In reply to:

---

One would assume PlusNet are currently totally blocking all e-mail from the known sources of this outbreak or all that match the patterns of the outbreak.

---

They can't. The email addresses "stolen" don't necessarily have anything to do with PlusNet. My main email address that's been affected by this is a domain which isn't registered with PlusNet, PlusNet don't host the DNS, and they don't host the mail server for it so there is nothing they can do to fix this for me and many others I assume. I just have to live with the consequences

"Much ado about taking security seriously, but nothing to back it up, empty words"

That's a bit harsh. Haven't they already checked a few other things and improved security in other areas? Do you think they aren't taking this seriously?

I don't disagree that this is a fairly epic screw up, but they do, as far as I can see, seem to be taking it seriously.

Sorry, yes, I was referring to PlusNet tweaking their filtering software to deal with mail that goes through their mail servers. Obviously this is only part of the problem as addresses out of their control have been impacted here.

My point was the 'solution' in place is only partial and temporary. As they say, there's no point closing the barn door once the horse has bolted.

Although I appreciate the frustration as they say 'it happens'.

I had an email address used for personal matters and always careful how it was used. After many years one of the recipients forwarded the email or similar and soon I started receiving spam. It got so bad that I had to create a new address for myself and a second one for those whom I could not trust not to forward it on or people that send emails with everyone in the 'to' field.

To this day I have to check the old account because some of my friends or contacts that haven't been in touch with me for a long time might still be trying to use it to contact me. Later this month I will not be checking that email address at all. In just under 4 months that email now only receives junk mail in the region of around 200 a day.

The post on the usergroup forums suggests that this is being sent to people who may have been affected by the trojan (Presumably those that logged into a compromised server during the affected timeframe). It's not clear whether there will be another email to those addresses that have been compromised - could someone with the ability to post there perhaps ask for me ..

I'd also be interested to know when this has finished going out as I haven't received anything as of yet.

From the MS bulletin it looks like the patch was published on 7th August 2006 and the bulletin the following day and then updated on 12th September. So the patch should be have been installed for anyone downloading September's updates or later.

For combating spam there's a few things I can suggest. If the spam is going to a specific address that you don't use then you can use the Manage My Mail tool on the portal to create a redirect for that address and send it to the blackhole address [email protected]

If the spam is being sent to multiple addresses that aren't in use then you can blackhole the catch all address via the portal tool.

If you don't have the spam protection switched on then you can again do this via the portal and it will scan the mails for spam and mark the subject. Of the spams I'm receiving from this the spam protection is catching almost all of them.

Agreed, people should keep their computers up to date with patches.

Can you comment on whether PlusNet keep their webmail servers up to date with all patches and monitor all released vulnerabilities?

In reply to:

---

This email is related to customers who could have been affected by the trojan. The email addresses issue is wider than this and will be communicated seperately.

---

http://portal.plus.net/central/forums/viewtopic.php?t=55912

And for those affected that don't have PN email addresses???

Dave,

PlusNet spam protection is all well and good if the email addresses are hosted by PlusNet but one of my compromised account is the press contact for a charity whilst I undertook that post. This means that when the email address is updated to the new officer they will start receiving spam if they are not a PlusNet user. This is going to cost money and time for both me and the charity to change the email address and update the contacts. All because PN failed in their duty to keep my personal information secure!!! I used to think that PN was often wrongly maligned but this has really pushed me over the edge.