Phishing Page

What is it?

We have all read about phishing trojans, but many of you probably do not know what they are or how they work. I came across one over the weekend while backing up a client’s website. My anti virus system prevented me from downloading the backup to my computer and warned me that one was present. As I was concerned about the security of this particular website I took it apart to find out where it was, and what it was doing.

Phishing

Phishing refers to a form of identity theft, it is where credentials like a user name and password are compromised, often without your knowledge. Other than reading about them, I had not come across one before. This one relates to stealing the credentials to access someones email address and email password.

I turned off my anti-virus (not recommended if you do not know the risks) and downloaded the zipped folder containing the files into a special area on my computer and then inspected the files. Two files contained code, one was a web page. Only one of the files was being flagged as the one containing the Phishing Trojan, the file contents were very simple, they packaged up the information and sent out an email to two recipients.  Continue reading Phishing Page

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Adding a signature to webmail

I  had a question about how to add a signature to webmail. A signature allows you to pre-compose part of your message, and for this to be added to any standard email. So in other words you do not need to write the end of your email each time.   This is a feature that is in Thunderbird, Outlook and many other mail programs. It will be buried in the features somewhere. At the end of this piece I will tell you where you can locate it in Outlook. For now this concentrates on Webmail.

What is Webmail?

Webmail is simply an application that runs in your browser and allows you to access (send and receive) email. It is very basic, but will meet most people’s needs without having to splash out for a mail program. Everyone in my hosting has access to this. Continue reading Adding a signature to webmail

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Sending out messages to lists of people?

AKA Bulk Mailing

We have had an issue in May with mailing messages out to large groups of people using the BCC field in emails. This is generally used as a way of preventing people from seeing who else is on a mailing list. Within the hosting there is a limit of 25 email addresses in the BCC field before it is detected as a possible spam source by the hosting company. If a mail is detected as suspect and flagged as such, a rate limit will apply for the next hour limiting the number of mails sent out to 25. If this happens to you, you will receive warning messages from the mail system. Do note here that an email sent to 5 people is counted as 5 emails.

Why?

The practice of using the bcc field in emails is also one regularly adopted by hackers and spammers to send out bulk mail. The hosting not only checks mail coming into the system, but also checks it going out. If it considers the mail to be suspect it is marked as such which may cause problems at the receiving end too, BT and AOL are particularly sensitive to mail coming in marked as a possible spam message. Continue reading Sending out messages to lists of people?

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

I did not receive your email…..

Over the past 4-5 years there have been some strange issues with email. I have had to dig quite deeply into the protocols and supporting services to make sure that any third party receiving mail from the mail servers we use have access to responses that show the mail server is legitimate.

For the most part 99.99% of it works without any issues. I have come across problems with BT accounts (all of the BT family) where changes have been made to their mail processing, suddenly things stop working or become intermittent. I use BT for my broadband, but I do not use my BT address because I know some mail may get filtered coming into it. The problem is you don’t know about it. I have never set up any filtering, so this is a BT unilateral decision.  From time to time there have been issues with the Talk Talk family of addresses and AOL.

The reasons why these service providers are trying to filter mail is the sheer volume of junk mail that is around these days. Occasionally the wrong things are filtered. The rest of this post is about things you can try if you think mail is being filtered. Continue reading I did not receive your email…..

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Some checks to make

One of the things I try to provide is a one stop shop for email and for the website. While moving people over the past 6 weeks, it has become apparent that some people are still using 3rd party email systems. That is absolutely the right thing to do if you consciously set it up to work in that way. Particularly those of you that have moved to Outlook 365 which uses cloud based email.

Who sources your email?

However in a few cases I have found email is being used through a 3rd party provider, but nobody knows why. The issue here is you may be paying twice for hosting.

There is another case where people are using hotmail, yahoo or gmail accounts. Possibly because they did not realise they could use an email account with their domain name. Continue reading Some checks to make

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Use Gmail through the hosting

Mail sent to fred@mycharity.com is forwarded to fred3123@gmail.com a standard gmail account

When fred sends a message from his gmail account it appears to come from fred@mycharity.com

How does this work?

Some people have a gmail account behind the email account associated with their domain. So for example fred@mycharity.com may not use the email boxes associated with the hosting. His email will be forwarded through to a gmail account say; fred3123@gmail.com

The reason for doing this may be for historical reasons, or perhaps you manage all of your folders in gmail. Or shared calendars with colleagues. There are pluses and minuses. The biggest risk with a gmail account is if you lose control of it. There is no “person” you can call to get it back.

Anyway, mail is routed to fred@mycharity.com and this is forwarded to fred3123@gmail.com. Fred manages his mail at Gmail, and when he replies to something, the message appears to come from fred@mycharity.com and not from fred3123@gmail.com. The way this is achieved is by using the SMTP server in your hosting package.

You do it by following these steps:

You will need an email account in your hosting, and a separate gmail account, and know the passwords for both. If you are setting this up for the first time, test both accounts independently. Once you have checked your email addresses and passwords do the following:

  • Login to gmail
  • Go to accounts and Import
  • Look for send mail as:
  • Click on edit info and change the entry.
  • A form will pop up. Add the alias address you wish to use, in this case fred@mycharity.com
  • The server name which you need to change to:  mail.stackmail.com*
  • The port name which you need to change to 587 and the security type to TLS
  • It will also ask you for a password. This is the password for your fred@mycharity.com address in the hosting. The same password you would use if you wished to access the mail account directly.
  • It will check the settings before allowing you to close the window.

*mail.stackmail.com is the current default SMTP server we are using.

If you are using gmail as your main email provider and using the SMTP send function via the hosting, you need to remember that if I move a website into new hosting this will break your gmail implementation until you update the settings.

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Backing up Outlook

If you have just joined me you may have had a website with a different hosting company and are moving over to the managed services I provide. You will need to check your email configuration first and at the very least as a precaution back it up to an independent location.

Most organisations should be running a back up process such that the loss of a single computer or device would not mean you lose everything. Many in my experience are not, or do not know how to do this.

In this tutorial and the accompanying document below I show you how to check your mail configuration and run a backup for most of the recent versions of Outlook. The steps are outlined below, these need to be taken by you before the hosting is switched over because there is a risk you may lose your email if it is actually located on the server and not locally. This is called an IMAP account. You need to be using POP3 if I am providing your mail. Continue reading Backing up Outlook

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Group Email Addresses

Q: What is a group mail address?

A: A single mail address that when added to an email will automatically send the message to a group of recipients. It means you do not have to type in all of the email addresses each time. 

I was recently asked how to set up a group email address in Outlook. The person requesting this wanted an easy way to send a message to all of the trustees rather than have to collect all of the email addresses together on the to: line of the mail form in Outlook.

While it is certainly possible to both set up and use a group email address, if your mail is not running on an exchange server, or Outlook 365  (which uses a shared area in the cloud) then nobody else can benefit from having a group mail address.

Why is that important?

Continue reading Group Email Addresses

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail

Problems sending mail to BT (British Telecom) addresses?

Are you affected?

Are you the problem?

If you are sending out bulk emails (emails with lots of addresses in the header) then your mail may be the reason why a server is blacklisted. This area is a major problem because most mail is junk mail. Some speculate that as much as 80% of mail is junk mail or spam. Service providers use various methods of identifying rogue sources of mail, these systems are automated and do not always get it right.

You may be aware of BT related problems on a number of occasions over the past year. BT are now more helpfully providing a link in their mail rejection notice to some guidance on best practice for creating bulk emails.

You can read about it here: BT Best Practices for Bulk Mail.  Continue reading Problems sending mail to BT (British Telecom) addresses?

Facebooktwittergoogle_plusredditpinterestlinkedintumblrmail