The problem with these hacked accounts is that they are really coming from the yahoo and aol servers. The accounts get compromised (probably a sideswipe), the hacker logs in and then sends the message from the "good" servers.
On Wed, Jan 19, 2011 at 12:20 AM, Thomas Eckardt <[email protected] > wrote: > yahoo sends only mails with a DKIM siganture. > aol has SPF records for SPF v1 and v2 > > aol.com text = > > "v=spf1 ptr:mx.aol.com ?all" > aol.com text = > > "spf2.0/pra ptr:mx.aol.com ?all" > > > Thomas > > > > > Von: K Post <[email protected]> > An: ASSP development mailing list <[email protected]> > Datum: 18.01.2011 16:23 > Betreff: [Assp-test] Block URL only emails with special message? > > > > > We're seeing more and more aol and yahoo accounts that are whitelisted get > hacked. Then we see email messages with only a url in them that get > through > our filters. > > We could easily create a strict bomb that rejects emails with only URL's > in > them. The problem with that is that our users get legitimate emails from > time to time with only a URL and we wouldn't want them rejected. These > URL's aren't in the URIBL. > > I was thinking of some way of rejecting messages with a different error > message, maybe something like "Messages only with URL's are prohibited. > Please resend your email with more information" or something like that. > This would need to be implemented though. > > Any other thoughts of how to use existing v2 functionality to handle this? > > Thanks > > ------------------------------------------------------------------------------ > Protect Your Site and Customers from Malware Attacks > Learn about various malware tactics and how to avoid them. Understand > malware threats, the impact they can have on your business, and how you > can protect your company and customers by using code signing. > http://p.sf.net/sfu/oracle-sfdevnl > _______________________________________________ > Assp-test mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/assp-test > > > > > DISCLAIMER: > ******************************************************* > This email and any files transmitted with it may be confidential, legally > privileged and protected in law and are intended solely for the use of the > > individual to whom it is addressed. > This email was multiple times scanned for viruses. There should be no > known virus in this email! > ******************************************************* > > > > > ------------------------------------------------------------------------------ > Protect Your Site and Customers from Malware Attacks > Learn about various malware tactics and how to avoid them. Understand > malware threats, the impact they can have on your business, and how you > can protect your company and customers by using code signing. > http://p.sf.net/sfu/oracle-sfdevnl > _______________________________________________ > Assp-test mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/assp-test > > ------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
