Malwarebytes has a new version out V2.0

Posted at 4:12:45 PM in Vendors (35)

I highly recommend Malwarebytes as a tool to remove spyware. They have a new version out. Verion 2.0.0.1000 as of today. You can check out the new download at  bleeping computer here: 

http://www.bleepingcomputer.com/download/malwarebytes-anti-malware/

Written by Leonard Rogers on Friday, March 28, 2014 | Comments (0)

RCVD_IN_XBL_SPAMHAUS_ORG

Posted at 11:51:41 PM in Recovery (44)

Spamhaus black lists have gone bonkers. I'm seeing tons of false positives coming across with grades in RCVD_IN_XBL_SPAMHAUS_ORG at 3.0 and 3.3 in RCVD_IN_PBL,

These false positives appear to be coming form one chain in the mail relay servers. Or so I thought. When gmail and yahoo IP addresses are listed in the black lists above, then that creates a real problem. Both providers have extensive rules that prevent outbound mail abuse. So when gmail and yahoo show up in these blacklists, I think that should flag that there is a problem with the blacklist.

I prefer not to use black listed relays when they are in a chain. I also don't care if the sender's IP address is in a blacklist. I do care if the first server in the relay is blacklisted.

I am only a student of the internet and email and spam lists. It appears the first "Received: from" line identifies the originating device and the relay server it connected too. 

Therefore when the line continues: [192.168.101.1] ([172.16.30.212]), the first address is the local device,  in my case a laptop. And the second would be the relaying server. I noted when the device has a reverse lookup pointer it will show the name and the IP address in the square brackets.

I made up the IP addresses. i was researching where these block was coming from and found it difficult when there is no reverse lookup on the IP address. After some search, I used itools.com/tool/arin-whois-domain-search to find who the block belonged to. In this case, it was a mobile phone company. I have noticed that most mobile phones will provide automatic setup for big name providers like gmail. If this was used, the relaying server should have been google.com which isn't listed on the blacklist at the moment, but the mobile IP is.

I took out the relay checking when this first occurred and after a week I was able to put it back on. However, on this investigation (6/7/2014), I left the relay checking in place. There is not much I can do when devices are not setup properly.

Written by Leonard Rogers on Thursday, March 27, 2014 | Comments (0)

AceSEF Joomla extension to handle Search Engine Friendly urls

Posted at 10:18:59 PM in Joomla - CMS (7)

AceSEF has a very frustrating interface. It appears almost clumsy. I have been trying to straighten out the numerous SEF links it's created and the absolute catastrophe of a sitemap. My problem is the dynamic sitemap likes to add unpublished articles but the xml sitemap follows the assignments in the SEF management pages. Due to the several unpublished pages it placed in the dynamic sitemap, have had to run around trying to get rid of the search engine cache that keeps pointing to pages that weren't cached. I suppose I should start with how I ended up with this module.

I only needed to fix the SEF portion of Joomla. AceSEF didn't fix that or even point out where there might be a problem. I'm not that good with Apache or PHP so I stumble around a bit. I finally found where Apache2.conf was missing information. The site never loaded the .htaccess file and therefore never read the rules for re-writing the mods. Once that was fixed, I already had AceSEF which had a nice metatag engine and sitemap generator. As I've already stated, those both exploded in my face.

Now my problem is the frustrating i have with the concept of published (within the context of AceSEF) and deleted or trashed. Apparently, Unpublished in the SEF tab means that it won't publish in the static sitemap.xml file. I'm sure that's not what they intended, but that appears to be the way it works for me. The 404 page has no explanation that helps at all. Unpublished doesn't seem to mean a thing. When a link shows up in the 404 pages it is registered as unpublished. If you use the button at the top of the 404 page to move it, it only gives you a empty move page. This was frustrating, but now I realize this button really means new 301 page (but why have it on the 404 page). Even checking the item and clicking the 301 button does nothing but give you a blank form. I found that clicking on the actual link gives you a 301 form with the link in the old URL slot. Never would have figured that out from the tutorials or the helps.

I bought the VIP but I haven't called. I really want to make sure I've read all the helps before I waste someone's time. If you use that 301 creation page, you cannot leave the 404 page in there. Even though it's unpublished, it still redirects to a 404 error page and the 301 page never gets loaded. All these left overs seem to cause other problems. I had one page that I would get an error, "too many redirects" even though I couldn't find where it was getting an additional redirect. I have wiped out the SEF database 3 times now. I have made changes to the SEF format because I realized I really don't want duplicates and I have to figure them out. Well that causes another problem because the new SEFs don't match the old SEFs so now I have to deal with even more scattered crap. 

None of this would happen if the program didn't generate stuff I didn't want or if it was documented well enough to figure out how it worked. Even the web site gives no help. The web help is an exact duplicate of the help that comes with the module inside Joomla. They don't even bother with additional explanations. I might add that the online videos are also only partially helpful. The fact that they go through every little option is the only help they add, but it's almost the same as if you went through every little option yourself and read the little pop up links that explain each option which goes something like this: Generate new SEF URLs - this generates new SEF URLs. Well it is a little more wordy. "If set to NO, no new URLs will be generated and only those already in database will be used."  I can't tell you how often I want to turn that off. The pages actually seems to load fine without it, but one must be careful if cache is enabled. I had been looking at the wrong page for hours when I discovered that it was the cached page. I cleared the cache and found the page was a 404 error issue. 

Another buggy problem is 404 errors do not show up all the time. It seems that if it hits the SEF 404 page, you will never see what caused it. Hmmm. I just had a thought that I might turn that off so I can see the real 404 pages which give a little more info and may show up in the 404 locker.

 

Written by Leonard Rogers on Wednesday, March 26, 2014 | Comments (0)

Manta.com unique way of registering Businesses

Posted at 11:53:29 PM in Vendors (35)

All of the free sites I signed into a free account tried to find a way to get me in touch with a sales person. Manta went about it a different way. I signed up everything on their page and on completion to verify my free account, they gave me a code that I needed to call and enter. The code was alpha numeric so I was pretty sure that I was going to be giving it to a person. That person was the sales person who immediately went about posting information on my manta page as we talked about my business. I added some of my own things while we were talking and they saw those changes. Isn't the internet wonderful?

The 5 minute registration process ended up being a 15 minute chew-my-arm-off to get away conversation trying to sell me $19.95 per month of goodies from their site. Eh. not yet.

So far, it's been mostly phone calls from sales people and no presence on the internet, so we'll see how this pans out. 

Written by Leonard Rogers on Tuesday, March 25, 2014 | Comments (0)

Yellow pages (YP) does follow ups after posting for a free account

Posted at 11:43:58 PM in Vendors (35)

As I mentioned before, if you post your information for free services, be prepared to get inundated with call after call from sales people trying to get you to buy their free service. YP.com is one of those services. I'm not impressed with yellow pages advertising. It took me 4 years to get them to stop billing me for a business card size ad I had put in their phone book yellow pages which took several letters and follow up phone calls to get them to stop. It's now over 10 years after I got them to stop billing me and I still get calls for services. I am hoping the Internet YP should be different.

They are a free registration. They verified my phone number by calling the number I wanted registered, however; I wasn't at that phone. The phone registration isn't very well thought out. It would be next to impossible to register if I had a phone extension. In my case, I'm registering for a company that is not mine. I'm in my office and they are on the road. There was a button on the registration page that I had to press, they'd call the number, I'd enter the code. But they didn't give very long for me to enter the code. I had to get it from the owner who tried to text it back to me, but by the time I got it, the code already expired.

Once the business was registered and verified, I was able to find my business on yp.com. But less than 24 hours later, a sales person was calling. The receptionist handles all sales calls the same. "Thank you for calling. Sales? Not interested. hang up. 

Written by Leonard Rogers on Tuesday, March 25, 2014 | Comments (0)

Craisgslist doesn't allow you to post links to your web site

Posted at 11:30:09 PM in Vendors (35)

A lot of people abuse craigslist.com. The web site is a almost completely free place to advertise services and goods. One of the methods they use to keep down the abuse is to only allow posting advertisements every two weeks. But people overcome that problem by registering six or seven free email accounts with craigslist and posting the same ad six or seven times. Now a recent changes they've made prevents posting links to your web site on their pages. Not a problem, but it would be nice i they said that it wasn't allowed instead of just scraping out that info and then posting a url'less ad posting.

I've had customers that got several click throughs to their web site from craigslist, but now if you put the hyperlink, they just scrape it out. It is probably associated with abuse but a poster who violated the terms by posting the link to a web site that was not in accordance with the policy. Rather than make the few suffer, the policy appears to take the easy way and make everyone suffer. In the meantime, Craiglist goes on to be regularly abused.

Written by Leonard Rogers on Tuesday, March 25, 2014 | Comments (0)

Does anyone know the number for Yelp?

Posted at 11:18:48 PM in Vendors (35)

 Among the many startup sites I would consider for creating a presence for a web site on the internet, one of the top is Yelp. Unfortunately, when a business is added, they seem to be really slow about responding. I believe they also have a customer service rep that attempts to make a sales call and when it doesn't work, he cancels the account. Doesn't seem to be a very good way to do business.

Here's the story. My business started up last month. Yelp was among the first sites I went to to setup ad pages. Yelp is good for customer response and allows customers to leave reviews about the companies that have used. I added our company per their page instructions. It included all the address info and phone number, again, the main line which could be answered by anyone and not necessarily the person setting up the site who would be expecting a call.

I responded to the email and set up my account. Added pictures, and description, hours of operation and then waited and waited and waited. I would go back to Yelp several times in the past month to see if my business would show up. Not there. Thank goodness I kept a link to my business posting, which 2 other times, I made changes to the hours and added even more pictures (all of which are still up there) and finally a month later posted a review. The review is there, but I still can't find my business. I wondered why they haven't emailed me or called. So, I decided today, I will try to call them. Did you know you can't find a number to call them at? You can't even call them for sales. You have to fill out a form and try to find your business yet again and then submit the request and they will call you back. And here I sit and wait and wait and wait.

Apparently, if you want to do anything on Yelp, you have to grab that first call or wait an eternity for them to call you. I have a business listing under fws.net. They call me all the time. I get regular reports, but I don't ever remember doing anything other than claiming my business. 

So, Yelp is yet another dead end. I gave them my office number this time on an advertisement request hoping they'd call and I could find out where my business went. I am interested in advertising, but I expect nothing but trouble getting the Yelp pages up and running.

Written by Leonard Rogers on Tuesday, March 25, 2014 | Comments (0)

Customer Lobby deactivates Trial sites to get attention

Posted at 11:05:20 PM in Vendors (35)

Setting up web sites is a lot of fun. Trying to find a customer portal where customers can leave comments is even more fun, especially when your testing them out to see how they will perform. Customer Lobby is one of those types of sites. They are great about setting up a free account and giving you the widgets to plug into your site so customers can leave comments. But, during the 30 day trial, the account rep is so eager to help up sell the product that he disables your account forcing you to call him.

Of course, the phone number on the account is for business purposes, I don't expect and wouldn't want sales calls. In fact, if I wanted to call about a product, I would make that call, but when you register for web widgets be prepared to get tons of calls. There are a couple of other  services I'll be reviewing and so will not discuss them here, but be warned. It's almost the same as registering for spam.

I had registered my site on customer lobby, added the widgets and prepared get a few past customers to post comments, but before I could get there, they called my business number and the person who answered the phone didn't know what it was about and said stop calling. That'd be expected since most sales calls are handled that way. I certainly am not going to pow wow my entire staff on what sales people we should take calls from. I have a department entirely dedicated to setting up my internet presence.

Customer Lobby's response. Deactivate the account. I called. The person answering the call was surprised that my free trial had been suspended. She said she'll have my rep call me back within a few minutes. Expect a call from the 510 area code. I gave her the number to my web guys and they waited. We got the call. My rep said, I'm the one who turned off your account. I wanted to make sure you had the best we could offer you. Of course he would say that, he's a sales person. The best they can offer certainly isn't going to be free. I could easily see the pricing on the web site and I had already picked the package I wanted and I didn't really need a sales guy to sell me their best.

The entire approach soured my research and we removed the widgets and I concurred with my staff and told them to get lost. 

Written by Leonard Rogers on Tuesday, March 25, 2014 | Comments (0)

dccifd and copfilter error

Posted at 9:10:09 PM in Other (7)

I have been a big fan of copfilter addon to IPCOP for some time. I'm currently using copfilter Version: 2.0.91beta4. in IPCOP v2.0.6. I've been told not to upgrade to the newest version of IPCOP as it will not work with copfilter. So I wait.

One of the recent issues has been a constant warning:

 warn: dcc: dccifd -> check skipped: dcc: failed to connect to a socket /var/log/copfilter/default/opt/dcc/dccifd: Connection refused

I could not find anything to iron out this issue under copfilter, so I went directly to dcc commentary since the implementation in copfilter connects dcc with spamassassin. The files structure for that locations is not a file or a directory and is zero bytes. The permissions on the file are srw-rw-rw owned by copfilter. That part is fine. After searching around from that directories location, I found a test program in the bin directory called dccif-test which also said that the socket was not open connection refused. I finally found what I was looking for on this site which took some careful reading. "That socket is created by starting dccifd as a daemon." Though, it doesn't state how to do that, I decided to look for the executable file by that name, which I found under the directory libexec. Executing the file without parameters (I thought a parameter would be needed to run it as a daemon, but apparently not). I checked the process stack, ps aux | grep dcc and found dccifd running. After that the test on the socket worked fine. 

I was able to run start spamd with the socket running. I don't know why dccifd stopped running. It had been out for weeks. I was seeing unwanted spam where there should be, but now I know to check if dccifd is running at all and if not to start it. This resolved the dcc checks for me.

Written by Leonard Rogers on Tuesday, March 25, 2014 | Comments (0)