More information about the Underscore mailing list

[_] spam advice

Rob Jonson rob at hobbyistsoftware.com
Mon Sep 12 10:58:47 BST 2016

>
>
> From the contents of my Inbox, I?m fairly sure a few years ago a backup of
> Yahoo mail got hacked (possibly including BT ISP mail, which used Yahoo at
> the time), and the perpetrators extracted address books. So no accounts
> compromised, but convincing spam could be sent.
>
> It sounds from your description that your friend?s email address wasn?t a
> generic @yahoo.com one though - was it a custom domain that forwarded to
> yahoo or something? Also, are the spams being sent definitely ?from? that
> address, or do they have the right name but a random email address in the
> From header?
>
> Oliver.
>

He had his address book shared all over the sho, so there are a gazillion
ways it could have happened. (e.g. linked in had access to his yahoo
account, or some similar sharing).
Either way - that horse has bolted, though it seems to be locked down now.

He sends from a custom domain.  Friend at HisDomain.com
The spam definitely purports to come from Friend at HisDomain.com  I have
received some directly myself.
It does fail the spf checks (I have examined headers and can see rejections
happening) - but that isn't enough to stop it appearing in inboxes.

cheers,

Rob






-- 





Hobbyist Software is a trading name of Hobbyist Software Limited.
Registered office 12 Fraley Rd, Bristol, BS93BS. Registered in England.
Company no:7876492