Re: [mailop] Malware waves from hotmail.com

On Fri, 2021-06-04 at 18:08 -0500, Scott Mutter via mailop wrote: > On Fri, Jun 4, 2021 at 1:24 PM Michael Peddemors via mailop > wrote: > > With apache, you can use modsecurity quite easily, and you can block all > > azure (and other cloud providers ranges) from certain services like > >

Re: [mailop] U.S. DoJ will elevate rasonware attacks to the same priority as terrorism

While I know that this is a different administration I’d still like to note that when it was happening to non profits and hospitals this wasn’t the response. But mess with our oil or beef? No, the U.S. will not abide by that! > On Jun 4, 2021, at 1:26 PM, Kevin A. McGrail via mailop > wrote:

Re: [mailop] Malware waves from hotmail.com

On Fri, Jun 4, 2021 at 1:24 PM Michael Peddemors via mailop < mailop@mailop.org> wrote: > With apache, you can use modsecurity quite easily, and you can block all > azure (and other cloud providers ranges) from certain services like > wordpress, or contact forms etc.. (you can even do dns based

Re: [mailop] U.S. DoJ will elevate rasonware attacks to the same priority as terrorism

On Fri, 2021-06-04 at 16:26 -0400, Kevin A. McGrail via mailop wrote: > I thought this news was very welcome today: > > https://twitter.com/RichardEscobedo/status/1400529641065140225 > > “The U.S. Department of Justice is elevating investigations of > ransomware attacks to a similar priority as

Re: [mailop] Malware waves from hotmail.com

On 2021-06-04 at 10:35:26 UTC-0400 (Fri, 4 Jun 2021 16:35:26 +0200) Martin Flygenring via mailop is rumored to have said: Have anyone found a good way to block these using SpamAssassin? We tried to make some rules, but it's hard to make any with that gibberish and short subject and body.

[mailop] U.S. DoJ will elevate rasonware attacks to the same priority as terrorism

I thought this news was very welcome today: https://twitter.com/RichardEscobedo/status/1400529641065140225 “The U.S. Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused

Re: [mailop] Malware waves from hotmail.com

> -Original Message- > From: mailop On Behalf Of Michael Peddemors via > mailop > Sent: Friday, June 4, 2021 2:24 PM > To: mailop@mailop.org > Subject: Re: [mailop] Malware waves from hotmail.com > > With apache, you can use modsecurity quite easily, and you can block all > azure (and

Re: [mailop] Malware waves from hotmail.com

With apache, you can use modsecurity quite easily, and you can block all azure (and other cloud providers ranges) from certain services like wordpress, or contact forms etc.. (you can even do dns based checks or rbldnsd) .. Unless desktop in the cloud becomes more prevalent, you should make

Re: [mailop] Malware waves from hotmail.com

On Fri, 2021-06-04 at 11:45 -0500, Scott Mutter via mailop wrote: > Not to hijack this thread and send it off-topic, but I'm also seeing a lot > of brute force attempts (mostly WordPress login attempts) from various and > wide-ranging subnets of Microsoft IPs. > > Has Microsoft's network been

Re: [mailop] Malware waves from hotmail.com

Not to hijack this thread and send it off-topic, but I'm also seeing a lot of brute force attempts (mostly WordPress login attempts) from various and wide-ranging subnets of Microsoft IPs. Has Microsoft's network been compromised? On Fri, Jun 4, 2021 at 10:46 AM Jörg Backschues via mailop <

Re: [mailop] Malware waves from hotmail.com

On 04.06.21 at 10:20h Bjoern Franke wrote via mailop: since several weeks we are getting several mails a day from hotmail.com users with subjects like "fob xt k xerhc", an attached malware PDF like [1] and adressed to ~200 recipients. The good thing is, that the patterns are very clearly

Re: [mailop] Malware waves from hotmail.com

Have anyone found a good way to block these using SpamAssassin? We tried to make some rules, but it's hard to make any with that gibberish and short subject and body. The rule we made initially looked at the length of the body. It was good at catching these, but unfortunately it also got some

Re: [mailop] protection.outlook.com refusing to accept mail with misleading temp error message

Dnia 4.06.2021 o godz. 09:07:09 yuv via mailop pisze: > What is more important is that intentional or not, this behavior is > detrimental to internet email and has to stop before internet email > becomes even more irrelevant. How many shops and other services have > you visited that have

Re: [mailop] protection.outlook.com refusing to accept mail with misleading temp error message

On Fri, 2021-06-04 at 11:16 +0200, Jaroslaw Rafa via mailop wrote: > Sometimes, just out of curiosity, I'm checking MX-es for eg. Internet > shops in which I shop or other entities I communicate with. Most of > them have e-mail hosted by their hosting companies (at least MX > points to the hosting

Re: [mailop] [EXTERNAL] Re: protection.outlook.com refusing to accept mail with misleading temp error message

Hi, Jay Hennigan via mailop wrote on 02.06.21 at 23:39: Allowing such queries would be giving quite a bit of information to potential bad guys. honestly don't know what is better. The majority of DNBLs can be queried publicly, and I could imagine for those who really aim hard, simply

Re: [mailop] protection.outlook.com refusing to accept mail with misleading temp error message

Dnia 3.06.2021 o godz. 22:59:18 yuv via mailop pisze: > > What volume of maiboxes is handled by the three biggest service > providers in your country? Not talking free consumers services. It > has been a long time since I have dealt with another business whose > mailboxes were not handled by

[mailop] Malware waves from hotmail.com

Hi, since several weeks we are getting several mails a day from hotmail.com users with subjects like "fob xt k xerhc", an attached malware PDF like [1] and adressed to ~200 recipients. Mabye we should consider blocking all outbound servers of Microsoft because some part of their network is