Monthly Archives: August 2012

Fighting spam

Posted on by

Spam is annoying us all and many people are looking for a solution that will reduce the amount of spam in their mailbox. Plenty of solutions exist, but I myself chose a very simple solution that will allow me to “name & shame” those companies that leak my email address to those spammers. And my solution also comes with a nice spam filter too, although it’s not free. I pay about 60 Euro’s per year for my solution, which is reasonable simple, provides me with web mail and a good spam filter plus nice, additional features that are very practical.

It starts by registering a domain name. In my case, it’s wimtenbrink.nl but for this discussion I will use the name example.com since this is a special domain name reserved for these kinds of examples. Registering a domain name costs between 5 Euro’s and 20 Euro’s, depending on your registrar. Since I live in the Netherlands, I chose VIP Internet to register this domain, since they provide me some easy options to set up my domain, allowing me to adjust several settings and changes I do to my domain name there are handled quite fast. Unfortunately, they’re also a bit expensive (EUR 19,95 per year) but they offer a good quality.

Next, I’ve purchased a Google Apps for Business account for my domain name. This is free for individuals and small teams but I decided to buy the more expensive package which costs US $ 50 per year per user. With just one user, this costs me $ 50 per year. And it removes the advertisements in my mailbox. Plus, my mailbox is 25 GB in size instead of the standard 10 GB for individuals.

Next, the technical part. You’ll need to connect your domain to your Google Apps account. This will require some knowledge and experience with the Domain Name Service of the internet, or short: DNS. Using the tools provided by your registrar you will have to set up Google Apps as your mailbox. This probably means that you will have to remove a few DNS entries and add a few new ones. This isn’t very complex but if you mess it up, your domain cannot be reached anymore. So, be careful, try to get some basic knowledge about DNS first. (Although you can always fix problems later.)

You can also connect more things from Google to your domain name. You could, for example, generate special URLs on your domain name that will point to your Google Calendar or your Google Drive. And Google provides plenty of other practical tools that you can use and connect to your domain, including the hosting of a few simple webpages.

Once you’ve connected both, you will have your own, personal domain name with a single email address. Let’s say you’ve registered example.com and your new address is admin@example.com. Your Google Apps account will provide you with a web mail interface that is very similar to GMail itself. But without the advertisements for me. But Google Apps will allow you do even more, like creating multiple aliases for your email address. In my case, I could create the alias wim@example.com and use that as a mail address that I share with friends and family. For companies, I generally create an alias on the fly starting with the name of the company and ending with my domain name. Thus, if I provide Microsoft with an email address of mine, that would be microsoft@example.com.

And yes, creating email aliases on the fly is simple. Someone asks for an address, I just think of some random code to put in front of the @ sign and then append my domain name. It does require me to do one more thing, though. I need to set Google Apps up to use my admin@example.com address as a catch-all for all incoming email addresses on my domain name. Once I’ve done this, it doesn’t matter what’s in front of the @ because anything will be sent to this single email address.

But how does this stop spammers? Well, it doesn’t stop them but it tells me where the spammer retrieved my email address. For example, my email address for LinkedIn was something like linkedin@example.com. However, earlier this year LinkedIn was the victim of a hacker who managed to collect a whole database from their user database, including a lot of email addresses. One of those addresses was mine. And when I noticed that I started to receive spam at linkedin@example.com I immediately realized that LinkedIn had a huge problem with their security. It gave me a very early warning and told me who was responsible for leaking my email address.

There have been more companies who have leaked my email address to spammers, but because those email addresses tell me which company leaked my email address, I can just change my address for that company to e.g. linkedin-2@example.com and create a filter in my Google Apps account which will just drop anything that is sent to the old email address. Thus, the spam is gone but my contact with the company is still available.

I still receive about 10 spam messages every day but the Google spam filters are excellent in recognizing them, although they do have the occasional “false positive”. Checking my spam filter is therefore still important. But those addresses that are ‘contaminated’ by spammers are just filtered away, thus keeping my mailbox very clean. Only drawback is that some spammers realize that my domain has a catch-all mail account and thus they make up random names to get past the filters that I’ve set up, only to be caught by the Google spam filter.

As I said, Google Apps is also available in a free version and registering domain names can be done a bit less expensive. Finding a good domain name to use for this purpose is a bit more complex though, and I was lucky that my name was still available for me. Other people who happen to share my name will have to look for something different. I’m just paying more because of some additional bonuses provided by my registrar and by Google, which I use a lot.

The OV shitcard – pardon my french…

Posted on by

As everyone in the Netherlands already knows, you need an OV chip-card if you want to use any of the public transit options in the Netherlands. And while you can buy an “anonymous” chip-card in the shop, most people who need to travel daily will just register one in their own name. However, most people don’t realize that by registering the chip-card, they also give up on some of their privacy. Because even though public transit organisations officially tell everyone that they won’t abuse the data collected by these chip-cards, the reality is different as explained by this (dutch) article

The NS (Dutch Railways) has used data collected from these chip-cards to track trips made by their customers to use this for marketing purposes. By doing so, the NS violated the trust of their customers. To make matters worse, even those who used the anonymous cards weren’t completely safe since they often had to provide their email address to activate the chip-card before they could use it.

For me, this is just one more reason to stay away from the public transit in the Netherlands. I value my privacy and my car is often more comfortable than the train. Besides, it’s even faster for me to use the car than to use the train if I want to go to my work, even if there are some severe traffic jams.

Sure, the NS has promised they will destroy the data they’ve collected so far and will stop collecting this information in the future, but do you trust them? They’ve made this promise before, when the chip-card was introduced. And it also makes you wonder what data they will continue to collect and makes you wonder what data other transport organisations are collecting about your travels…

Maybe it’s just time to reorganize public transit in the Netherlands completely. First of all, make it free so everyone can make use of it. The costs could be paid from taxes and sponsors. I bet some companies will be pleased to pay for a bus stop near their front door so employees and customers can easily reach their shops or services. I also think some costs could be earned by having advertisements in the train, bus and subway including spoken advertisements on the build-in intercom. This too would provide more income. And of course, cities who want to support public transit within their boundaries could also pay part of the costs. Quality would improve and there would be no need to keep track of customers.

Besides, free public transit would encourage a lot of people to get out of their cars since it much less expensive. Employers would have no need to compensate their employees for their daily travels since travel would be free. A car would then be more luxury than requirement. Question is, which political party would even dare to make this part of their campaign?

Stupid spammers…

Posted on by

For some time now, I am receiving about 5 spam messages per day for some weird job offerings that could earn me 22 to 65 Euro’s per day. And all I have to do for this “job” is to answer questions from some health clinic and answer some easy questions. They’d like me to do this about 2 to 12 hours per day and all I have to do to join is send them the following information: name, phone number, age and the city where I live.

Of course, this is spam and most people would just ignore such things but I started to investigate a bit. The sender always seem to be a different person but the domain it originates from is careersholland.com. However, the DNS information for this site is gone which means that you cannot reply anymore. The domain is gone, but the spammer just continues to send these messages.

There is another site, however, that happens to be legitimate and whose domain name looks closely to this spammer. They’ve posted this article to their site to warn people about these spammers. That’s because this is a phishing attack, where the spammer is trying to collect as much information about you for their own criminal intentions. These criminals are looking for “Money mules” and for this they need as much personal information as they can collect from you. Be aware that if you respond to such an email then you can become part of some criminal activities and it will be hard to prove your innocence. And yes, these spammers might even actually pay you for your “services” but in the end, it will cost you a lot more than you’ll earn from this. Worse, if it can be proven that you’re willingly participated to this scheme, you could even end up doing time in jail in the Netherlands, although that would still be very unlikely. It’s more likely that you’ll end up with a huge debt which you’ll have to pay for a very long time.

One of the original spam messages looks like this, and I’ve removed my personal information from it. It’s in Dutch, though. It is targetting Dutch people, mostly.

Delivered-To: helpdesk@example.com
Received: by 10.50.42.196 with SMTP id q4csp8656igl;
        Mon, 27 Aug 2012 23:10:28 -0700 (PDT)
Received: by 10.14.223.9 with SMTP id u9mr5532200eep.10.1346134228048;
        Mon, 27 Aug 2012 23:10:28 -0700 (PDT)
Return-Path: <neuralgiag5@realliving.com>
Received: from [190.43.101.99] ([190.43.101.99])
        by mx.google.com with ESMTP id e9si13429791eep.46.2012.08.27.23.10.23;
        Mon, 27 Aug 2012 23:10:27 -0700 (PDT)
Received-SPF: pass (google.com: domain of neuralgiag5@realliving.com designates 190.43.101.99 as permitted sender) client-ip=190.43.101.99;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of neuralgiag5@realliving.com designates 190.43.101.99 as permitted sender) smtp.mail=neuralgiag5@realliving.com
Received: from apache by qbqgghfhehsvvbsvwi.deltamar.net with local (Exim 4.67)
	(envelope-from <<helpdesk@example.com>>)
	id OWG4MX-L13X05-EZ
	for <helpdesk@example.com>; Tue, 28 Aug 2012 01:10:24 -0500
To: <helpdesk@example.com>
Subject: We nodigen u uit in uw vrije tijd te verdienen
X-PHP-Script: qbqgghfhehsvvbsvwi.deltamar.net/sendmail.php for 190.43.101.99
From: <helpdesk@example.com>
X-Sender: <helpdesk@example.com>
X-Mailer: PHP
X-Priority: 1
Content-Type: text/plain; charset="Windows-1252"
Message-Id: <ANP530-V0ONDJ-VW@qbqgghfhehsvvbsvwi.realliving.com>
Date: Tue, 28 Aug 2012 01:10:24 -0500

Beste dames en heren,

We beiden goedbetaalde baan aan: de website LEZER.

Uw functie:
Bezoeken van de website van een Gezondheidskliniek en daarna eenvoudige vragen te beantwoorden.

Bijvoorbeeld: was het gemakkelijk om een aanvraag te doet, is er niet te veel van de rode kleur,
is de tekst duidelijk op de aanvraagpagina.

We vragen dat om te bepalen of de website gemakkelijk is voor onze klanten.
Dit is zeer belangrijk want een eenvoudige website kan wist ervan 3-5 keer vermeerderen.
U kan dit doen in uw vrije tijd, ongeveer  van 2 tot 12 uur per week.

De prijs is van 25 tot 67 euro per uur, de vaste prijs wordt bepaald naar het interview.
De tewerkstellingperiode is van 3 tot 6 maanden, tijdens de Nederlandstalige website portaal ontwikkeling van de kliniek.
Indien u het goed doet zullen we u uitnodigen voor de andere gelijkaardige projecten.

De betaling gebeurt dagelijks of maandelijks per overschrijving op uw bankrekening van onze vennootschapsrekening.
U kan in uw vrije tijd verdien van 1512 tot 3612 euro per maand.
Als u het verschil kan zien tussen eenvoudige en ingewikkelde website, dan gaat u erin slagen.

Voor de aanvraag, stuur de volgende gegevens op:
1. Uw naam
2. Telefoon nummer
3. Leeftijd
4. Verblijfsstad

Aandacht! De gegevens moeten verstuurd worden op de volgende email:  Jaime@careersholland.com.

Aanvragen die op het andere email worden verstuurd kunnen niet behandeld worden
Zodra ik uw gegevens heb ontvangen neem ik contact met u op.

Met vriendelijke groeten,
Afdeling Personeelsaangelegenheden van “Geincorporeerde Gezondheidsinstellingen”

I need to blog more often.

Posted on by

The life of an ICT specialist like me is always busy, busy, busy. Even on my day off, I still have a lot to do. This morning, for example, I went to the dentist to have two fillings replaced. I still had two old amalgam fillings and these have been replaced by two nice, white ones. The rest of the day was reserved to take a long walk with my dogs but they’re not in real shape today. I think it’s too warm for them now so maybe another time. I still have a few other things to do too…

For example, I am working on two personal projects. One is related to me keeping score of my glucose levels. Yeah, I have diabetes but still don’t need insulin injections. I want to keep it that way so I need to keep an eye on my glucose levels. More moving, better eating will improve my health. But the bookkeeping requires a simple project which allows me to enter the results and it should generate reports and charts for informational purposes. And not just for me, but for generic usage. Right now, I’m still thinking about what the project should do exactly. Thinking about the complexity of it all. It should be able to keep track of multiple users and maybe it should also be usable by physicians to add patient accounts so they can keep track of their patients. Maybe it needs a Smartphone module, an Android module or even an iPad module so patients can use simple mobile devices. And perhaps an import/export module so patients can export their data in some format to have it imported in some other application. And of course a reporting module that preferably supports Word and PDF. And I have plenty of other ideas too. As I said, I’m busy.

And then the other project. That’s more a self-education project. I like to generate CGI artwork but after several years of creating art, I ended up with a large collection of homemade images. Combine this with my own photo’s from my digital camera’s and it’s just a lot of images. I need a better way to organize them, adding tags and publish them in some way. I already use Flickr for some of the more interesting images but I want to publish all of them. So I have an idea of a simple system that will store the images with additional tags, keywords, license information, some extracted EXIF information, a rating value, sign if it’s NSFW or not and much, much more. And I want two versions of this tool. One should be a browser app which would show up on any device and the other should be a Silverlight app which would mostly be supported on windows platforms, but which would give a much nicer user interface, thus a better user experience. And yes, this too keeps me very busy…

Of course, don’t forget that I still create CGI artwork. This too eats up a lot of time. But worse of all, it requires my computer to do the most work, churning numbers to render some data into a digital image. It’s a process that might take 5 minutes or 60 hours, depending on the complexity of the image…