Archive for the ‘email’ Category

TapBlind copy

6 May 2010 12:11 by Rick

I hope that everyone reading this knows when and how to use blind copy (Bcc:) for emails. If not then you can review it here.

A feature I miss from modern email programs is the facility to create a blind distribution list which saves having to remember and also has a title. A mainframe mail system we used in the eighties had this feature. That way you just sent the email to the list and the program used the title in the “To:” field and sent to everyone using Bcc. A useful extension of this feature would be to allow you to specify in the distribution list who should get it in clear and who should get it blind. It would be very useful for circulating minutes etc.

TapVirgin Media Mail Changes

23 Feb 2010 17:58 by Rick

If you are a Virgin Media customer then by now you will probably have had a long email from them explaining that their mail system is changing and you don’t need to worry as it will all be transparent and continue working like before. That is not entirely true because if you look into it carefully you will find a number of things have changed and not all for the better.

  • The login system is very convoluted. On their home page there is a very clear button at the top right marked Email. This will take you to a query panel asking if you are a new Virgin Media customer or a refugee from TeleWest/BlueYonder, NTL or Virgin.net. Fortunately there is a box to tick so that it remembers this for next time. So I select blueyonder.co.uk and go to Send. Now it asks for your email address. In fact it doesn’t matter in the slightest what you type here so long as you type something because it asks you the same question on the next screen as well. Click Sign-in and you finally get to the real login screen where you can put in the real details.
  • Invalid email/password. Tip for blueyonder.co.uk usernames: We recently made a change that means that you can now only log in with the primary email address on each of your mailboxes, and you can no longer log in with secondary aliases. If you're not sure what your primary username is, you can check it here. This change was needed in order for us to launch some exciting new web and email services in the near future - more infoBut there is a catch—If you have set up aliases to your unmemorable email address like your name instead of jsbr123456 which is the style of the old TeleWest accounts then you can’t be sure which one it wants. In my case it would only accept the alias. This applies to any secondary accounts you may have set up as well (each with their own password).
  • The new system is geared entirely around web mail and the traditional email client on the home computer is a distinct afterthought. For new users with limited email requirements then this is what I would recommend that that they use, but if you currently download your mail or have certain special requirements (like encryption or the need to file your mail in an archive) then you will want to continue in the old way using a POP client.
  • One aspect of downloading mail to a local client using POP is that it says to the server “delete the mail once it has been delivered.” At least that is usually the case. The new Virgin system overrules this by default so all your mail remains on their server—forever. They say they have done it so that all your mail is always available even when you are on the move. If we wanted that then we would have used Web Mail (or IMAP) in the first place. To stop it doing this you will need to go into “Settings” (at the top right of the mail screen) and then to the “Forwarding and POP/IMAP” tab. On there about half way down (“2. When messages are accessed with POP”) you can change the default back to what it should be which is to “delete Virgin Media Mail’s copy.” Even then it only dumps into a “Bin” folder but it does disappear for good after 30 days.
  • On the left of your screen you will see buttons for Inbox, Sent mail & Drafts etc. One that you can’t see is the Spam bucket. This is further down under “n more”. Open that by clicking the little triangle next to it and you will see “Spam.” You can drag this button up to the top so it is visible every time you go in. You could do “Bin” while you are at it as well.
  • As far as I can discover there is no way to turn off the Spam filter. It is a good thing that it is now available and visible, previously you had no idea what they were blocking, but I have found that it is rather too aggressive and have discovered many items that should not be in there. I will be ringing their help line when I have an hour to spare, to find out if it is possible to switch it off. In the mean time the contents only stay for 30 days before being dumped so you have to go in here regularly to check, even if you do the rest of your mail locally.
  • If you browse you mail on an iPod or similar device then it will be sending a message to the server to retain the mail after it has been sent so that it is still there when you get home. I trust that the system honours this request even though we have changed the default above, I have not had a chance to test this yet. If it doesn’t then you may need to use IMAP which will need enabling.
  • Although it is still not enforced, the system supports secure (SSL) connection by the POP client. You can enable this in your email client without reference to the server by selecting the SSL option which uses port 995 instead of 110. There will be a similar button for sending mail via SMTP using SSL using port 465 instead of 25. They say that at some time in the future they will enforce this but they have been saying that for as long as I can remember. Do it now for your own security.
  • There are two other places you may want to login to on the Virgin Media site. “My Virgin Media” is where you can change things like your service package and, importantly for this discussion, your email accounts. The start button is at the top right next to the Email one and then there is a login button in the middle of the page. You must use your primary account (mailbox) and password to login, that is the first one that was set up for you and is also your dial-up username. To manage the email accounts once you are logged in, there is a box on the left called “Manage Household Accounts.” Here you can add accounts (up to 9 more) and reset their passwords. Regardless of where you came from and what your other addresses are, your new mailboxes will be called @virginmedia.com. You used to be able to add aliases here as well but I don’t know how you do that any more.

    The other place you may want to login is the eBilling system (because it saves you £1.25 a month). This is also done from the “My Virgin Media” main page but has a separate login button near the top right. This also requires an email address and a password (called a PIN) but, surprisingly, the email address does not have to be a Virgin one, it can be anything.

TapSquirrel Mail

15 Jan 2010 17:04 by Rick

This one must justify the name, though I don’t know how that package got involved as it is not one I use (and I can’t see BlueYonder/VirginMedia using it either). It was sent from my BY account, possibly via webmail, to Mary’s address—and turned up back with me over six months later. Nuts must be short at the moment.

TapFacebook Spam

10 Oct 2009 08:01 by Rick

This is a new phenomena (at least for me). What the rogues are doing is getting into Facebook accounts, I don’t know whether by signing up or by hacking someone else’s. Then they go to Friends ==> Invite Friends and then paste in their spam email list. I know that this must be the case because I have had invitations on addresses that I haven’t used for years but are popular with spammers.

What you receive is a message with the title “Reminder: <some name> invited you to join Facebook” for someone you have never heard of and with a selection of “other people you may know” who you have also never heard of. The problem is that this is a legitimate Facebook email by the time it arrives so pollutes your spam trap system.

The motive? The only one I can think of is a rather elaborate scam involving Facebook reputation. By getting you as a friend they can see your friends. Now that they “know” you they can invite your friends to become their friend and so integrate themselves into your community. There is a chance that they may come across one who is less than careful with their private information and may manage to get into other accounts. Another tack is to use that reputation to send a “Help! I am stranded in Nigeria and my passport and wallet have been stolen, can you wire me some cash to get home?” type of message.

TapBulk eMail

9 Mar 2009 17:33 by Rick

Do you send bulk eMail? Are you sure? What about the coffee rota or the minutes of the Squash Club committee meeting. I am not talking Mega Company marketing circulars here (that’s David’s job) but the little things that go to a modest number of people—this is addressed to you.

When you make up the circulation list, whether in an organised address book list or an ad-hoc list just typed into the field, DON’T put them in the “To:” or “Cc:” line—Use “Bcc:”! (blind copy). As there ought to be a “To:” address, make that yourself—it will confirm that it went out ok when you get yours back.

This is first of all plain courtesy as not every one wants their eMail address to be widely published and they gave it to you on the assumption that you would look after it. But secondly, if any one of the machines belonging to the people on your circulation list is compromised, then all the rest of you will be bombarded with spam.

TapIntercept Modernisation Programme

13 Jan 2009 13:53 by Rick

Information is slowly leaking out about what this government initiative will actually mean. The EU Data Retention Directive provides for member states to require Communication Service Providers to collect and retain data for a period of between 6 months and 2 years. There are hints that the Home Office are going to not only specify the maximum period but also to set up a system to record it all centrally.

Some sources suggest that the recording of phone call information (that is source and destination numbers and timestamp, not content) is already being done (but probably not Skype calls).

Extending this to email could be problematic. The source address of an email is known to be highly unreliable (look in your spam box to see examples) and, anyway, if the ISPs are to do it then what about those people who use international web mail services like Hotmail and Google plus there are those (ahem!) who use an off-shore host. But then, other sources suggest that, to make things easier for the smaller ISP, the intercept will be done further upstream on the trunks. To do this they would have to filter on the port numbers (POP, SMTP & IMAP). Even then it wouldn’t catch the web mail services.

Extending it further to monitor other internet traffic such as web sites generates a huge quantity of data. Just viewing one page can easily generate dozens of requests and downloads, a busy portal can require hundreds, so some serious data reduction techniques would have to be used. But as a side effect, the data is unreliable in intent even if comprehensive in actuality. The user is not in control of side content on the web pages they view and not even the main content when the referrer information is vague or misleading.

We already know that the return on investment for video surveillance is very poor to the extent that some authorities are leaving them unmanned. Sifting through the archives looking for incidents retrospectively is enormously time consuming and frequently a waste of police time. I don’t suppose this new idea will be any better.

TapAlphabet spamming

2 Sep 2008 10:46 by Rick

I have often wondered why, when all other things are equal, some people get more spam than others. Perhaps this is the answer. We know about dictionary spamming—that is trying every possible name before the @ on common (and uncommon) email servers. What seems to be happening is that this process is partially optimised so that more popular starting letters, ones that have more genuine accounts, are tried before less popular ones. So if your name starts with r, p, m or s then you will get more spam than if your name starts with q, w, y or z. It seems that it would be a good idea, if you have to change your account name, rather than become rick325@hotmail to try yyyrick or xyzzy.

TapInstalling/Upgrading to AVG8 Free (Windows)

4 May 2008 18:01 by Rick

Now that it is available, upgrading from AVG 7.5 to AVG 8 is a logical step but there are some decision points to be made along the way so it is best to be prepared for them.

[Note that the Free edition has some quite rigid conditions about home use only.] First you have to find it. The link I gave before is still good but it is a few clicks of Grisoft determinedly trying to get you to buy the full suite. Some of the links on the way are a bit misleading. One says that AVG Anti-Spyware is being discontinued but others that it is now included with the Anti-Virus package. The eventual download location is either their own site or C|Net downloads.com.

When you come to install it there is no need to un-install the previous version. You will need to login to an admin account. Leaving a lot out, the sequence of events is:—

  • Standard or Custom install—you will need custom if you don’t need the email scanner.
  • For the Custom install, Un-tick the email scanner if you don’t want it.
  • Un-tick the AVG Security Toolbar if you don’t want it. Everyone seems to want you to get one of those and if you loaded them all you wouldn’t have enough window left to browse in.
  • Un-tick the “Enable Daily Scanning” box if you don’t want it. I find that it is a long process and very heavy on resources (though they have put in some sort of load-limiter now). I would rather do them when I want to—and certainly not daily.
  • There is a tick box for informing AVG about potentially dangerous web sites that you come across. I haven’t checked the privacy statement for this yet so I would be cautious.
  • Definitely SKIP the updates at the moment as the install is not really ready for them.
  • Skip the registration for the time being.
  • Now you will need to reboot (it prompts you).
  • When it comes back the System Tray icon will probably be red. Right click to open the AVG User Interface.
  • Click Update Now and it should go ahead and do it.

That is the install complete but you need to check one other thing. One of the features of AVG 8 is the AVG Search Shield, sometimes called the Link Scanner. This intercepts results from the search engines (Google etc.) and inspects them for malicious content—try it and see the little green icons after every hit. Quite how it does that I am not sure but it seemed to take a long time and have a lot of internet traffic. I would imagine that on a dial-up connection it would be impossible. The search engines themselves do some quality checking, if this is doing it real time then it would be better but at what cost. The other thing that bothers me about this is that it could be that you are automatically visiting sites that you wouldn’t otherwise touch with a barge pole (porn etc.) and it will leave the evidence of this in your cache even if it never displays it.

If you decide that you don’t want this facility there are two ways to switch it off. You can use the AVG interface, but if you switch it off there it will forever say that AVG is not fully functional. The other way is with the browser controls. It works using a browser plugin (both IE7 and Firefix, I don’t know about Opera or Safari) and these can be disabled. Go to Tools —>Manage Add-ons—>Enable or Disable Add-ons in IE7 or Tools —>Add-ons in Firefox. This will need to be done on EACH ACCOUNT on your computer.

Now you can register at leisure, if you can figure out how. I haven’t yet! It is worth remembering that, despite all my griping, this is still a free service for which we are grateful.

Update: 20 Jun. As far as I can tell, the Firefox plugin which drives LinkScanner is not Firefox 3 compatible. It will be interesting to see how they update it.

TapBlame the victim

22 Apr 2008 10:28 by Rick

A new anti spam solution by Abaca aimed at ISPs and large corporations has what they claim is a unique and effective method of reducing errors, particularly false positives (that is marking perfectly good mail as spam in error). What they say is that, in addition to well known detection techniques, their ReceiverNet box looks at the reputation of the recipient to assess the likelihood that the mail is spam. The theory is that if you are promiscuous (or unlucky) with your address and you get a lot of span anyway, then there is a greater chance that this new one coming in is also spam. If, however, you normally receive very little rubbish then the chances are that this slightly suspicious one is ok.

I suspect that there is also a bit of psychology here as well. If you get a lot of spam then you are much less likely to complain if the odd mistake is made. Personally, I would be happier if these bulk filters had a coarse mesh, only trapping the obvious spam and viruses. This would be sufficient for their purposes of reducing network and server load. Leave it to me to fine tune it with a Bayesian algorithm which can learn the sort of mail that I receive and want.

TapInstalling POPfile on Mac OS X 10.5.x (Leopard)

15 Apr 2008 21:09 by Rick

As you may guess from the title, I have made the decision on how to switch away from Windows. It is not that Ubuntu had any problems but, having discovered that I would need to get new hardware anyway, the Mac PRO seemed to be the most reliable option at the best price. Yes, I spent more than I intended but they have jolly good salesmen who know their stuff down at Western Computer.

I have also scaled back the virtualisation plans to just a single XP guest running under VMware Fusion but I will talk more about that in a future post.

In general, installing software on the Mac is just as easy as on a PC; in many cases easier if you do the PC properly with a separate admin account—you don’t need to on OS X because of the Sudo based “run as admin” facility which really works. But some of the more obscure open source packages don’t have proper installers, probably due to low demand and/or lack of resources. One of these is the POPfile email classification (anti-spam) system. It works fine but is a pain to install with a dozen pre-req bits and pieces, some of which need to be compiled from scratch and even the documentation is a bit out of date. Having now done it, I will make my contribution to the project and publish an install script. Not a full blown installer, because I don’t know how to do that, but a scripted version of all the little bits that have to be done which will make it much simpler … [more]

^ Top