO NOT give money. Many already have. This is theft from real Palestinians.

#Scam#Spam#Alert #Mastodon#Palestine#Gaza
Mark Wyner Won’t Comply :vm:
@markwyner@mas.to  ·  activity timestamp 2 weeks ago

Follow-up note…

There are lots of legitimate accounts on Mastodon that are seeking aid for Palestinians. This warning does NOT imply that they’re all scams. I am only warning about this one particular pattern.

Use your judgment about any mutual aid account. Please only heed my warning specifically about this particular pattern of accounts. The names/avatars here are the flags you should look for.

Give aid to legitimate folks who need it. 🙌🏻

#Scam#Spam#Alert #Mastodon#Palestine#Gaza
Mark Wyner Won’t Comply :vm:
@markwyner@mas.to  ·  activity timestamp 2 weeks ago

⚠️ SCAM WARNING ⚠️

We’re getting blasted by a bot-driven barrage of accounts requesting Palestine aid.

These are the avatars being used, and account names look like this:

Mahmoud│⟪Hear Our Cries⟫
Mahmoud│⟪Feed Our Hunger⟫
Mahmoud│⟪Dry Our Tears⟫

The person in the photo may be real, but the accounts are not. They use signature spam methods.

Report, block, and DO NOT give money. Many already have. This is theft from real Palestinians.

#Scam#Spam#Alert #Mastodon#Palestine#Gaza
Mitex Leo
@ml@mitexleo.one  ·  activity timestamp 2 weeks ago

🚨 Spam Alert

#spam #fedispam #fediverse

The image shows a screenshot of a social media application interface, specifically Mastodon, with a black background. At the top, the time is displayed as 7:41, along with various status icons such as a clock, signal strength, and battery level. The main content is a post from a user named "Fou," with two replies from Mastodon. The first reply, from Mastodon, is timestamped 57 minutes ago and reads: "Important Account Verification: We've updated our security policies requiring all users to verify their accounts. Our system shows yours remains unverified: mastodon.netprocesse.com/mx/p/... Complete this now to avoid service interruptions. Mastodon Support Team." The second reply, from another Mastodon account, is timestamped 29 minutes ago and states: "We've implemented new security measures requiring all users to verify their accounts. Our system indicates your verification is still pending. Complete your verification now: mastodon.netprocesse.com/mx/p/... Your account privileges may be restricted without completion. We appreciate your immediate action on this matter. Mastodon Verification Team." At the bottom, there is a reply prompt from a user named "gavinisdie" with the handle "[@]gavinisdie[@]masto.ai," timestamped 23 minutes ago. The interface includes typical social media interaction icons such as reply, share, like, and bookmark.
The image shows a screenshot of a social media application interface, specifically Mastodon, with a black background. At the top, the time is displayed as 7:41, along with various status icons such as a clock, signal strength, and battery level. The main content is a post from a user named "Fou," with two replies from Mastodon. The first reply, from Mastodon, is timestamped 57 minutes ago and reads: "Important Account Verification: We've updated our security policies requiring all users to verify their accounts. Our system shows yours remains unverified: mastodon.netprocesse.com/mx/p/... Complete this now to avoid service interruptions. Mastodon Support Team." The second reply, from another Mastodon account, is timestamped 29 minutes ago and states: "We've implemented new security measures requiring all users to verify their accounts. Our system indicates your verification is still pending. Complete your verification now: mastodon.netprocesse.com/mx/p/... Your account privileges may be restricted without completion. We appreciate your immediate action on this matter. Mastodon Verification Team." At the bottom, there is a reply prompt from a user named "gavinisdie" with the handle "[@]gavinisdie[@]masto.ai," timestamped 23 minutes ago. The interface includes typical social media interaction icons such as reply, share, like, and bookmark.
The image shows a screenshot of a social media application interface, specifically Mastodon, with a black background. At the top, the time is displayed as 7:41, along with various status icons such as a clock, signal strength, and battery level. The main content is a post from a user named "Fou," with two replies from Mastodon. The first reply, from Mastodon, is timestamped 57 minutes ago and reads: "Important Account Verification: We've updated our security policies requiring all users to verify their accounts. Our system shows yours remains unverified: mastodon.netprocesse.com/mx/p/... Complete this now to avoid service interruptions. Mastodon Support Team." The second reply, from another Mastodon account, is timestamped 29 minutes ago and states: "We've implemented new security measures requiring all users to verify their accounts. Our system indicates your verification is still pending. Complete your verification now: mastodon.netprocesse.com/mx/p/... Your account privileges may be restricted without completion. We appreciate your immediate action on this matter. Mastodon Verification Team." At the bottom, there is a reply prompt from a user named "gavinisdie" with the handle "[@]gavinisdie[@]masto.ai," timestamped 23 minutes ago. The interface includes typical social media interaction icons such as reply, share, like, and bookmark.
Mitex Leo
@ml@mitexleo.one  ·  activity timestamp 2 weeks ago

🚨 Spam Alert

#spam #fedispam #fediverse

The image shows a screenshot of a social media application interface, specifically Mastodon, with a black background. At the top, the time is displayed as 7:41, along with various status icons such as a clock, signal strength, and battery level. The main content is a post from a user named "Fou," with two replies from Mastodon. The first reply, from Mastodon, is timestamped 57 minutes ago and reads: "Important Account Verification: We've updated our security policies requiring all users to verify their accounts. Our system shows yours remains unverified: mastodon.netprocesse.com/mx/p/... Complete this now to avoid service interruptions. Mastodon Support Team." The second reply, from another Mastodon account, is timestamped 29 minutes ago and states: "We've implemented new security measures requiring all users to verify their accounts. Our system indicates your verification is still pending. Complete your verification now: mastodon.netprocesse.com/mx/p/... Your account privileges may be restricted without completion. We appreciate your immediate action on this matter. Mastodon Verification Team." At the bottom, there is a reply prompt from a user named "gavinisdie" with the handle "[@]gavinisdie[@]masto.ai," timestamped 23 minutes ago. The interface includes typical social media interaction icons such as reply, share, like, and bookmark.
The image shows a screenshot of a social media application interface, specifically Mastodon, with a black background. At the top, the time is displayed as 7:41, along with various status icons such as a clock, signal strength, and battery level. The main content is a post from a user named "Fou," with two replies from Mastodon. The first reply, from Mastodon, is timestamped 57 minutes ago and reads: "Important Account Verification: We've updated our security policies requiring all users to verify their accounts. Our system shows yours remains unverified: mastodon.netprocesse.com/mx/p/... Complete this now to avoid service interruptions. Mastodon Support Team." The second reply, from another Mastodon account, is timestamped 29 minutes ago and states: "We've implemented new security measures requiring all users to verify their accounts. Our system indicates your verification is still pending. Complete your verification now: mastodon.netprocesse.com/mx/p/... Your account privileges may be restricted without completion. We appreciate your immediate action on this matter. Mastodon Verification Team." At the bottom, there is a reply prompt from a user named "gavinisdie" with the handle "[@]gavinisdie[@]masto.ai," timestamped 23 minutes ago. The interface includes typical social media interaction icons such as reply, share, like, and bookmark.
The image shows a screenshot of a social media application interface, specifically Mastodon, with a black background. At the top, the time is displayed as 7:41, along with various status icons such as a clock, signal strength, and battery level. The main content is a post from a user named "Fou," with two replies from Mastodon. The first reply, from Mastodon, is timestamped 57 minutes ago and reads: "Important Account Verification: We've updated our security policies requiring all users to verify their accounts. Our system shows yours remains unverified: mastodon.netprocesse.com/mx/p/... Complete this now to avoid service interruptions. Mastodon Support Team." The second reply, from another Mastodon account, is timestamped 29 minutes ago and states: "We've implemented new security measures requiring all users to verify their accounts. Our system indicates your verification is still pending. Complete your verification now: mastodon.netprocesse.com/mx/p/... Your account privileges may be restricted without completion. We appreciate your immediate action on this matter. Mastodon Verification Team." At the bottom, there is a reply prompt from a user named "gavinisdie" with the handle "[@]gavinisdie[@]masto.ai," timestamped 23 minutes ago. The interface includes typical social media interaction icons such as reply, share, like, and bookmark.
Peter N. M. Hansteen
@pitrh@mastodon.social  ·  activity timestamp 2 weeks ago

Following up on previous, the LinkedIn discussion revealed that there are people who have not heard about greylisting.

So here is my 2012 piece with updates, "In The Name Of Sane Email: Setting Up OpenBSD's spamd(8) With Secondary MXes In Play - A Full Recipe" https://nxdomain.no/~peter/in_the_name_of_sane_email.html

#spamd #antispam #spamd.conf #OpenBSD #blocklists #blacklists #greytrapping #greylisting #spam