Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsSpark New Zealand (including Skinny and BigPipe)Another round of Xtra\Yahoo spam?
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
16171 posts

Uber Geek


  #983300 10-Feb-2014 13:41
Send private message

freitasm: Just received:


An additional encryption setting called ‘Secure Sockets Layer’ (or ‘SSL’), will soon be the new standard default connection for all Yahoo Xtra mail accounts and Telecom will be assisting users who access the service via a ‘third party’ email client, such as Microsoft Outlook for PCs or Android for mobiles, to update their settings.



I don't see how that is going to solve this particular problem, as those email addresses are already out in the wild. Also weren't they hacked last year from the webmail platform? And that had nothing to do with people outlook connection. I know that my address was hacked, and I only ever used webmail for my xtra yahoo address/ SSL has been around for donkeys years, and has been the standard with most providers for years.  They really need  to use SPF.I guess they have to be seen to be doing something.

835 posts

Ultimate Geek

Trusted

  #983336 10-Feb-2014 14:26
Send private message

So they're saying the solution to the Yahoo problem is to implement a 20yo protocol that has had serious known vulnerabilities for most of its life?

 
 
 
 


791 posts

Ultimate Geek

Trusted

  #983528 10-Feb-2014 18:20
Send private message

Most, but not all XTRA customers using email clients have been using POP/SSL Port 995 and SMTP/SSL Port 465 for ages.

These users, and even those still using insecure ports POP/110 and SMTP/25 who don't use webmail at all, will not have had any addresses in their webmail address books.

How on earth do Telecom think these people are more at risk than those users of Yahoo Webmail who have unknowingly provided a wealth of email addresses from their hacked webmail address book?

Telecom or their Spin Doctors  seem to be missing the point altogether.....




Tivo upgrades to operate with the new OzTivo EPG, support and service. Over 300 performed here so far. See: www.hillcrest.net.nz

1268 posts

Uber Geek

Subscriber

  #983888 11-Feb-2014 09:33
Send private message

Another round this morning I see. Noticed that several of them are definitely addresses I've seen before. I guess we are just going to have to get used to this...

51 posts

Master Geek


  #983893 11-Feb-2014 10:11
Send private message

Five so far today and counting. Maybe someone from Telecom could explain why they refuse to implement SPF?

1948 posts

Uber Geek
Inactive user


  #983990 11-Feb-2014 12:07
Send private message

Just a heads up on the SSL change folks.

This is related to Telecom's desire to shutdown smtp.xtra.co.nz which has a cleartext SMTP port 25 that Telecom customers can use to send outbound SMTP email.

Telecom are going and proactively engaging customers saying we are switching off the cleartext port and moving to pure SSL only through an authenticated connection.

This has nothing to do with a SPF or DKIM or further spam protection on the xtra.co.nz domain. Those are being investigated but I can't comment further on that.

23268 posts

Uber Geek

Trusted
Subscriber

  #983994 11-Feb-2014 12:08
Send private message

Good job shutting that old server down. IMO offering clear text authenticated services is negligent




Richard rich.ms

 
 
 
 


791 posts

Ultimate Geek

Trusted

  #984011 11-Feb-2014 12:39
Send private message

plambrechtsen: Just a heads up on the SSL change folks.

This is related to Telecom's desire to shutdown smtp.xtra.co.nz which has a cleartext SMTP port 25 that Telecom customers can use to send outbound SMTP email.

Telecom are going and proactively engaging customers saying we are switching off the cleartext port and moving to pure SSL only through an authenticated connection.

This has nothing to do with a SPF or DKIM or further spam protection on the xtra.co.nz domain. Those are being investigated but I can't comment further on that.



Good idea, but I do know a lot of Telecom broadband customers who rely on smtp.xtra.co.nz to send email out from their "non-xtra" accounts. Those people will need to authorise those accounts by adding them to their Yahoo/Xtra accounts before they can use send.xtra.co.nz SSL/465, a process that Joe Public often has difficulty with.

Maybe Telecom could simplify this process.





Tivo upgrades to operate with the new OzTivo EPG, support and service. Over 300 performed here so far. See: www.hillcrest.net.nz

23268 posts

Uber Geek

Trusted
Subscriber

  #984012 11-Feb-2014 12:41
Send private message

No those people should be using their mail providers servers for sending out not telecom or yahoos server.




Richard rich.ms

47 posts

Geek


  #984027 11-Feb-2014 12:51
Send private message

richms: No those people should be using their mail providers servers for sending out not telecom or yahoos server.


If we are paying for Telecom as an ISP we are should be allowed to use this service. They are already blocking a range of ports that our host uses for SMTP.  Which is why we do use  SMTP.xtra.co.nz on a range of our machines. 

This is painful news to me.  

 Good idea, but I do know a lot of Telecom broadband customers who rely on smtp.xtra.co.nz to send email out from their "non-xtra" accounts. Those people will need to authorise those accounts by adding them to their Yahoo/Xtra accounts before they can use send.xtra.co.nz SSL/465, a process that Joe Public often has difficulty with.


Sorry I think that this is not a good idea.  I NEVER use my  Yahoo/Xtra accounts  now we have to login to this unsecure accounts and actually use them. 

Can anybody from Telecom clarify this? I was about to sign up to a 2 year VDSL contract and if SMTP is not longer a service without jumping through hoops. 

Ok I can see I am going to get fried for this post.

23268 posts

Uber Geek

Trusted
Subscriber

  #984032 11-Feb-2014 12:55
Send private message

You are paying for the use of an xtra.co.nz email address not for a smtp relay service. A proper smtp relay service is something you should source elsewhere if your mail provider is too inept to allow ssl authenticated smtp on an alternate port.

People using is smtp servers for non is addresses is the source of most false positives in spam filters IME. Sooner this is stopped the better.




Richard rich.ms

791 posts

Ultimate Geek

Trusted

  #984036 11-Feb-2014 12:59
Send private message

richms: No those people should be using their mail providers servers for sending out not telecom or yahoos server.


The problem is that if you have say a Vodafone email address, or one of many that don't allow access to their smtp server from outside their network, because they don't support SSL or authentication, you're pretty well stuffed. That's why many of Telecom's customers use smtp.xtra.co.nz because at least when you're on their network, mail will go out, or at least until this latest announcement. It will piss a lot of people off for sure. 




Tivo upgrades to operate with the new OzTivo EPG, support and service. Over 300 performed here so far. See: www.hillcrest.net.nz

47 posts

Geek


  #984040 11-Feb-2014 13:03
Send private message

richms: if your mail provider is too inept to allow ssl authenticated smtp on an alternate port.


It's when that port gets block with zero prior notice that frustrates me. We host websites with 10 different companies for various reasons and this creates a HUGE  admin headache. 

Its just easier to move to another ISP that offers SMTP services for me.  Can someone at Telecom Clarify when this is coming into effect so I can be moved before the fact. ?

Thanks.

 Spong It will piss a lot of people off for sure. 
  Yes you can take that to the bank.  Me for one. 

23268 posts

Uber Geek

Trusted
Subscriber

  #984044 11-Feb-2014 13:04
Send private message

They should direct their anger at vodafone for that. Allowing unencrypted mail from outside their network is stupid. Look at that thing the banking ombudsman said about someone's mail being "hacked" on a free wifi connection. couldn't have come at a better time for telecom to discontinue offering insecure mail IMO.




Richard rich.ms

136 posts

Master Geek


  #984119 11-Feb-2014 14:09
Send private message

Allanhall:
richms: No those people should be using their mail providers servers for sending out not telecom or yahoos server.


If we are paying for Telecom as an ISP we are should be allowed to use this service. They are already blocking a range of ports that our host uses for SMTP.  Which is why we do use  SMTP.xtra.co.nz on a range of our machines. 

This is painful news to me.  

 Good idea, but I do know a lot of Telecom broadband customers who rely on smtp.xtra.co.nz to send email out from their "non-xtra" accounts. Those people will need to authorise those accounts by adding them to their Yahoo/Xtra accounts before they can use send.xtra.co.nz SSL/465, a process that Joe Public often has difficulty with.


Sorry I think that this is not a good idea.  I NEVER use my  Yahoo/Xtra accounts  now we have to login to this unsecure accounts and actually use them. 

Can anybody from Telecom clarify this? I was about to sign up to a 2 year VDSL contract and if SMTP is not longer a service without jumping through hoops. 

Ok I can see I am going to get fried for this post.
The only port telecom block is port 25, and you can request for this to be unblocked if you wish, it's about a if you have a legitimate use for having port 25 unblocked they'll do it, heres a link: http://help.telecom.co.nz/app/answers/detail/a_id/1218 port 25 filtering is normal accross most ISP's nothing unusual here its a network protection issue, otherwise the ISP gets blocks of IP's on RBL's all over the place.

**edit removal of rubish

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Samsung Announces 2020 QLED TV Range
Posted 20-May-2020 16:29

D-Link A/NZ launches AI-Powered body temperature measuring system
Posted 20-May-2020 16:22

NortonLifeLock Online Banking Protection now available for New Zealand banks
Posted 20-May-2020 16:14

SD Express delivers new gigabyte speeds for SD memory cards
Posted 20-May-2020 15:00

D-Link A/NZ launches Nuclias cloud managed network solution hosted in Australia
Posted 11-May-2020 17:53

Logitech introduces new video streaming solution for home studios
Posted 11-May-2020 17:48

Next generation Volvo cars to be powered by Luminar LiDAR technology
Posted 7-May-2020 13:56

D-Link A/NZ launches Wi-Fi Certified EasyMesh system
Posted 7-May-2020 13:51

Spark teams up with Microsoft to bring Xbox All Access to New Zealand
Posted 7-May-2020 13:01

Microsoft plans to establish its first datacenter region in New Zealand
Posted 6-May-2020 11:35

Genesis School-gen has joined forces with Mind Lab Kids
Posted 1-May-2020 12:53

Malwarebytes expands into privacy with fast, frictionless VPN
Posted 30-Apr-2020 16:06

Kordia to donate TV airtime on Channel 200 to community groups
Posted 30-Apr-2020 16:00

OPPO A91 is a high specs mid-range smartphone
Posted 23-Apr-2020 16:44

NordVPN rolling out NordLynx new generation VPN protocol based on WireGuard
Posted 23-Apr-2020 16:37


Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.