[GTALUG] blackmail

ac ac at main.me
Sat Aug 4 01:55:42 EDT 2018 

have you configured pyzor, etc AND 'scoring' in your spamassassin?

essentially : Spam is dead. (So, you do not have to receive these
'blackmail' emails)

For scoring : I use superblock.ascams.com  - at 5.5
(If you are listed here you are sending spam, phish, virus, spyware)  
Then I use bl.spamcopnet also at 5.5 
 (If you are listed here you are sending spam)
And I use the barracuda lists at 3.3
I also use block.ascams.com and at 3.0 (sometimes 3.5) 
(this has all the spammy social media and spam mailing lists)

Then I drop anything over 12 (sometimes 13, sometimes 14 - depending
if the Internet is angry or not so angry)

Email servers with a good reputation - sails through - email servers
with a poor reputation is marked as spam (anything over say 6 and
anything over 12-14 is auto bounced

For individual business domains, drop is sometimes set to 6 or 7 - so
these accounts literally see no spam ever - for the legit emails that
are blocked - the sending server is usually placed under pressure to
'clean up' their reputation... - and if they are not - they lose clients :)

hth

Andre

On Sat, 4 Aug 2018 00:47:09 -0400 (EDT)
"D. Hugh Redelmeier via talk" <talk at gtalug.org> wrote:

> I received a blackmail message by email.  It claimed that they hacked
> my system and had compromising videos from my computer's camera.
> 
> As proof, they gave me what they claimed was my password.  But I only
> used that password on two sites: canadacomputers.com and 
> xpresscanada.com (a long-dead Canada Computers site).
> 
> So I'm not worried.
> 
> I informed CC about three weeks ago.  They seemed to ignore the
> report.  I phoned again two weeks ago, and they were interested.  I
> told them if I didn't hear that they'd informed their customers that
> I'd publicize this security breach.
> 
> I've heard nothing else.  So I presume that they have not announced it
> to their customers.
> 
> Today I got another blackmail message with the same password.
> 
> What do you think that I should do?
> 
> PS: my password is a random string generated by mkpasswd(1) so it
> would not have been discovered by an online exhaustive search.  They
> most likely filched the password file from CC.
> 
> PPS: I'm glad that I don't reuse passwords!
> ---
> Talk Mailing List
> talk at gtalug.org
> https://gtalug.org/mailman/listinfo/talk

More information about the talk mailing list