Mail Archive of the old Santa Clara Valley Lutheran Parish

I adjure you by the Lord that this letter be read to all the brethren. (Thessalonians 5:27)

Message Archive Navigation

Subject: Security Reminder

Date: Wed, 4 Jul 2012 11:18:13 -0700

From: "Randy Presuhn" <randy_presuhn@mindspring.com> 

Received: by 10.101.84.11 with SMTP id m11mr10714159anl.11.1341425642246;
        Wed, 04 Jul 2012 11:14:02 -0700 (PDT)
X-BeenThere: scvlp@googlegroups.com
Received: by 10.100.234.34 with SMTP id g34ls2516757anh.3.gmail; Wed, 04 Jul
 2012 11:14:01 -0700 (PDT)
Received: by 10.236.161.233 with SMTP id w69mr37505556yhk.7.1341425641579;
        Wed, 04 Jul 2012 11:14:01 -0700 (PDT)
Received: by 10.236.161.233 with SMTP id w69mr37505553yhk.7.1341425641563;
        Wed, 04 Jul 2012 11:14:01 -0700 (PDT)
Return-Path: <randy_presuhn@mindspring.com>
Received: from elasmtp-scoter.atl.sa.earthlink.net (elasmtp-scoter.atl.sa.earthlink.net. [209.86.89.67])
        by gmr-mx.google.com with ESMTP id v77si75485yhj.7.2012.07.04.11.14.01;
        Wed, 04 Jul 2012 11:14:01 -0700 (PDT)
Received-SPF: neutral (google.com: 209.86.89.67 is neither permitted nor denied by best guess record for domain of randy_presuhn@mindspring.com) client-ip=209.86.89.67;
Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 209.86.89.67 is neither permitted nor denied by best guess record for domain of randy_presuhn@mindspring.com) smtp.mail=randy_presuhn@mindspring.com
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
  s=dk20050327; d=mindspring.com;
  b=YBqJ1UfgCHtuoLxpbRbMF02I2MnBBfBCcfYr+2gBDCGMKV+qC40ccm1QdX0T++De;
  h=Received:Message-ID:From:To:Subject:Date:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE:X-ELNK-Trace:X-Originating-IP;
Received: from [99.38.144.250] (helo=oemcomputer)
	by elasmtp-scoter.atl.sa.earthlink.net with esmtpa (Exim 4.67)
	(envelope-from <randy_presuhn@mindspring.com>)
	id 1SmU5R-0006g2-77
	for scvlp@googlegroups.com; Wed, 04 Jul 2012 14:14:01 -0400
Message-ID: <000e01cd5a11$6075f720$6b01a8c0@oemcomputer>
From: "Randy Presuhn" <randy_presuhn@mindspring.com>
To: <scvlp@googlegroups.com>
Subject: Security Reminder
Date: Wed, 4 Jul 2012 11:18:13 -0700
MIME-Version: 1.0
Content-Type: text/plain;
	charset="utf-8"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1478
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1478
X-ELNK-Trace: 4488c18417c9426da92b9037bc8bcf44d4c20f6b8d69d888b7f3a87d4e9c50f1fcef347e2b3b07ac6637ce99c27be956350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 99.38.144.250

Hi -

You may have noticed that some spam was distributed via the
SCVLP mailing list this morning.  This probably happened
because a subscriber's email account was hacked.  Here are
a few ways to reduce the likelihood that your email account
will be used to distribute spam:

    (1) Never use the same password for more than one account.
        Not just email accounts, but credit cards, mailing lists,
        social networks, etc.
    (2) Never use a password that would be found in any dictionary,
        atlas, or telephone book, whether spelled foreward or
        backwards, or in any mixture of upper and lower case.
        This doesn't just mean English!
    (3) Dates are a really bad idea for passwords.  There aren't
        that many of them, so they're too easy to "brute force"
        guess.
    (4) Your password SHOULD be as long as practical.  It SHOULD
        contain a mixture of letters, numbers, and non-alphanumeric
        characters if possible.
    (5) Avoid allowing different services to access each other.
        For example, many things "integrate" via FaceBook.  From
        a security point of view, this is a really Bad Idea.  If
        an attacker guesses your FB password, (s)he may have access to
        everything else.
    (6) Keep in mind that sometimes spam will be a "Joe Job."  This
        simply means that the spam was sent in someone's name, but without
        using their account.  (Rather like writing someone else's return
        address on an envelope before tossing it into the mail box.)
        Unfortunately, the design of the mail protocols makes this
        attack trivially easy.  There are *some* countermeasures in
        place, but the pros and cons of these are a multi-year debate.

With freedom comes responsibility.  Have a happy 4th!

Randy

Information...

  Valid CSS! Valid HTML 4.01 Transitional

Last updated 2025-09-18 13:29:00 by Webmaster