Author

Topic: Suspicious email from Ubitex — scam? (Read 980 times)

sr. member
Activity: 364
Merit: 250
June 23, 2011, 04:09:56 PM
#6

This is legitimate.

Oh…  Due to the barrage of scam emails that one receives daily, an unanswerable email — about a subject that isn't even mentioned on the main site — from ‘webmaster@localhost’ doesn't exactly appear trustworthy.

Quote

Due to the site structure it's hard to have both OpenID and user/password auth at the same time, so I figured this would suffice.

How come you're scrapping OpenID?  I, for one, am not interested in maintaining yet another username/password combo, so you're going to lose at least one user.

Quote

Unfortunately there wasn't a DEFAULT_FROM_EMAIL set so the mail came from 'webmaster@localhost'.

And how, pray tell, did you imagine that people would believe that the email was legitimate?  Did you expect people to scour the email headers for clues and make DNS lookups?

Quote

Signed? With what key?

Ever heard of PGP/GPG?  The public key, or at least its fingerprint, could be available on the website.  As a minimum I'd expect that the matter was mentioned on the website…

Thanks for stepping forward, though.

Cheers,

No, I thought there was a default from set. Turns out there wasn't.

I'm coming off OpenID because django-socialregistration just isn't nearly flexible enough. I may eventually add it back as a secondary auth.
hero member
Activity: 566
Merit: 500
Unselfish actions pay back better
June 23, 2011, 04:07:43 PM
#5

Best to assign kseistrup a new random password... I guess you probably already did, just making sure.

Don't worry, I already replaced the one from the email with a random string before posting here.

Cheers,
legendary
Activity: 1615
Merit: 1000
June 23, 2011, 04:04:02 PM
#4
Best to assign kseistrup a new random password... I guess you probably already did, just making sure.
hero member
Activity: 566
Merit: 500
Unselfish actions pay back better
June 23, 2011, 02:57:43 PM
#3

This is legitimate.

Oh…  Due to the barrage of scam emails that one receives daily, an unanswerable email — about a subject that isn't even mentioned on the main site — from ‘webmaster@localhost’ doesn't exactly appear trustworthy.

Quote

Due to the site structure it's hard to have both OpenID and user/password auth at the same time, so I figured this would suffice.

How come you're scrapping OpenID?  I, for one, am not interested in maintaining yet another username/password combo, so you're going to lose at least one user.

Quote

Unfortunately there wasn't a DEFAULT_FROM_EMAIL set so the mail came from 'webmaster@localhost'.

And how, pray tell, did you imagine that people would believe that the email was legitimate?  Did you expect people to scour the email headers for clues and make DNS lookups?

Quote

Signed? With what key?

Ever heard of PGP/GPG?  The public key, or at least its fingerprint, could be available on the website.  As a minimum I'd expect that the matter was mentioned on the website…

Thanks for stepping forward, though.

Cheers,
sr. member
Activity: 364
Merit: 250
June 23, 2011, 02:29:47 PM
#2
Hi,

One hour ago I received a suspicious email, seemingly from Ubitex:

Code:
Received: by 10.227.27.90 with SMTP id h26cs2325wbc;
        Wed, 22 Jun 2011 22:43:34 -0700 (PDT)
Received: by 10.216.65.203 with SMTP id f53mr3161656wed.54.1308807812780;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Return-Path:
Received: from cryptonomicoin.ubitex.org (ks360227.kimsufi.com [91.121.162.25])
        by mx.google.com with ESMTP id 16si2969778wem.19.2011.06.22.22.43.32;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Received: from ks360227.kimsufi.com (localhost.localdomain [127.0.0.1])
by cryptonomicoin.ubitex.org (Postfix) with ESMTP id DA0BD23869
for ; Thu, 23 Jun 2011 07:42:05 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Subject: Your new Ubitex password
From: webmaster@localhost
To: [email protected]
Date: Thu, 23 Jun 2011 05:42:05 -0000
Message-ID: <[email protected]>

Ubitex now uses username and password authentication; your randomly-generat=
ed password is 'LY8AtWwZ1O7ohOQ1' minus quotes. You won't be able to use th=
is yet, only when we switch over. Don't delete this!

An unsigned email from “webmaster@localhost” with a password, when the webmaster could have chosen to simply put that information on my account and simply have sent me a signed email with instructions to log in using the usual OpenID pathway?  Come on, dude.

On the other hand, 91.121.162.25 does seem to be a valid IP address for cryptonomicoin.ubitex.org…

Did anyone else receive a similat email?  And what is your reaction?

Could the Ubitex webmaster please step forward?

Cheers,

This is legitimate. Due to the site structure it's hard to have both OpenID and user/password auth at the same time, so I figured this would suffice. Unfortunately there wasn't a DEFAULT_FROM_EMAIL set so the mail came from 'webmaster@localhost'.

Signed? With what key?
hero member
Activity: 566
Merit: 500
Unselfish actions pay back better
June 23, 2011, 03:24:05 AM
#1
Hi,

One hour ago I received a suspicious email, seemingly from Ubitex:

Code:
Received: by 10.227.27.90 with SMTP id h26cs2325wbc;
        Wed, 22 Jun 2011 22:43:34 -0700 (PDT)
Received: by 10.216.65.203 with SMTP id f53mr3161656wed.54.1308807812780;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Return-Path:
Received: from cryptonomicoin.ubitex.org (ks360227.kimsufi.com [91.121.162.25])
        by mx.google.com with ESMTP id 16si2969778wem.19.2011.06.22.22.43.32;
        Wed, 22 Jun 2011 22:43:32 -0700 (PDT)
Received: from ks360227.kimsufi.com (localhost.localdomain [127.0.0.1])
by cryptonomicoin.ubitex.org (Postfix) with ESMTP id DA0BD23869
for ; Thu, 23 Jun 2011 07:42:05 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Subject: Your new Ubitex password
From: webmaster@localhost
To: [email protected]
Date: Thu, 23 Jun 2011 05:42:05 -0000
Message-ID: <[email protected]>

Ubitex now uses username and password authentication; your randomly-generat=
ed password is 'LY8AtWwZ1O7ohOQ1' minus quotes. You won't be able to use th=
is yet, only when we switch over. Don't delete this!

An unsigned email from “webmaster@localhost” with a password, when the webmaster could have chosen to simply put that information on my account and simply have sent me a signed email with instructions to log in using the usual OpenID pathway?  Come on, dude.

On the other hand, 91.121.162.25 does seem to be a valid IP address for cryptonomicoin.ubitex.org…

Did anyone else receive a similat email?  And what is your reaction?

Could the Ubitex webmaster please step forward?

Cheers,
Jump to: