Go Back   Steve's Digicams Forums > Welcome Center > Contact Steve's

Reply
 
Thread Tools Search this Thread
Old Jul 15, 2014, 10:05 AM   #1
Senior Member
 
VTphotog's Avatar
 
Join Date: Mar 2005
Location: Extreme Northeastern Vermont, USA
Posts: 4,229
Default Login problems

For the past few days, I have been having to repeatedly log in to the forums. It can take two or three tries before the forum recognizes me, despite using the 'remember me' check box. Once in, I can return that day, but the next day I need to start all over again.
Not sure if this is a general forum problem, or possibly a change to my ad blocking software which has caused this.

brian
VTphotog is offline   Reply With Quote
Sponsored Links
Old Jul 15, 2014, 10:10 AM   #2
Senior Member
 
billy's Avatar
 
Join Date: May 2004
Location: Ohio USA
Posts: 1,733
Default

I haven't had an issues myself, using Firefox or Chrome.

I'm going to guess that your ad blocking software is the culprit. If you're blocking cookies, it's possible the forums can't recognize that it's you when you return (it can't remember you if you're blocking transmission of identifying cookies).

I'm no expert, just tossing out my $.02
billy is offline   Reply With Quote
Old Jul 15, 2014, 6:35 PM   #3
Senior Member
 
VTphotog's Avatar
 
Join Date: Mar 2005
Location: Extreme Northeastern Vermont, USA
Posts: 4,229
Default

I have things set up to allow cookies, except for tracking cookies, and I don't have any problems with other vbulletin forums.
I'll do some experimenting to see what I can find.
VTphotog is offline   Reply With Quote
Old Jul 15, 2014, 6:45 PM   #4
Senior Member
 
billy's Avatar
 
Join Date: May 2004
Location: Ohio USA
Posts: 1,733
Default

Let me know if you're still having issues.
billy is offline   Reply With Quote
Old Aug 3, 2014, 5:30 PM   #5
Senior Member
 
VTphotog's Avatar
 
Join Date: Mar 2005
Location: Extreme Northeastern Vermont, USA
Posts: 4,229
Default

It appears my ISP was changing around IP address blocks, which may have caused the difficulties. There were a couple other sites which were giving difficulties, but it seems to be stable now.
VTphotog is offline   Reply With Quote
Old Aug 4, 2014, 4:13 AM   #6
Junior Member
 
yxejamir's Avatar
 
Join Date: Jul 2006
Posts: 6
Default My email address has been stolen from this site

My email address has been stolen from this site and began seeing spam sent to it a few hours ago. Could that be related?

The spam subject was “Nolo's Business Breakdown | Take 40% Off”, see full headers below (my email address hidden with XXX):
Code:
Return-Path: 
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
     by sloti31d1t05 (Cyrus git2.5+0-git-fastmail-9860) with LMTPA;
     Mon, 04 Aug 2014 01:03:27 -0400
X-Sieve: CMU Sieve 2.4
X-Spam-score: 2.9
X-Spam-hits: BAYES_05 -0.5, DCC_CHECK 1.1, HTML_MESSAGE 0.001, RCVD_IN_BL_SPAMCOP_NET 2,
  RCVD_IN_DNSWL_NONE -0.0001, RCVD_IN_UNSUBSCOREBL 1,
  RP_MATCHES_RCVD -0.668, SPF_PASS -0.001, LANGUAGES en, BAYES_USED user,
  SA_VERSION 3.3.2
X-Spam-source: IP='198.245.88.1', Host='mta.email.nolo.com', Country='US',
  FromHeader='com', MailFrom='com'
X-Spam-charsets: plain='us-ascii', html='us-ascii'
X-Resolved-to: aXXXXXl+[email protected]
X-Delivered-to: [email protected]
X-Mail-from: bounce-87_HTML-434844759-9320395-132...email.nolo.com
Received: from mx1 ([10.202.2.200])
  by compute1.internal (LMTPProxy); Mon, 04 Aug 2014 01:03:27 -0400
Received: from mta.email.nolo.com (mta.email.nolo.com [198.245.88.1])
    by mx1.messagingengine.com (Postfix) with ESMTP id 917DCF2077C
    for ; Mon,  4 Aug 2014 01:03:22 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=200608; d=email.nolo.com;
 h=From:To:Subject:Date:List-Unsubscribe:MIME-Version:Reply-To:Message-ID:Content-Type; [email protected];
 bh=elggxZHoBbfhpsXAZdtXucml9K0=;
 b=m9HCcoImjT/TEnaCSYK4nlY8GpWPn6nJy/6ob1IHXHk+AJcTc1vpJmYl5fF30AIc8j+NenJ6JiU9
   +/kwxPd99DuDAMGVumbqUG/c2JKu8YZjsy/IDHfOK74puqpD6TGPdf/s8sMdEwSRCSLHvS5sG9wB
   xB11K8ZXTEIcKHTJvBg=
DomainKey-Signature: a=rsa-sha1; c=nofws; q=dns; s=200608; d=email.nolo.com;
 b=FeuoXhW7Int+nkJ9Hr87DYkZ+hJZ6iE8kEriE8ToBX9Q7qwuz54TBlhj7fC8AwKGCAM9mqABCxob
   ZJ5Od3VtDhNE8R2y3kA55nV+19vTnRst5GojWlSHY46V+AKyET4F9AvQdh9ybha0CWgpW8VCzAwW
   rj42lJVxRpGpiSB6HaM=;
Received: by mta.email.nolo.com id hrsa1k163hs0 for ; Sat, 2 Aug 2014 01:37:57 -0600 (envelope-from )
From: "Nolo" 
To: 
Subject: Nolo's Business Breakdown | Take 40% Off
Date: Sat, 02 Aug 2014 01:37:22 -0600
List-Unsubscribe: 
MIME-Version: 1.0
Reply-To: "Internet Brands" 
x-job: 1325274_9320395
Message-ID: 
Content-Type: multipart/alternative;
    boundary="BI7bOBR724Yy=_?:"
yxejamir is offline   Reply With Quote
Old Aug 4, 2014, 10:05 AM   #7
Administrator
 
Join Date: Jun 2003
Location: Savannah, GA (USA)
Posts: 22,378
Default

Hey yxejamir

No, I don't think they're related. But, it does look like there is a massive campaign going on from that sender (mta.email.nolo.com 198.245.88.1)

That sender has been added to some spam blacklists as recently as 4 days ago. Here are some of the blacklists it's on now:

http://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a198.245.88.1&run=emailheaders

The questions is where they're getting the e-mail addresses from. Hopefully, it was just a mail server that you're using that was compromised that had your address in it, versus anything on our end.

But, I'm forwarding the information to our corporate IT Staff for further investigation, just to be on the safe side. Thanks for the report.
JimC is offline   Reply With Quote
Old Aug 7, 2014, 3:51 AM   #8
Junior Member
 
yxejamir's Avatar
 
Join Date: Jul 2006
Posts: 6
Default Brute forces

Quote:
Originally Posted by JimC View Post
Hopefully, it was just a mail server that you're using that was compromised that had your address in it, versus anything on our end.
On the one hand, I give out a different email address to each website, so the leaked email address was unique to this forum. On the other hand, my account here is so old, and my password was so weak, that it’s no surprise if a short brute force attack could break into it.
yxejamir is offline   Reply With Quote
Old Aug 7, 2014, 3:43 PM   #9
Administrator
 
Join Date: Jun 2003
Location: Savannah, GA (USA)
Posts: 22,378
Default

It should be OK.

Basically, our investigation determined that a partner company (nolo.com, owned by Internet Brands, our parent company) inadvertently sent e-mail for a marketing campaign to e-mail addresses related to other sites owned by Internet Brands like ours.

This was not intended (it was just a problem with the way the e-mail addresses were queried from a common database with info stored for multiple sites), and it was an isolated incident

IOW, our member databases were not compromised (it was only a mistake related to the marketing campaign)

My apologies for any concern over it, as I didn't realize that nolo.com was owned by our same parent company (Internet Brands) until after the investigation by our IT department was completed, and they figured out what went wrong.
JimC is offline   Reply With Quote
 
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -5. The time now is 9:43 AM.