Archive for the ‘Spam’ Category

UCEPROTECT-NETWORK – another clever RBL..

Sunday, April 15th, 2007

After some complaints about mailserver blacklistings in the “UCEPROTECT-NETWORK level 1” blacklist I again spent a few minutes of investigating the issue and looking at their website. They seem to have no problem listing ISP mail relays after 1 or 2 misdirected mails from customer IPs and seem to have very “interesting” ideas about how mail should work and how they are going to police the net.. (read more below)


Messenger service “net send” spam is still around

Friday, December 1st, 2006

Even though the technique is more than four years old and everyone should have some sort of firewall in place or the windows messenger service disabled automatically during the Windows XP SP2 installation the “net send” spam seems to be still around. Some examples of these spam popups can be found on this site. If you have issues with this kind of spam you should really consider updating your system, installing some kind of (personal) firewall or follow these instructions.
I was wondering about UDP packets to port 1026 and 1027 on my firewall so I started to log them with tcpdump – that way I discovered that these were still spam messages. Inspecting the dumps there were quite a few reoccuring IP addresses that tried to deliver their “net send” popup spam crap (see below).