General Discussion
  >> ISP Unhappiness


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | [3] | 4 | 5 | (show all)   Print Thread
Standard User jabuzzard
(experienced) Mon 14-Dec-20 23:14:21
Print Post

Re: Plusnet data leak?


[re: RobertoS] [link to this post]
 
You do know that they sometimes dictionary spam the domain? So if your "supersecret" bit of [email protected] is in their dictionary of things to try then you are jiggered and they don't need to have ever seen for you to get the email.
Standard User RobertoS
(elder) Mon 14-Dec-20 23:23:37
Print Post

Re: Plusnet data leak?


[re: jabuzzard] [link to this post]
 
So far as I know it isn't in any dictionary. I'm not stupid.

__________________________________________________________
Sovereignty Means Sovereignty

My broadband basic info/help site - www.robertos.me.uk. Domains, sites and mail hosting - Tsohost & Ionos.
Connections: OnePlus 8 Pro max 165Mbps down, 24Mbps up on Three, and B311 4G, tbb tests normally 35-45Mpbs down, 65Mbps off-peak, 9-24 up.
========================
Experience shows us that love does not consist in gazing at each other but in looking together in the same direction.
Antoine de Saint-Exupéry.
Standard User RobertoS
(elder) Mon 14-Dec-20 23:42:24
Print Post

Re: Plusnet data leak?


[re: RobertoS] [link to this post]
 
Unless anyone has experienced the same for "Plusnet-secret" email addresses, (as I said earlier it only came into existence as a unique login email address), please can people stop giving reasons why I could be wrong. The main reason for my OP was to see if it was something affecting multiple Plusnet login addresses.

I don't want to be impolite by not replying to suggestions, but in itself I'm not worried by it.

Doing a search on my emails I have found another couple in 2019 that had been moved direct to Junk by Thunderbird on receipt, so I didn't even know they had occurred. The reason I saw this one was I have a new laptop and a new installation of TB, which of course hasn't self-trained from my own Junking smile.

There are many reasons why I could be wrong! That is why I also posted earlier that I had stopped, given the age of that detection.

If ian72 would like to see the whole source, as a matter of analysis by him and education for me as a result, that would interest me smile. Beyond that, it doesn't bother me.

__________________________________________________________
Sovereignty Means Sovereignty

My broadband basic info/help site - www.robertos.me.uk. Domains, sites and mail hosting - Tsohost & Ionos.
Connections: OnePlus 8 Pro max 165Mbps down, 24Mbps up on Three, and B311 4G, tbb tests normally 35-45Mpbs down, 65Mbps off-peak, 9-24 up.
========================
Experience shows us that love does not consist in gazing at each other but in looking together in the same direction.
Antoine de Saint-Exupéry.

Edited by RobertoS (Mon 14-Dec-20 23:45:16)


Register (or login) on our website and you will not see this ad.

Standard User ian72
(eat-sleep-adslguide) Tue 15-Dec-20 13:32:30
Print Post

Re: Plusnet data leak?


[re: RobertoS] [link to this post]
 
Feel free to PM it to me if you want me to have a look - not guaranteeing any startling insight but I might be able to make some sense of it and give an idea of where it originated.
Standard User ian72
(eat-sleep-adslguide) Tue 15-Dec-20 13:34:04
Print Post

Re: Plusnet data leak?


[re: jabuzzard] [link to this post]
 
If they were doing that there would be loads of emails received in this case - I believe Bob uses the same technique as I do by redirecting anything@domain to the actual email account. If using a dictionary spam everything would ultimately be received so the chance of accidentally coming across a single address that was used with a service is low - especially as Bob says it isn't a dictionary word.
Standard User RobertoS
(elder) Tue 15-Dec-20 16:40:43
Print Post

Re: Plusnet data leak?


[re: ian72] [link to this post]
 
In reply to a post by ian72:
If they were doing that there would be loads of emails received in this case - I believe Bob uses the same technique as I do by redirecting anything@domain to the actual email account. If using a dictionary spam everything would ultimately be received so the chance of accidentally coming across a single address that was used with a service is low - especially as Bob says it isn't a dictionary word.
Correct.

__________________________________________________________
Sovereignty Means Sovereignty

My broadband basic info/help site - www.robertos.me.uk. Domains, sites and mail hosting - Tsohost & Ionos.
Connections: OnePlus 8 Pro max 165Mbps down, 24Mbps up on Three, and B311 4G, tbb tests normally 35-45Mpbs down, 65Mbps off-peak, 9-24 up.
========================
Experience shows us that love does not consist in gazing at each other but in looking together in the same direction.
Antoine de Saint-Exupéry.
Standard User Andrue
(eat-sleep-adslguide) Tue 15-Dec-20 20:29:54
Print Post

Re: Plusnet data leak?


[re: RobertoS] [link to this post]
 
In reply to a post by RobertoS:
Unless anyone has experienced the same for "Plusnet-secret" email addresses, (as I said earlier it only came into existence as a unique login email address)
I also use a DEA system and there's nothing showing in my mail server's rules log that might be the old address I used.

---
Andrue Cope
Brackley, UK
Standard User Andrue
(eat-sleep-adslguide) Tue 15-Dec-20 20:44:05
Print Post

Re: Plusnet data leak? *DELETED*


[re: ian72] [link to this post]
 
Post deleted by Andrue

Edited by Andrue (Tue 15-Dec-20 20:46:55)

Standard User Andrue
(eat-sleep-adslguide) Tue 15-Dec-20 20:56:13
Print Post

Re: Plusnet data leak?


[re: ian72] [link to this post]
 
I use the same system (it's official name is 'DEA' - Disposable Email Address) and how the address got out isn't the issue. As long as it's not something really simple like '[email protected]' which might conceivably be guessed or generated via a dictionary you can be sure that something nefarious is going on and it started with PN.

Yes a mail relay (should such things still exist) and snooping routers (paging the CIA?) could grab addresses but neither of those is very likely. Most SMTP exchanges are sender server connection direct to recipient server and I don't think the CIA and their ilk are likely to be the culprit here smile

If I tell PN to communicate with me as '[email protected]' that address is highly unlikely to be guessed or generated via a dictionary. So if spam starts appearing with that address anywhere in it then PN are to blame.

It's true that from: can be faked but that only means that most people can't be sure who the email was actually addressed to. It still remains true that a DEA address is a secret shared by only two people. I run my own mail server so I filter on RCPT TO: so I actually do know the address the email was sent to. And (should I care to look) the IP address of the sending mail server smile

---
Andrue Cope
Brackley, UK

Edited by Andrue (Tue 15-Dec-20 20:59:27)

Standard User Andrue
(eat-sleep-adslguide) Tue 15-Dec-20 21:04:34
Print Post

Re: Plusnet data leak?


[re: JennyCide] [link to this post]
 
Exactly Jenny. If we're relying on the from: field reported by a mail client then we don't reliably know the actual address used to send the email. However the mere fact that someone other than PN and RobertoS know that email to be valid is highly suspicious and whatever happened almost certainly started with PN or their servers.

- assuming it's a slightly obfuscated address.

---
Andrue Cope
Brackley, UK
Pages in this thread: 1 | 2 | [3] | 4 | 5 | (show all)   Print Thread

Jump to