On Mon, 21 Apr 2014 16:44:52 -0500, Eric Johnson <[log in to unmask]> wrote:
>We've had a flurry of subscribers dropped. An assortment ... yahoo,
>sbcglobal, rogers, frontier ...
>
>All the requests that I've dealt with have the error message:
>
>- The last reported error was: 5.0.0 554 Message not allowed -
>[PH01] Email not accepted for policy reasons. Please visit
>http://postmaster.yahoo.com/errors/postmaster-27.html [120]
This is a separate problem from the Yahoo.com DMARC problem, even though the
error is reported for attempted delivery to a *@yahoo.com address, or one of
the many other domains like sbcglobal.com, rogers.com, etc. that are actually
handled by Yahoo.
These are spam emails coming with 'Forged From:' addresses, so far all from:
[log in to unmask] The Subject: lines are like "Hi! News" or "Fw: News" or
"Fw: Re:" The email consists of 2-3 lines, in this format:
--------------
Hi!
News: http://(spam URL) (NEVER Click on these!)
[log in to unmask]
--------------
These are all spam. But although the From: address says [log in to unmask], the
mail in fact did not come from aol.com servers. It comes from other servers.
(It is exactly to overcome/prevent this very same problem that Yahoo
implemented the DMARC Reject setting on mail from *@yahoo.com. There is a
good chance that AOL may decide to do the same. But this time LISTSERV ready
for them.)
I don't know if this is related to the 'heartbleed' OpenSSL bug, or whether or
not any AOL user accounts have actually been 'hacked'. It would be a good
idea anyway for all *@aol.com users to change their login password now. And
change it again in a month.
The fix is similar to the Yahoo.com DMARC problem. Except, instead of setting
*@aol.com users to NOPOST, you set them to REVIEW. If they post a legitimate
list message, you approve it and it goes to your list. If it is one of these
clever spams, you discard the message and keep that From: address on REVIEW.
If it is from someone on your list that you have never before heard of, you
can consider deleting them from your list.
A good first line of defense is that your list should always be set so that
new subscribers are always automatically on REVIEW when they join:
Default-Options= Review
You can then set them to NOREVIEW after they have proven themselves to be
non-spammers and able to post sensible messages for your list.
Let's see,... 3 major disruptions to List Management in the space of a month.
Unfortunately, I don't see a letup. :-/
############################
To unsubscribe from the LSTOWN-L list:
write to: mailto:[log in to unmask]
or click the following link:
http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTOWN-L&A=1
|