Steve's Digicams Forums

Steve's Digicams Forums (https://forums.steves-digicams.com/)
-   Contact Steve's (https://forums.steves-digicams.com/contact-steves-90/)
-   -   Login problems (https://forums.steves-digicams.com/contact-steves-90/login-problems-211996/)

VTphotog Jul 15, 2014 10:05 AM

Login problems
 
For the past few days, I have been having to repeatedly log in to the forums. It can take two or three tries before the forum recognizes me, despite using the 'remember me' check box. Once in, I can return that day, but the next day I need to start all over again.
Not sure if this is a general forum problem, or possibly a change to my ad blocking software which has caused this.

brian

billy Jul 15, 2014 10:10 AM

I haven't had an issues myself, using Firefox or Chrome.

I'm going to guess that your ad blocking software is the culprit. If you're blocking cookies, it's possible the forums can't recognize that it's you when you return (it can't remember you if you're blocking transmission of identifying cookies).

I'm no expert, just tossing out my $.02

VTphotog Jul 15, 2014 6:35 PM

I have things set up to allow cookies, except for tracking cookies, and I don't have any problems with other vbulletin forums.
I'll do some experimenting to see what I can find.

billy Jul 15, 2014 6:45 PM

Let me know if you're still having issues.

VTphotog Aug 3, 2014 5:30 PM

It appears my ISP was changing around IP address blocks, which may have caused the difficulties. There were a couple other sites which were giving difficulties, but it seems to be stable now.

yxejamir Aug 4, 2014 4:13 AM

My email address has been stolen from this site
 
My email address has been stolen from this site and began seeing spam sent to it a few hours ago. Could that be related?

The spam subject was “Nolo's Business Breakdown | Take 40% Off”, see full headers below (my email address hidden with XXX):
Code:

Return-Path: <[email protected]>
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
    by sloti31d1t05 (Cyrus git2.5+0-git-fastmail-9860) with LMTPA;
    Mon, 04 Aug 2014 01:03:27 -0400
X-Sieve: CMU Sieve 2.4
X-Spam-score: 2.9
X-Spam-hits: BAYES_05 -0.5, DCC_CHECK 1.1, HTML_MESSAGE 0.001, RCVD_IN_BL_SPAMCOP_NET 2,
  RCVD_IN_DNSWL_NONE -0.0001, RCVD_IN_UNSUBSCOREBL 1,
  RP_MATCHES_RCVD -0.668, SPF_PASS -0.001, LANGUAGES en, BAYES_USED user,
  SA_VERSION 3.3.2
X-Spam-source: IP='198.245.88.1', Host='mta.email.nolo.com', Country='US',
  FromHeader='com', MailFrom='com'
X-Spam-charsets: plain='us-ascii', html='us-ascii'
X-Resolved-to: aXXXXXl+[email protected]
X-Delivered-to: [email protected]
X-Mail-from: bounce-87_HTML-434844759-9320395-132...email.nolo.com
Received: from mx1 ([10.202.2.200])
  by compute1.internal (LMTPProxy); Mon, 04 Aug 2014 01:03:27 -0400
Received: from mta.email.nolo.com (mta.email.nolo.com [198.245.88.1])
    by mx1.messagingengine.com (Postfix) with ESMTP id 917DCF2077C
    for <[email protected]>; Mon,  4 Aug 2014 01:03:22 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=200608; d=email.nolo.com;
 h=From:To:Subject:Date:List-Unsubscribe:MIME-Version:Reply-To:Message-ID:Content-Type; [email protected];
 bh=elggxZHoBbfhpsXAZdtXucml9K0=;
 b=m9HCcoImjT/TEnaCSYK4nlY8GpWPn6nJy/6ob1IHXHk+AJcTc1vpJmYl5fF30AIc8j+NenJ6JiU9
  +/kwxPd99DuDAMGVumbqUG/c2JKu8YZjsy/IDHfOK74puqpD6TGPdf/s8sMdEwSRCSLHvS5sG9wB
  xB11K8ZXTEIcKHTJvBg=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=200608; d=email.nolo.com;
 b=FeuoXhW7Int+nkJ9Hr87DYkZ+hJZ6iE8kEriE8ToBX9Q7qwuz54TBlhj7fC8AwKGCAM9mqABCxob
  ZJ5Od3VtDhNE8R2y3kA55nV+19vTnRst5GojWlSHY46V+AKyET4F9AvQdh9ybha0CWgpW8VCzAwW
  rj42lJVxRpGpiSB6HaM=;
Received: by mta.email.nolo.com id hrsa1k163hs0 for <[email protected]>; Sat, 2 Aug 2014 01:37:57 -0600 (envelope-from <[email protected]>)
From: "Nolo" <[email protected]>
To: <[email protected]>
Subject: Nolo's Business Breakdown | Take 40% Off
Date: Sat, 02 Aug 2014 01:37:22 -0600
List-Unsubscribe: <mailto:leave-fd7c1c771a3c402029-fe1f[email protected]leave.email.nolo.com>
MIME-Version: 1.0
Reply-To: "Internet Brands" <[email protected]com>
x-job: 1325274_9320395
Message-ID: <[email protected]>
Content-Type: multipart/alternative;
    boundary="BI7bOBR724Yy=_?:"

</[email protected]></[email protected]com></mailto:leave-fd7c1c771a3c402029-fe1f[email protected]leave.email.nolo.com></[email protected]></[email protected]></[email protected]></[email protected]></[email protected]></[email protected]>

JimC Aug 4, 2014 10:05 AM

Hey yxejamir

No, I don't think they're related. But, it does look like there is a massive campaign going on from that sender (mta.email.nolo.com 198.245.88.1)

That sender has been added to some spam blacklists as recently as 4 days ago. Here are some of the blacklists it's on now:

http://mxtoolbox.com/<wbr>SuperTool.aspx?action=<wbr>blacklist%3a198.24 5.88.1&run=<wbr>emailheaders

The questions is where they're getting the e-mail addresses from. Hopefully, it was just a mail server that you're using that was compromised that had your address in it, versus anything on our end.

But, I'm forwarding the information to our corporate IT Staff for further investigation, just to be on the safe side. Thanks for the report.

yxejamir Aug 7, 2014 3:51 AM

Brute forces
 
Quote:

Originally Posted by JimC (Post 1378374)
Hopefully, it was just a mail server that you're using that was compromised that had your address in it, versus anything on our end.

On the one hand, I give out a different email address to each website, so the leaked email address was unique to this forum. On the other hand, my account here is so old, and my password was so weak, that it’s no surprise if a short brute force attack could break into it.

JimC Aug 7, 2014 3:43 PM

It should be OK.

Basically, our investigation determined that a partner company (nolo.com, owned by Internet Brands, our parent company) inadvertently sent e-mail for a marketing campaign to e-mail addresses related to other sites owned by Internet Brands like ours.

This was not intended (it was just a problem with the way the e-mail addresses were queried from a common database with info stored for multiple sites), and it was an isolated incident

IOW, our member databases were not compromised (it was only a mistake related to the marketing campaign)

My apologies for any concern over it, as I didn't realize that nolo.com was owned by our same parent company (Internet Brands) until after the investigation by our IT department was completed, and they figured out what went wrong.


All times are GMT -5. The time now is 9:40 AM.