Jump to content


Photo

I'm I going crazy, or should I learn how to speak Chinese?


  • Please log in to reply
5 replies to this topic

#1 headcoach

headcoach

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 22 July 2011 - 06:31 PM

Okay, I'm the new member, as you can see, and I'm not really sure where I should post this. So, I am kind of hoping you guys can help. Well, beside needing a shrink, I am have multiple problems with my computer, my emails, and my VPS.

Problem Number 1: Yes, throwing out there that I have a VPS might be the problem. The company that I use for my VPS tells me that my server is secure and they also tell me that my email server is secure as well...NOT! Ok, as you know or may not know, I moved to a VPS because my normal hosting company wouldn't allow me to send out no more then 2000 emails at one time. But, my international business that I have, requires me to send out a monthly newsletter in which I have over 2000 members....following so far?

So, I left a hosting company that I was with for 10 years and moved my website over to a VPS (virtual private server) and now, I am getting over 2000 email a day that are BS stuff. You know...take this pill to stay hard, or click on this link for a free vacation, or we can send you 10 million oxycodone pills for $2.00 emails which are just driving me crazy. Now, they are coming to me with my email address in the "From:" line like I am sending them to myself....this has been going on now for about 9 months. But the new hosting company looked at every thing and they say it's fine....NOT!

Problem Number 2: Now, I am getting emails all in Chinese and now the "From:" line is from my VPS email server. It looks like this...annex@pthepuck.securesite.net or jock@pthepuck.securesite.net or deregulate@pthepuck.securedsite.net

Now, it really hasn't bothered me until now when I started getting shi...stuff from my secure server...secure...right...NOT!

Problem Number 3: Now, when I send out my monthly newsletter, I get back about 30 emails that say undeliverable. So, I find the emails within my program that tracks members and delete them. But they keep coming back in about a week, even though I have blacklisted them in the management software that I paid for.


Problem Number 4: I am currently in Monterrey Mexico building a University Ice Hockey League. So, I left my work computer at home that I use to send and recieve all of my email and run my business from Monterrey via "GOTOMYPC". So, I went and purchased a phone number from Skype which allows me to call anyone in the world...cheap. But, every time I talk on the ding dang thing, 20 minutes later, I get emails about stuff that the other person and I were talking about. Example: I was taking to one of associate about Social Security and what their benefits were. 20 mins later, I get the benefits from some company which sent to me the info on my computer at my house. I just find it weird that this is happening from Skype. However, Microsoft did buy them about two months ago. Whatever did happen with that anti-trust law suit with the Gov. vs Microsoft?

Last problem, I think that maybe someone down here in Mexico has hacked into our network here at the rink. So I was thinking about placing a keylogger on my computer to see if that is happening. Is this the way to go? If it is, which one should I use that's really good. Oh, and the least expensive one I can get that would be good....thanks

After reading all of this, I hope I didn't get you down where you think you might be going crazy too.... :techsupport:

Thanks for your help in advance.
Head coach

#2 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 22 July 2011 - 07:44 PM

Hello headcoach,

You certainly have a mess there. Go back to square 1. Do not use your ISP's email or your hosts's email. Use Gmail. It is free and it has a first-rate spam filter.

When your sent mail bounces, it is your responsibility to remove the failing address from your mailing list. Blacklist is for something else, namely to prevent you from getting mail from some address. That will not prevent the reports of bounced mail. Indeed you want those so you can keep your lists up to date.

It is a good idea to divide your mailing list into smaller packages with not more than 100 addresses. For instance List 1: A through C. List 2: D through F. And so forth. Then send not more than one package an hour.

Google's guidelines for mass mailing: https://mail.google....py?answer=81126

Info about send rate limit: http://www.emailaddr...ress-limit.html
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#3 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,466 posts

Posted 23 July 2011 - 12:56 AM

I suggest taking it a number of steps further -- dump that VPS provider completely and get someone who can provide a secure environment... If I understand you correctly, your account is completely owned by one or more criminals and they are using it to SPAM people all over the world, including you... They have probably already stolen any personal information you might have stored, including passwords, account numbers and so on... It sounds like you need to back up what you can, wipe the whole set-up, rebuild it on another reputable server and drop your Skype account in favor of either a new one or a different company's version... If you leave any executable material behind, it is likely it is infected and the process will begin again... If you wish to retain your current account, you will probably need to hire an IT security person to go through all of your accounts with a fine toothed comb to find and weed out the malware, if that is even still possible... Keep in mind that you are probably not the only one being exploited here, your server may have been used to infect thousands of other computers, assist in DDoS attacks against other sites and send out millions of SPAM messages... The sooner you get it cleaned up, the sooner you reduce the damage to yourself and others...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"

#4 headcoach

headcoach

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 23 July 2011 - 09:59 AM

I suggest taking it a number of steps further -- dump that VPS provider completely and get someone who can provide a secure environment... If I understand you correctly, your account is completely owned by one or more criminals and they are using it to SPAM people all over the world, including you... They have probably already stolen any personal information you might have stored, including passwords, account numbers and so on... It sounds like you need to back up what you can, wipe the whole set-up, rebuild it on another reputable server and drop your Skype account in favor of either a new one or a different company's version... If you leave any executable material behind, it is likely it is infected and the process will begin again... If you wish to retain your current account, you will probably need to hire an IT security person to go through all of your accounts with a fine toothed comb to find and weed out the malware, if that is even still possible... Keep in mind that you are probably not the only one being exploited here, your server may have been used to infect thousands of other computers, assist in DDoS attacks against other sites and send out millions of SPAM messages... The sooner you get it cleaned up, the sooner you reduce the damage to yourself and others...


This is the hosting company that has my VPS...Verio I did do some research before I just jumped on into it...thanks you :db: . However, if you can find anything that I did not catch, besides the problems I am currently having, that would be great. I have been running my company for 14 years and it is not an easy task to just start over from square 1, I don't think it had come down to that yet. I have looked at other companies that would allow me to email all at one time rather then sending A though D section. Which I was doing that at my last hosting company. What I wanted to do was stream line the process so it was less hands on. Besides, the management software that I am using doesn't allow me to do that.

The software that I am using, Account Manager Pro, tracks all of the users that register, assigns them a user name and password that the user provides, check to see if they have money in the account (this section turned off), then tracks them for 1 year and then it deletes the members. (this section turned off as well). Because I am giving unlimited time for memberships. I am really trying to work the numbers game.

This software, allows me to place all of the drills on a secure side of the server. Thus if a user wants to look at them, all they have to do is register for free. This was the main reason for purchasing the software at the begaining, 14 years ago.

But, I am now thinking about moving the look to a Joomla format. From what I understand, it can do just about everything I want...and more. I placed the joomla software in my server and I was going to start moving all of the stuff over, but I was having problems transfering the database over to Joomla so I put it on hold while I develop this University Ice Hockey program in Mexico.

Do you feel that the joomla format will be a good fit? And I'm kind of worried because it is kind of an open source program, which means anyone can get in through back door...right? I just don't want to go though the crazy membership signups like I am going through now.

Thanks for your help and advice. This starting over from square one might have to be this Joomla format. What are your thoughs...thanks

Head Coach

#5 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 23 July 2011 - 10:15 AM

Open source doesn't mean anyone can get in through a back door - unless (unlikely) the official repository where you get it has become corrupt. The only way installation could lead to a back door is if there is a vulnerability in the program that the attacker knows about. That could happen whether it is open source or not.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#6 Budfred

Budfred

    Malware Hound

  • Administrators
  • PipPipPipPipPip
  • 21,466 posts

Posted 23 July 2011 - 04:03 PM

I am not sure what you are saying... It appears from what you have said that your setup already has a major barn door back door installed and it is being heavily used... If you switch to another format, it is likely that the infection will travel with you in some of the files that you carry over... Even if you are not concerned about your security, keep in mind that all of the people you have on your list and countless numbers of people who are anonymous are likely to be affected by your choices... If you wish to retain your files, you need to scan them with the deepest scans you can use and clean them up before moving anything to a new setup... Your operating system probably will need to be wiped and installed fresh... If you are saying that using Verio is sufficient to ensure security, your description of the problems you are having suggest that this is not the case...
Budfred

Helpful link: SpywareBlaster...

MS MVP 2006 and ASAP Member since 2004

Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"




Member of UNITE
Support SpywareInfo Forum - click the button