Support - User contributions [en]

Zimbra webmail

2025-07-05T15:34:31Z

Gd887: /* Saving messages */

:[https://www.youtube.com/zimbra ''Also see the official Zimbra tutorial videos'']
[[File:ZimbraLogo.png|right]]
Zimbra is a free, open source software webmail system that was developed by VMware of Palo Alto, California. In July 2013, it was sold by VMware to Telligent Systems and that company than changed its name to Zimbra, Inc. in September 2013. The webmail system continues to be actively developed.

Zimbra version 7 was extensively tested at NCF during 2011 and rolled out as NCF's new e-mail system in February, 2012. Zimbra replaced the old "Messenger Express" interface which was becoming unsupportable due to its age and also which did not support modern mobile devices, such as smart phones and tablets very well. On 5 February 2015 Zimbra version 7 was replaced by version 8, with the initial deployed version 8.6.0. Zimbra 8 introduces some minor interface improvements, new themes, as well as back-end efficiencies.

The Zimbra mail system provides many features not previously available at NCF. For a brief rundown of some of those features, read the [http://www.ncf.ca/ncf/home/zimbraIntro.jsp Introduction to Zimbra] page.

==Accessing the Zimbra Web Client==

The Zimbra Web Client can be accessed by clicking on [http://www.ncf.ca/ncf/home/zimbra.jsp Get Your NCF Webmail] on the [http://start.ncf.ca/ NCF Startpage].

The standard webmail features are all there - read, reply, compose new e-mail, and manage addresses. However, Zimbra has much more to offer.

There are three versions of Zimbra:

;Standard
:for users with slow connections such as dial-up (no spell-checking)
;Advanced
:for users with highspeed (with spell-checking that can be enabled at ''Preferences→ Mail→ Composing→ Mandatory spellcheck'')
;Mobile
:for phones, tablets and other mobile devices using 3G and other phone networks for connection

You can select between standard and advanced versions at ''Zimbra Preferences→General→Login Options''.

[[File:Zimbra8_advanced_preferences_client.png|800px]]

Zimbra should automatically detect mobile devices and provide the mobile version to them. If it does not detect the device, try accessing Zimbra directly at [https://mail.ncf.ca/ https://mail.ncf.ca/].

[[File:Zimbra Mobile Log-in.png]]

==Timing out==
The NCF implementation of Zimbra is set to time out after 45 minutes of inactivity, meditated by cookies set on your computer. The time out feature is for security, so that an unattended computer won't compromise your email account.

Zimbra will automatically log you out if you open it in two or more different browser tabs at the same time. Instead of doing that you can have multiple Zimbra tabs open in one browser tab, such as having several emails under composition at once and you are able to click between them.

==Help files==

Zimbra includes a large number of built-in help files that explain many features and how they work, which can be found at "Help".

[[File:Zimbra8_help.png|800px]]

==Zimbra doesn't look right==
If the Zimbra webmail interface doesn't look right, with elements overlapped, "squashed", interfering with each other, or just plain don't work then the problem is likely that you are using a very old [[browser]], such as Internet Explorer 6, 7 or 8, Firefox 3 or similar old browsers. Zimbra has a modern web-standards-compliant interface and will only display properly in modern standards-compliant browsers.

Zimbra has been tested and works very well in the current versions of the following browsers:

{{Recommended browsers}}

All of these are recommended for use with Zimbra.

Testing with Internet Explorer 9, 10 and 11 has shown that these browsers don't always display properly even though Zimbra is standards compliant and IE9, 10 and 11 are supposed to be standards compliant browsers as well. According to member reports Zimbra 8 seems to work better with IE11, although it may be necessary to add https://mail.ncf.ca to "trusted sites" and also add it in ''Tools''→''Compatibility View'' as well.

If you are using IE9, 10 or 11 and and Zimbra doesn't display properly do try one of the browsers listed above - they are all free downloads.

===Microsoft Internet Explorer 6 and other very old browsers===
If you try to sign into Zimbra with an old web browser, such as Microsoft Internet Explorer 6 (IE6), which was first released on 27 August 2001, you will get a warning page like this:

[[File:Zimbra IE Warning.png]]

If you proceed anyway by clicking "Skip To Webmail" you will find that it loads the "standard" version and that many features don't work, like pane resizing. Also, in our testing, trying to use features, such as adding attachments, results in the browser crashing.

Zimbra in IE6:

[[File:Zimbra in IE6.png]]

'''NOTE:''' Due to a serious security vulnerability found on 14 February 2014 and [[Browsers#Internet_Explorer_10_and_earlier|described here]] no one should be using IE10 and earlier versions after that date.

Basically IE6 is too old a browser to use with modern webpages and services, such as Zimbra. Get a newer free browser, such as:

{{Recommended browsers}}

===Missing Zimbra folders in Firefox===
In December 2016 a new issue appeared where Zimbra's folders, usually displayed on the left side of the interface, had disappeared in Firefox. NCF's Sysadmin determined that the issue was the popular add-on, [https://www.eff.org/privacybadger Privacy Badger], that many people use with Firefox. A new version of Privacy Badger, version 2016.12.8, seemed to be the culprit here and it was reported to the developers. An update to Privacy Badger on 16 December 2016 to version 2016.12.15.1 fixed this, but if it reoccurs it can be also temporarily fixed by disabling Privacy Badger.

==I can't find my messages, or I can't see the message size!==

Zimbra by default groups messages into conversations, just like Google's Gmail does. This is called "By Conversation" and can be confusing to people who have not used this before. In some cases, you won't see as much detail for each message.

In conversation view you can expand a conversation (collection of related e-mails) to see the individual e-mails, by just double clicking them. You can then restore them to a single conversation by clicking "Inbox" again. You can also show them by clicking on the arrow on the left side of the conversation to open the list of messages and then click the arrow again to collapse them. Conversation view actually works quite well once you get used to it.

If you are having trouble with conversation view, try changing the view to the more traditional "By Message" view.

Standard Client:
[[File:Zimbra8_standard_mail_preferences.png|800px]]

Advanced Client:
[[File:Zimbra8_advanced_view.png|800px]]

Message size (in KB) is now shown in Zimbra for all messages when in "by message" view and single messages when in "by conversation" view. In "by conversation" view when a conversation consists of more than one message Zimbra will show the number of messages in brackets under "size". The message sizes can easily be seen in "by conversation" view by clicking the left arrow for the conversation, which expands to show each message and its size.

[[File:Zimbra8_advanced_conversation.png|800px]]

==Language==
Zimbra enables a number of language choices at ''Perferences→General→Login Options''.

[[File:Zimbra8_advanced_language.png|800px]]

==Spelling==

The advanced version of Zimbra includes spell-checking, which can be selected on at ''Preferences→Mail→Composing→Mandatory spellcheck''

Users with slow connections, using the standard version of Zimbra, who desire spell checking should use a [[browser]] that provides built-in spell checking, such as:

{{Recommended browsers}}

or basically any modern browser except Microsoft Internet Explorer and Microsoft Edge.

[[File:Zimbra8_advanced_spellcheck.png|800px]]

==Contact and Calendar Sync==
Zimbra provides CalDAV and CardDAV services for 2-way synchronization of contacts and calendars. This allows you to benefit from network-accessible calendars viewable in the Zimbra web client while still using your favourite native clients.

Examples of clients that support CalDAV (for calendar sync):
* Mozilla Thunderbird (with the Lightning calender extension)
* Mozilla Sunbird
* Apple iCal
* Apple iPhone, iPad, iPod
* Evolution

Unfortunately, Microsoft Outlook does not include support for CalDAV. Windows users will need to use a specialized calendar app (eg. Mozilla Sunbird), or consider switching to Mozilla Thunderbird.

Examples of clients that support CardDAV (for contacts sync):
* Mozilla Thunderbird (see [[Zimbra: Thunderbird Contacts]])
* Apple Address Book
* [[IPhone|Apple iPhone, iPad, iPod]]
* Evolution

===Client Configuration===
Generally, the details are as follows.

CardDAV URL: <pre>https://mail.ncf.ca/dav/ab123@ncf.ca/Contacts</pre>

CalDAV URL: <pre>https://mail.ncf.ca/dav/ab123@ncf.ca/Calendar</pre>

Note that the final bit of the URL is important, it denotes the name of the Contact or Calendar folder. If you have a Contact folder named "Work", the URL would be:

<pre>https://mail.ncf.ca/dav/ab123@ncf.ca/Work</pre>

If you have a Calendar named "Soccer Practice", the URL would be:

<pre>https://mail.ncf.ca/dav/ab123@ncf.ca/Soccer Practice</pre>

===Step-by-step Instructions===

* [[Zimbra: Thunderbird Contacts]]
* [[Zimbra: Thunderbird Calendar]]
* [[IPhone|Apple iPhone, iPad, iPod]]

==Zimbra address book==
Zimbra includes an address book with no limits on the number of addresses you can enter.

See [[Zimbra: Thunderbird Contacts]] for information on synchronizing lists of contacts in Thunderbird and Zimbra using the Zindus add-on for early versions of Thunderbird and the CardBook add-on for later versions of Thunderbird.

===Importing contacts===
Contacts can be imported into Zimbra from other e-mail clients quickly.

Save the contacts from your existing e-mail client in a common Comma Separated Variable (CSV) format, such as "Outlook Contacts". To import them into Zimbra go to ''Preferences→Import/Export→Import''. From here you can click though to the CSV file, designate what type of file format it is in (ie "Outlook Contacts" format) and then which address book you want the contacts to go into, such as "Contacts".

You should note that some formats work better than others. For instance if you are exporting an address book from Gmail to import it into Zimbra, do not use "Google CSV format" as it will result in all your Zimra contacts having no names attached to them. Instead, export the contacts from Gmail in "Outlook CSV Format", and then import them into Zimbra as "Outlook Contacts".

[[File:Zimbra8_advanced_import.png|800px]]

===Moving contacts===
Every e-mail address that you exchange e-mail with will be automatically saved under "Emailed contacts". You can leave them there or transfer them to your "Contacts" address book by going to ''Address book→Emailed contacts→ Check name to be move→"Move selected item" (folder with arrow icon)→ select address book''.

[[File:Zimbra8_advanced_contact_move.png|800px]]

===Deleting contacts===
To delete contacts in Zimbra just go to ''Address Book→Emailed Contacts (or Contacts)→right click'' on the desired email address and select "delete". Alternatively you can also check the contact to be deleted and then click "delete".

[[File:Zimbra8_advanced_contact_delete.png|800px]]

Sometimes when composing an email, Zimbra will suggest a contact that was once in your address book but has been deleted. These can be removed by hovering over the suggested name and clicking "forget", when that option appears.

===If you don't want new contacts added to "Emailed Contacts"===
By default Zimbra collects the addresses of new people who you send emails to to in "Emailed Contacts". If you don't want it to do this you can select it off at ''Preferences→Address Book→Options→uncheck: Add new contacts to "Emailed Contacts"''.

If you already have collected email addresses in "Emailed Contacts", you can delete them at ''Address Book→Emailed Contacts→Ctrl+A→Delete''. You can also move all these contacts to you address book by selecting them all and them ''right click→Move→Contacts''.

[[File:Zimbra8_advanced_preferences_contacts.png|800px]]

===Exporting contacts===
You may want to export your contacts to install them in a different mail client, such as Microsoft Outlook, or just to back them up. You can export your contacts in Comma-Separated Variable (CSV) format by going to ''Preferences→Import/Export→Export''" and then selecting what to export (contacts), format (for example ''Outlook Contacts'') and then the source ''Contacts'' or ''Emailed Contacts''. Note that the general selection of ''All Folders'' is inoperative and will produce an error "Not allowed to export from root folder for this type".

[[File:Zimbra8_advanced_export.png|800px]]

==Composing an e-mail with formatting==
E-mails can be composed in plain text or in HTML. HTML allows underlining, bold text, changing text size and font and other formatting to be used.

===Advanced version===
To select HTML as your default for composing an e-mail in the advanced version of Zimbra go to ''Preferences→Mail→Composing''.

[[File:Zimbra8_advanced_preferences_composing.png|800px]]

===Standard version===
To select HTML as your default for composing an e-mail in the standard version of Zimbra go to ''Preferences→Composing→Compose→As HTML''.

[[File:Zimbra8_standard_preferences_composing.png|800px]]

==Adding addresses to a message==
In Zimbra addresses can be added to an outgoing e-mail message by typing the address in manually or by clicking on "To", "CC" or "Show BCC" and then "BCC", which opens your address list and allows selecting the addresses.

[[File:Zimbra8_advanced_addressing.png|800px]]

==Adding groups of addresses to a message==
Adding a group of contacts to an e-mail is easy in Zimbra. First create a contact group, by going to ''Address Book→Emailed Contacts (or Contacts)'' and then select ''New→down arrow→Contact Group'' and complete the form to select members and name for your group. When composing an e-mail you may now select the group as if it were a single address, by clicking "To", "CC" or "BCC" in the e-mail.

[[File:Zimbra8_advanced_contact_group.png|800px]]

==Saving and sending drafts==
Zimbra allows saving partially completed e-mails so you can work on them and send them later. When you are ready to save, just click "Save Draft". When you want to work on the e-mail again select the "Drafts" folder, double click on the e-mail and it will open for editing. When you are ready to send it just click "Send", or "Save Draft" again to continue working on it later.

[[File:Zimbra8_advanced_draft.png|800px]]

==Adding attachments==
Adding an attachment is very simple in Zimbra. In the message composition view just click on "Add Attachment" and select where the attachment is to be added from your computer, your briefcase or your contacts. When located click "attach" and the attachment will be sent with the e-mail.

Once attached, an attachment can be omitted from being sent with the e-mail by simply unchecking the attachment in the message composition view.

[[File:Zimbra8_advanced_attach.png|800px]]

==Requesting e-mail receipts==
E-mail receipts are generally not used anymore, but Zimbra does have the capability to request receipts from the person receiving the e-mail. To enable this for a specific e-mail being composed, while editing the e-mail go to ''Options→Down Arrow→Request Read Receipt''.

[[File:Zimbra8_advanced_read_receipt.png|800px]]

==Using aliases==
Zimbra allows sending from registered [[Email Alias]]. When composing a message simply click the down arrow under "from" and select which address Zimbra should show the message as coming from.

[[File:Zimbra 8 Using aliases.png|800px]]

==Using NCF disposable e-mail addresses==
Disposable e-mail addresses that you create on the [http://www.ncf.ca/ncf/home/spamfilter/disposables.jsp NCF website] can then be managed in Zimbra from ''Preferences→Accounts''.

[[File:Using NCF disposable e-mail addresses on Zimbra 8.png|800px]]

==Have Zimbra get your e-mail from other accounts==
Zimbra can get your e-mail from your Gmail, Hotmail or other POP or IMAP accounts. You can set this up at ''Preferences→Accounts→Add External Account''.

Of course you can always go into your external account and just it forward your mail from there to your NCF e-mail address as well.

[[File:Have Zimbra get your e-mail from other accounts on Zimbra8.png|800px]]

==Have Zimbra forward your e-mail==
Zimbra can forward your e-mail to your Gmail, Hotmail or other mail accounts. You can set this up at ''Preferences→Mail→Message Arrival→Forward a copy to''. You can also select "Don't keep a local copy of messages", if desired.

[[File:Forward mail in Zimbra 8.png|800px]]

==Changing your "from" name used in outgoing e-mail==
Zimbra allows changing who the e-mail is from, so you can show only your first name, last name or any other text you like. To select this in Zimbra just go to ''Preferences→Accounts→Persona Settings'' and enter your preferred text.

[[File:Changing your "from" name used in outgoing e-mail on Zimbra 8.png|800px]]

==Searching==
One of Zimbra's strongest features is its ability to find e-mail, people in your address book, briefcase items and other things using its built-in search function. No more manually poring though your inbox, sent message lists or trash for messages!

To search for something just enter the search term (for example, an e-mail address) in the search box on any page. Select where you want to search on the pull-down menus (All Item types, Mail, Contacts, Appointments, Files and can include shared items) and then click "search".

Searches you want to run again in the future can also be saved, by just clicking "save".

[[File:Zimbra8_advanced_search.png|800px]]

===Searching for unread messages===
Zimbra makes it easy to list your unread messages.

In the Zimbra mail search box enter "in:inbox is:unread" and this will show all unread messages in your inbox.

You can also click on 'Save' to save the search, and call it "Inbox Unread". Next time you want this search view, I just click on "Inbox Unread" under saved searches.

You can also just click on the search magnifying glass to access the Search window, and then check off the Basic Filters checkboxes to quickly filter by unread, or flagged, or whether the email has an attachment.

Additionally, you can access advanced filters which provide a high level of searching power to find messages you thought you'd lost!

[[File:Zimbra8_advanced_search_options.png|800px]]

==Attachments==
===Downloading attachments===
When an e-mail arriving in Zimbra includes an attachment this may be downloaded and then opened by reading the e-mail and then in that view at the top of the e-mail, between the addresses and the text, by clicking on "Download". You can also choose to "Remove" it from the e-mail or send it to the "Briefcase" for saving or sharing.

When there are multiple attachments, there will also be "Download all attachments" and "Remove all attachments" links.

[[File:Zimbra8_advanced_download_attachments.png|800px]]

===Zimbra indicates an attachment but the e-mail doesn't have one===
Zimbra may sometimes indicate an attachment is present when the sender has embedded a small file in the e-mail, like an emoticon. When the receiver tries to locate the attachment it seems to be missing, but it is actually there, embedded in the e-mail. ;-)

In the example below Zimbra shows an attachment, but the e-mail only has embedded emoticons. Also because the e-mail contains no text, the "fragment" preview feature only shows [?] for each emoticon.

[[File:Zimbra indicates an attachment but the e-mail doesn't have one on Zimbra 8.png|800px]]

==Saving messages==
NCF provides 3GB of storage with your e-mail account. For the average user this is probably enough for four months worth of mail, so you may want to keep some mail and delete other items. Some members have been storing mail they want to keep in their "Trash" file. The problem with doing this is trash is auto-deleted after 30 days. It may make more sense to save the e-mail that you want to keep in a new folder.

New folders are easy to create, just click on the new folder icon in the folder pane, as shown and then name it and decide where to put the new folder in relation to the existing folders. The illustration below shows where to click to create a new folder and shows a new custom folder that was created called "Archive".

By right clicking on any existing e-mail message you can select "Move" and send it to your new folder for safe keeping.

[[File:Saving messages on Zimbra 8.png|800px]]

==Exporting your e-mail==
You can easily export some or all of your e-mail to your own computer, to free up space in your Zimbra account without losing your e-mail. You can export mail between certain dates this way as well.

To do this go to ''Preferences→ Import/Export→ Account→ Check Advanced settings→ Mail'' and then dates as desired→ ''Export''. The file will be downloaded from your browser as a .tgz archive file which can be extacted and the individual .eml e-mail files read in any text editor.

[[File:Exporting email on Zimbra 8.png|800px]]

==Spam handling==
The current NCF implementation of Zimbra has the spam control, found at ''Preferences→Mail'', disabled so that e-mail messages will not be delivered to Junk folders, or otherwise blocked when sent through from NCF yellowmail.

[[File:Spam handling on Zimbra 8.png|800px]]

==Showing message headers==
Headers for e-mail can give you a lot of information about where the e-mail came from, like its originating IP address. To see the raw MIME format text: mouse over the message ''title→right click→Show Original'' and the raw text and headers will open in a new text-only browser window.

[[File:Zimbra8_advanced_show_original.png|800px]]

==Vacation messages==
Setting vacation messages is not recommended for security reasons. Complete information on this is found in the [[Tips (Email)]] article.

==How much storage space are you using?==
In Zimbra this is easy to see! Just "mouse-over" the place at the top where you name appears and it will display your quota and how much of it you are using, expressed in MB and as a percentage of space available.

[[File:Zimbra8_advanced_usage.png|800px]]

==Deleting mail==
Currently NCF provides 3GB of storage space for your email. When you use this up you will want to delete some old and large messages to make room for newer ones. The easiest way to do this is to sort the messages in each folder by size and then delete the largest ones, normally those with lots of attachments.

This is most easily accomplished by using the "Reading Pane At The Bottom" view, as it allows sorting by message size. This is the default view, but if you are using another view you can switch to this view at ''View→Reading Pane At The Bottom''.

Once you have this view, sort by message size in each folder, by clicking ''Size'' and then selecting the arrow ''down'' to show largest at the top. The messages you want to delete can then be checked in the check-box on the left of the message line and deleted, by clicking ''delete''.

To complete deleting email, you will need to check all the email folders you have and delete any messages desired. Mail in trash will be deleted automatically after 30 days, but to take advantage of the space freed up you will need to empty your trash right away.

'''Note''': In some cases particular message threads cannot be deleted and just keep reappearing. If this occurs try changing the view from "by conversation" to "by message" and delete them in that view. Once deleted the view can be changed back.

[[File:Zimbra8_advanced_sort_by_size.png|800px]]

===Deleting Large Messages===
It is also convenient in Zimbra 8 to access Search and search by message size.

To do so:

Click on the Search magnifying glass on the right of the Search box, and then click on Size... is larger than... and then type in a size, say, 1000 KB, and hit enter. Zimbra will list all messages larger than 1000KB.

You may notice the search filters listed near the top, it will say something like:

Found 100+ results for: in:inbox larger:1000KB

If you click on the 'x' over "in:inbox" that will remove that filter. This may be helpful, if you want to find large messages across all folders, not just the inbox.

[[File:Zimbra8_advanced_search_size.png|800px]]

==Recovering deleted e-mail==
E-mail that has been deleted from Zimbra or that has been taken off the server by a POP client can usually be recovered at ''Trash→right click→recover deleted items''.

[[File:Zimbra8_advanced_recover_deleted.png|800px]]

==Mini calendar==
By default Zimbra shows a mini calendar in its bottom left corner. If you want to turn this off you can at ''Preferences→Calender→Always Show the Mini Calender→uncheck''.

[[File:Zimbra8_advanced_minicalendar.png|800px]]

==Briefcase==
Zimbra allows you to share files or access your own files remotely via a briefcase. For complete information see [[Zimbra: Briefcase]].

==Zimbra Limits at NCF==
There are several limits you may encounter in your use of Zimbra.
# '''Mail storage size''' - members are allocated 3GB of storage. This contains all the mail and briefcase data. Members must manage their space within that limit. See [[#How much storage space are you using?|how to check your storage space.]]
# '''Mail message size''' - a maximum of of 56MB per message is allowed. The actual file size of the attachment is 20-30% less as special encoding is required to send it via email. If you have large files that you wish to share, there are a number of other file sharing approaches that may be better than attachments. One of those is using the Zimbra Briefcase - see [[Zimbra: Briefcase]].
# '''Sending rate''' - NCF limits the rate at which members can send out email to protect against spamming. A limit of 200 messages over a 4 hour span is in place. If you have large distribution lists that will exceed this, please contact the office - we have a solution.

==I don't like the way Zimbra looks==
Then change it. Zimbra 8 has 19 new colour themes you can choose from, ranging from dull and serious, to whimsical, to colourful, like the ''Hot Rod'' theme shown below. Next time you sign in Zimbra will remember your preferences and display your chosen theme.

To select a new theme go to ''Preferences→General→Login Options→Theme'' and chose one from the pull-down menu. They mostly look like what they sound like.

Incidentally, if you try them all and forget which one is the basic default theme, it is called ''Carbon''.

[[File:Zimbra8_advanced_theme.png|800px]]

==Why is it called that?==
Rumour has it that Zimbra webmail and the Zimbra Collaboration Server is named for the ''Talking Heads'' song [https://en.wikipedia.org/wiki/I_Zimbra I Zimbra] ([https://www.youtube.com/watch?v=b-RDJ4Z4XrQ video]) and that the song is in turn an adaptation of Dada poet Hugo Ball's poem "Gadji beri bimba."

==See also==
*[http://web.ncf.ca/aw958/mail_help_files/zimbra/index.html Instructions on setting up Zimbra Desktop client for NCF email] by Graeme Beckett, NCF
*[[Email blacklisting]]
*[[Email]] - configuring e-mail clients for POP and other general e-mail information
*[https://en.wikipedia.org/wiki/Zimbra Zimbra on Wikipedia]

Other pages with information about the '''Zimbra''' mail client:

* [https://www.youtube.com/zimbra Official Zimbra tutorial videos on YouTube]
* [http://www.ncf.ca/ncf/home/zimbraIntro.jsp Introduction to Zimbra] - the basics and how-to screenshots
* [[Zimbra: Thunderbird Calendar]] - information on importing a calendar from Zimbra to Thunderbird
* [[Zimbra: Thunderbird Contacts]] - information on synchronizing lists of contacts in Thunderbird and Zimbra using the ''Zindus'' add-on for early versions of Thunderbird and the ''CardBook'' add-on for later versions of Thunderbird.
* [[PlayBook|Blackberry PlayBook]] - configuring for email
* [[Blackberry 10]] - configuring for email and calender
* [https://mx3.ncf.ca:1443/cgi-bin/queuegraph.cgi Graph of the current NCF mail queue]

==External links==
*[https://www.zimbra.com/open-source-email-overview/ Official Zimbra Collaboration Server Open Source website]
*[https://files.zimbra.com/website/docs/8.6/ZCS_860_OS_ReleaseNotes_UpgradeInst.pdf Zimbra 8.6 release notes]
[[Category: Zimbra]]

Member Agreement

2025-01-24T20:44:39Z

Gd887:

This page has been moved to our main website: [https://www.ncf.ca/en/who-we-are/policies/membership-agreement/ <nowiki>[Membership Agreement]</nowiki>]

[[Category:Policy and Procedures]]

Used computers

2025-01-24T20:39:28Z

Gd887:

[[File:Computer being blanked.JPG|thumb|350px|right|A used desktop computer being blanked using [http://www.dban.org DBAN].]]
Many NCF members prefer to buy used or refurbished computers to save money over buying new hardware. NCF does not sell computers, but some of our members have made recommendations about good places to buy computer hardware, including used or refurbished computers and computer parts.

==Refurbished computers==
Many outlets sell discounted new computers that were factory-rejected for minor cosmetic flaws (scratches and dents) and term these ''refurbished''.

==Used and/or Refurbished computers==
NCF does not endorse any of the companies on this list and we have no business relationship with any of them, but NCF members have recommended these:

*[http://www.active123.com/ Active Electronics]
*[http://www.canadacomputers.com/ Canada Computers & Electronics]
*[http://compucorps.org/techstore/ CompuCorps]
*[http://www.everbest.on.ca/ Everbest Computer]
*[http://www.shoprbc.com/ ShopRBC]

==See also==
*[[Computer Help]] with fixing computers
*[[Using Windows safely]]

[[Category:Computer Help]]
[[Category:Privacy and Security]]

NCF shop

2024-12-12T20:48:17Z

Gd887:

(Note: As of 2024 NCF no longer has an online shop, nor offers any merchandise)[[File:Year2012018.JPG|thumb|right|An NCF volunteer shows off the NCF golf shirt and water bottle]]
National Capital FreeNet has an online shop where anyone can buy NCF items, such as:

*T-Shirts
*Golf Shirts
*Coffee Mugs
*Water Bottles
*and much more.

Buy some merchandise and show your support for NCF!

[[Category:Services]]

Email

2024-12-10T16:51:14Z

Gd887: /* Setting up a Mail Client or Mail Reader */

This page provides some basic information about NCF email, how it works and how to configure it.

For information on using the Zimbra webmail system, please see [[Zimbra]].

== Sending and receiving email ==
{{:Template:Quick Facts (Email)}}
===General information===
NCF provides every member with a personal email address. NCF email addresses are simply a member's account ID (eg., 'ab123') followed by '@ncf.ca', for example, 'ab123@ncf.ca'.

Optionally, you can arrange for an [[Email Alias|email alias]], for example, 'jsmith@ncf.ca'.

'''Important:''' If you already have an email address and do not plan to use your NCF email address, be sure to tell us, using [https://secure.ncf.ca/ncf/home/tools/preferences.jsp Change Preferences] at the bottom-right of the StartPage. NCF needs to be able to reach you about your account.

=== Receiving mail===
Incoming email for you is stored on NCF's computer until you ask for it.
There are two ways to receive email:

;Using NCF WebMail (browser-based)
:All you need to use WebMail is a web browser connected to the internet (eg., home, office, library, internet cafe, anywhere in the world via internet). No set-up is required. You read and send mail from the browser using the [[Zimbra]] interface and your mail is stored on an NCF computer. With WebMail, your email stays on the computers at NCF and is backed up there, too, to protect against loss.

:A disadvantage of using WebMail is that you have to stay connected to the internet while you are reading and composing your email.

;Using an email client (on your personal computer)
:Email client software allows your email to be transferred to your computer and then read there. The size of your mail archive can be as large as your hard drive.

:A disadvantage is that your mail is only accessible while you are at your own computer.

In the past personal computer-based mail clients were dominant, but in recent years the trend has been away from mail clients and towards server-based webmail, because of the convenience of being able to access the mail from any browser anywhere, even from phones and hand-held devices, as well as automatic back-ups.

== Zimbra Limits at NCF ==
There are several limits you may encounter in your use of Zimbra.
# '''Mail storage size''' - members are allocated 5GB of storage. This contains all the mail and briefcase data. Members must manage their space within that limit. See [[Zimbra webmail#How much storage space are you using.3F|how to check your storage space.]]
# '''Mail message size''' - the maximum message size allowed is 50MB. The actual file size of the attachments is 20-30% less due to the encoding is required to send it via email. If you have large files that you wish to share, there are a number of other file sharing approaches that may be better than attachments. One of those is using the Zimbra Briefcase - see [[Zimbra: Briefcase]].
# '''Sending rate''' - NCF limits the rate at which members can send out email to protect against spamming. A limit of 200 messages over a 4 hour span is in place. If you have large distribution lists that will exceed this, please contact the office - we have a solution.

== NCF Webmail ==
NCF Webmail allows you to compose, send, receive and manage your email using any browser. It is the easiest way to send and receive email while you are away from home. Your mail stays on the NCF's mail server. To use it, all you need is a web browser and connection to the Internet.

You can try WebMail by going to the [http://start.ncf.ca StartPage] and clicking on 'Get your NCF WebMail'. There is nothing to install on your computer.

Up to 5GB of email can be accumulated and stored in your WebMail Inbox and folders. NCF's storage capacity increases regularly as facilities are upgraded.

The NCF Webmail system runs the [[Zimbra]] mail system. For an overview of the benefits of Zimbra, please visit the [http://www.ncf.ca/ncf/home/zimbraIntro.jsp Introducing Zimbra] page.

For specific and detailed help on all things Zimbra, visit the [[Zimbra]] Help Page.

== Mail Clients (Mail readers) ==

Some common current mail clients, all available for download free of charge, are:

* [http://mail.live.com Microsoft Outlook]
* [https://www.mozilla.org/en-US/thunderbird/ Mozilla Thunderbird]
* [http://www.pmail.com/ Pegasus]

If you do not have a mail reader, you can download one for free. Once it is installed on your computer, you need to configure it so it knows from where to retrieve/send your email.

'''Notes:'''
*Microsoft Outlook Express is very outdated, has serious security problems, is no longer supported by Microsoft and is not recommended by NCF. See [http://en.wikipedia.org/wiki/Outlook_Express this article] for more detail on why you should replace it.
*Microsoft Outlook is commercial software and comes with ''Microsoft Office''.

=== Setting up a Mail Client or Mail Reader ===
Modern mail readers are pretty easy to set up. Typically you just need some of the information in the 'Quick Facts' box above.

For step-by-step instructions, click on your mail reader below:

Step-by-step instruction for popular mail readers:
* [[IPhone|iPhone, iPad, or iPod Touch]]
* [http://www.ncf.ca/ncf/support/android/ Android Devices (eg. Google Nexus One, Motorola Milestone, or HTC Hero)]
* [[Apple Mail|Apple Mail (2011)]]
*[[Windows Mail]]
* [http://www.ncf.ca/ncf/support/evolution.html Evolution Mail and Calendar]
* [[Microsoft Outlook 2016]]
* [http://www.ncf.ca/ncf/support/mail_thunderbird3.html Mozilla Thunderbird]
* [http://web.ncf.ca/aw958/mail_help_files/zimbra/index.html Zimbra Desktop email client] by Graeme Beckett, NCF

Step-by-step instructions for older mail readers, still in use on some systems:

(Note: as of November 2024 these clients may not support the TLS 1.2 encryption standard our mail servers require. You may need to use ports 25 (SMTP) and 143 (IMAP) or 110 (POP3) and disable SSL for them to work. This is not recommended though as these ports are unsecured, NCF recommends using a modern email client like the ones listed above.)
* [http://web.ncf.ca/glennj/ncf/bookshelf/appleMail/index.shtml Apple Mail (2006)]
* [http://www.ncf.ca/ncf/support/eudora.html Eudora Mail]
* [http://www.ncf.ca/ncf/support/outlook.html Microsoft Outlook Express]
* [http://www.ncf.ca/ncf/support/mail_thunderbird.html Mozilla Thunderbird 1.x or 2.x]
* [http://www.ncf.ca/ncf/support/ns71.html Netscape Mail]
* [http://www.ncf.ca/ncf/support/pegasusMail.html Pegasus Mail]
*[http://web.ncf.ca/aw958/mail_help_files/outlook_2003_setup/outlook_2003.html Microsoft Outlook 2003]
* [[Microsoft Outlook 2010]]
*[[BlackBerry 10]]
* [[PlayBook|Blackberry PlayBook]]

For information on whether you should set up your reader for POP or IMAP see [http://www.ncf.ca/ncf/support/pop_imap.html What's the difference between POP and IMAP?].

Keep in mind if you use an email client that it will not retrieve your yellow mail that the spam filter saves there for you.

=== I can receive email, but I can't send! (Relay Access Denied) ===
If your mail account appears to be setup correctly, but you are having trouble sending, it could be that you don't have SSL and authentication enabled.

Step-by-step instructions to update or confirm that your account is correctly configured for SSL and authentication:
* [http://www.ncf.ca/ncf/support/outlook_ssl.html Microsoft Outlook Express SSL Setup]
* [http://www.ncf.ca/ncf/support/mail_thunderbird_smtp.html Mozilla Thunderbird SSL Setup]
* [http://www.ncf.ca/ncf/support/windowsLiveMail_ssl.html Windows Live Mail SSL Setup]

== Spam Reduction ==

=== Customizing SpamFilter ===
Regardless of how you read your mail, you can use NCF's SpamFilter if you have problems with spam.

You can view or change your SpamFilter settings by going to the [http://start.ncf.ca StartPage], and clicking on [https://www.ncf.ca/en/members/email/yellowmail/settings SpamFilter set-up] under 'Email' in the left column. There is information on that page about how SpamFilter works and [http://www.ncf.ca/ncf/support/faqMaker.jsp?faq=2 Frequently Asked Questions] on customizing SpamFilter.

There is also [https://youtu.be/PWEibPkXCS0 a short video on setting SpamFilter options].

=== Blocking Specific Email Addresses ===
Spam can be difficult to stop as spammers are relentless, and can often send messages from many different emails, making it much more difficult to stop.

If the undesirable messages you are receiving are coming from the same address, it would be best to add a mail exception on your spam filtering page [https://www.ncf.ca/ncf/home/spamfilter/greenListMgr.jsp here] to ensure the offending address is blocked from sending you mail in the future.

Simply enter the offending email into the “Email address” bar and enter “Classification” as “Red” to ensure this address will be marked as spam and not be delivered to your mailbox in the future.

===Using Yellow Mail===
NCF provides a facility to screen mail items that your SPAM filter settings have found questionable before the mail enters your Zimbra inbox. This is called yellow mail. You can see a short video [[https://youtu.be/3rqLbGhvA8w here]] on how to use it.

==See also==
*[[Alternate email address]]
*[[Email Alias]]
*[[Email blacklisting]]
*[[Email spoofing]]
*[[Tips (Email)|Email tips]]
*[[Zimbra]] - for help on the Zimbra webmail system

[[Category: Email]]

Email

2024-12-10T16:50:26Z

Gd887: Got rid of broken windows live link, and moved windows mail to modern email clients as it's regularly updated

This page provides some basic information about NCF email, how it works and how to configure it.

For information on using the Zimbra webmail system, please see [[Zimbra]].

== Sending and receiving email ==
{{:Template:Quick Facts (Email)}}
===General information===
NCF provides every member with a personal email address. NCF email addresses are simply a member's account ID (eg., 'ab123') followed by '@ncf.ca', for example, 'ab123@ncf.ca'.

Optionally, you can arrange for an [[Email Alias|email alias]], for example, 'jsmith@ncf.ca'.

'''Important:''' If you already have an email address and do not plan to use your NCF email address, be sure to tell us, using [https://secure.ncf.ca/ncf/home/tools/preferences.jsp Change Preferences] at the bottom-right of the StartPage. NCF needs to be able to reach you about your account.

=== Receiving mail===
Incoming email for you is stored on NCF's computer until you ask for it.
There are two ways to receive email:

;Using NCF WebMail (browser-based)
:All you need to use WebMail is a web browser connected to the internet (eg., home, office, library, internet cafe, anywhere in the world via internet). No set-up is required. You read and send mail from the browser using the [[Zimbra]] interface and your mail is stored on an NCF computer. With WebMail, your email stays on the computers at NCF and is backed up there, too, to protect against loss.

:A disadvantage of using WebMail is that you have to stay connected to the internet while you are reading and composing your email.

;Using an email client (on your personal computer)
:Email client software allows your email to be transferred to your computer and then read there. The size of your mail archive can be as large as your hard drive.

:A disadvantage is that your mail is only accessible while you are at your own computer.

In the past personal computer-based mail clients were dominant, but in recent years the trend has been away from mail clients and towards server-based webmail, because of the convenience of being able to access the mail from any browser anywhere, even from phones and hand-held devices, as well as automatic back-ups.

== Zimbra Limits at NCF ==
There are several limits you may encounter in your use of Zimbra.
# '''Mail storage size''' - members are allocated 5GB of storage. This contains all the mail and briefcase data. Members must manage their space within that limit. See [[Zimbra webmail#How much storage space are you using.3F|how to check your storage space.]]
# '''Mail message size''' - the maximum message size allowed is 50MB. The actual file size of the attachments is 20-30% less due to the encoding is required to send it via email. If you have large files that you wish to share, there are a number of other file sharing approaches that may be better than attachments. One of those is using the Zimbra Briefcase - see [[Zimbra: Briefcase]].
# '''Sending rate''' - NCF limits the rate at which members can send out email to protect against spamming. A limit of 200 messages over a 4 hour span is in place. If you have large distribution lists that will exceed this, please contact the office - we have a solution.

== NCF Webmail ==
NCF Webmail allows you to compose, send, receive and manage your email using any browser. It is the easiest way to send and receive email while you are away from home. Your mail stays on the NCF's mail server. To use it, all you need is a web browser and connection to the Internet.

You can try WebMail by going to the [http://start.ncf.ca StartPage] and clicking on 'Get your NCF WebMail'. There is nothing to install on your computer.

Up to 5GB of email can be accumulated and stored in your WebMail Inbox and folders. NCF's storage capacity increases regularly as facilities are upgraded.

The NCF Webmail system runs the [[Zimbra]] mail system. For an overview of the benefits of Zimbra, please visit the [http://www.ncf.ca/ncf/home/zimbraIntro.jsp Introducing Zimbra] page.

For specific and detailed help on all things Zimbra, visit the [[Zimbra]] Help Page.

== Mail Clients (Mail readers) ==

Some common current mail clients, all available for download free of charge, are:

* [http://mail.live.com Microsoft Outlook]
* [https://www.mozilla.org/en-US/thunderbird/ Mozilla Thunderbird]
* [http://www.pmail.com/ Pegasus]

If you do not have a mail reader, you can download one for free. Once it is installed on your computer, you need to configure it so it knows from where to retrieve/send your email.

'''Notes:'''
*Microsoft Outlook Express is very outdated, has serious security problems, is no longer supported by Microsoft and is not recommended by NCF. See [http://en.wikipedia.org/wiki/Outlook_Express this article] for more detail on why you should replace it.
*Microsoft Outlook is commercial software and comes with ''Microsoft Office''.

=== Setting up a Mail Client or Mail Reader ===
Modern mail readers are pretty easy to set up. Typically you just need some of the information in the 'Quick Facts' box above.

For step-by-step instructions, click on your mail reader below:

Step-by-step instruction for popular mail readers:
* [[IPhone|iPhone, iPad, or iPod Touch]]
* [http://www.ncf.ca/ncf/support/android/ Android Devices (eg. Google Nexus One, Motorola Milestone, or HTC Hero)]
* [[Apple Mail|Apple Mail (2011)]]
*[[Windows Mail]]
* [http://www.ncf.ca/ncf/support/evolution.html Evolution Mail and Calendar]
* [[Microsoft Outlook 2016]]
* [http://www.ncf.ca/ncf/support/mail_thunderbird3.html Mozilla Thunderbird]
* [http://web.ncf.ca/aw958/mail_help_files/zimbra/index.html Zimbra Desktop email client] by Graeme Beckett, NCF

Step-by-step instructions for older mail readers, still in use on some systems:

(Note: as of November 2024 these clients may not support the TLS 1.2 encryption standard our mail servers require. You may need to use ports 25 (SMTP) and 143 (IMAP) and disable SSL for them to work. This is not recommended though as these ports are unsecured, NCF recommends using a modern email client like the ones listed above.)
* [http://web.ncf.ca/glennj/ncf/bookshelf/appleMail/index.shtml Apple Mail (2006)]
* [http://www.ncf.ca/ncf/support/eudora.html Eudora Mail]
* [http://www.ncf.ca/ncf/support/outlook.html Microsoft Outlook Express]
* [http://www.ncf.ca/ncf/support/mail_thunderbird.html Mozilla Thunderbird 1.x or 2.x]
* [http://www.ncf.ca/ncf/support/ns71.html Netscape Mail]
* [http://www.ncf.ca/ncf/support/pegasusMail.html Pegasus Mail]
*[http://web.ncf.ca/aw958/mail_help_files/outlook_2003_setup/outlook_2003.html Microsoft Outlook 2003]
* [[Microsoft Outlook 2010]]
*[[BlackBerry 10]]
* [[PlayBook|Blackberry PlayBook]]

For information on whether you should set up your reader for POP or IMAP see [http://www.ncf.ca/ncf/support/pop_imap.html What's the difference between POP and IMAP?].

Keep in mind if you use an email client that it will not retrieve your yellow mail that the spam filter saves there for you.

=== I can receive email, but I can't send! (Relay Access Denied) ===
If your mail account appears to be setup correctly, but you are having trouble sending, it could be that you don't have SSL and authentication enabled.

Step-by-step instructions to update or confirm that your account is correctly configured for SSL and authentication:
* [http://www.ncf.ca/ncf/support/outlook_ssl.html Microsoft Outlook Express SSL Setup]
* [http://www.ncf.ca/ncf/support/mail_thunderbird_smtp.html Mozilla Thunderbird SSL Setup]
* [http://www.ncf.ca/ncf/support/windowsLiveMail_ssl.html Windows Live Mail SSL Setup]

== Spam Reduction ==

=== Customizing SpamFilter ===
Regardless of how you read your mail, you can use NCF's SpamFilter if you have problems with spam.

You can view or change your SpamFilter settings by going to the [http://start.ncf.ca StartPage], and clicking on [https://www.ncf.ca/en/members/email/yellowmail/settings SpamFilter set-up] under 'Email' in the left column. There is information on that page about how SpamFilter works and [http://www.ncf.ca/ncf/support/faqMaker.jsp?faq=2 Frequently Asked Questions] on customizing SpamFilter.

There is also [https://youtu.be/PWEibPkXCS0 a short video on setting SpamFilter options].

=== Blocking Specific Email Addresses ===
Spam can be difficult to stop as spammers are relentless, and can often send messages from many different emails, making it much more difficult to stop.

If the undesirable messages you are receiving are coming from the same address, it would be best to add a mail exception on your spam filtering page [https://www.ncf.ca/ncf/home/spamfilter/greenListMgr.jsp here] to ensure the offending address is blocked from sending you mail in the future.

Simply enter the offending email into the “Email address” bar and enter “Classification” as “Red” to ensure this address will be marked as spam and not be delivered to your mailbox in the future.

===Using Yellow Mail===
NCF provides a facility to screen mail items that your SPAM filter settings have found questionable before the mail enters your Zimbra inbox. This is called yellow mail. You can see a short video [[https://youtu.be/3rqLbGhvA8w here]] on how to use it.

==See also==
*[[Alternate email address]]
*[[Email Alias]]
*[[Email blacklisting]]
*[[Email spoofing]]
*[[Tips (Email)|Email tips]]
*[[Zimbra]] - for help on the Zimbra webmail system

[[Category: Email]]

Bell FTTP Migration FAQ

2024-11-21T20:26:45Z

Gd887: /* I received a letter or call from Bell saying I must migrate my phone (landline) service to their fibre (FTTP) network. Will this impact my DSL service? */

==== I received a letter or call from Bell saying I must migrate my phone (landline) service to their fibre (FTTP) network. Will this impact my DSL service? ====
Bell is in the process of migrating their landlines from the copper line (POTS) to their fibre network (VOIP) which is not compatible with DSL. Members with wet line DSL who choose to migrate their landline to fibre will need to change their service to dry line to avoid loosing service upon migration. A wet to dry line change order must be scheduled at least 5 business days in advance, and the standard activation fee would apply.

However, Bell has told NCF that any landlines with wholesale DSL (DSL from NCF) are to be excluded from their migration at this point, and that any such letters to our members have been sent in error. Bell sent an apology letter to explain this, but NCF has received reports that Bell is still sending migration letters in error, and their technicians are also not all aware of the exclusion.

As long as members do not schedule migrating their line to fibre with Bell, they can continue using their landline and DSL without interruptions. Members who are contacted by Bell should inform Bell they do not want to migrate (or to cancel the migration if scheduled), citing that they currently have wholesale DSL on the line.

'''My DSL stopped working after migrating my landline to fibre. Can I continue to get DSL service on the new system?'''

Bell's new landline service runs over their fibre network which is not compatible with DSL, but we can continue to provide service on the copper network by ordering a "dry line" service. Normally, we charge a one time activation fee of $49.95 for the order to switch to dry, however we are currently waiving the installation fee for members who unexpectedly lost their wet line service because of migrating their landline. A dry line does come with an added $5/month fee associated, as bell charges NCF a higher rate for dry DSL lines.

'''Can I revert my landline back to the copper network?'''

As far as we know, Bell will not reconnect any landline service on their copper network. Members who have had their line migrated will need to order dry line service to continue using our DSL on their line. For the time being, we are not charging the activation fee, but we do need to change the $5 monthly dry line fee after the installation.

'''Does dry line DSL work any differently as compared to on a wet line?'''

No, the internet service works exactly the same, and no changes to the DSL modem are required. The modem will be connected to the same copper line as before, and not through the new Bell landline which works over fibre. As there will be no longer be other devices on the same line, you will no longer need to use any DSL filters, and it's possible the DSL signal will be stronger with no other devices connected.

'''Why does it cost more for dry loop DSL, given it's the exact same service as a wet line?'''

Bell charges NCF a higher rate for DSL on lines without an active landline (POTS) service which we pass on as a monthly dry loop fee. Although these fees vary based on location, we normalize it to $5 so as to be fair to all members.

Using Windows safely

2024-11-12T16:18:56Z

Gd887: Gd887 moved page Using Windows safely to Using Windows Safely

#REDIRECT [[Using Windows Safely]]

Using Windows Safely

2024-11-12T16:18:55Z

Gd887: Gd887 moved page Using Windows safely to Using Windows Safely

[[File:Windows store in Future Shop.JPG|thumb|350px|right|A Windows store display]]
Microsoft Windows can be safely used on the internet, but because it has inherent design limitations, using it safely requires more knowledge, skill and care than using other operating systems. This article will attempt to give less experienced NCF members who choose to use Windows on the internet some background knowledge to help them avoid problems.

Some experts have estimated that almost half of all Windows computers are part of botnets, due to [https://en.wikipedia.org/wiki/Malware malware infections]. Malware installed on your computer can can not only slow your computer down, steal your data, steal your banking and credit card information, but also use your computer to send out spam, individually or as part of a large spamming network, known as a [https://en.wikipedia.org/wiki/Botnet botnet]. It is this spamming that results in NCF email getting on [[Email blacklisting|email blacklists]] and stops NCF mail from getting to its destinations. When NCF mail gets blacklisted due to spamming, malware on your Windows computer is now affecting everyone else. The best defence is to make sure your computer is clean and used safely.

[[Windows 10]] also has its own article.

==Anti-virus==
[[File:ClamWinOnWindowsXP.PNG|thumb|right|ClamWin anti-virus running on Windows XP]]
Make sure that you have an installed and functional anti-virus program and that its virus definitions are updated daily. New malware is identified every day and unless your anti-virus has the latest virus definitions it can't identify new viruses. Most anti-virus programs can be set to update their definitions automatically and also do a complete system scan automatically as well. On Windows it is recommended that that a full system scan be programmed to be carried out every day. Because a full system scan can take a lot of computing power, it is best to set these to run in the middle of the night when you aren't using the computer for other tasks.

A scanner that offers real-time scanning of email and website downloads will give much better protection, but no scanner can protect users against [https://en.wikipedia.org/wiki/Zero-day_attack zero day exploits], that is new malware that hasn't been identified yet. Because of this, anti-virus is not a complete solution to keeping your computer safe, but it is one useful tool.

Effective anti-virus doesn't have to be expensive, in fact the high-cost ones often slow your computer down a lot, while the free software and freeware ones tend to use fewer resources and are at least as effective. Especially with older computers, not overloading the computer with resource-intensive programs is important, as they cause it to slow down.

Some free anti-virus applications that NCF members have tested are:

;Free software
* [http://www.clamwin.com/ ClamWin] - free software (only does real-time scanning on Microsoft Outlook, however via an add-in feature.)
;Commercial freeware
* [http://www.avast.com/en-us/index Avast Free]
* [http://www.free-av.com/ Avira AntiVir Personal Edition Classic]
* [http://free.avg.com/ca-en/download.prd-afh.line-2013 AVG Free]
* [http://windows.microsoft.com/en-us/windows/security-essentials-download Microsoft Security Essentials]

==Anti spyware==
An anti spyware application is recommended in addition to an anti-virus program. Some that have been tested by NCF members are:

;Commercial freeware
* [http://www.emsisoft.com/en/software/free/ a-squared Free Software for Windows]
* [http://lavasoft.com/products/ad_aware_free.php Ad Aware for Windows]
* [http://www.safer-networking.org/ Spybot - Search & Destroy]

==Firewall==
You need to have a firewall program running to block intruders.

If you are using an NCF-supplied DSL modem then it will have a hardware firewall already configured and running. In other cases ensure you have a firewall at the DSL modem or at the PC level in use to prevent intrusions.

If you aren't operating behind a hardware firewall, or if you aren't sure if you are, such as when you are on open-wifi at a library, coffee shop or at a friend's house, then you need to have a software firewall running. Windows versions starting with XP SP2 and later come with [https://en.wikipedia.org/wiki/Windows_Firewall Windows Firewall] already installed, you just have to configure it to use it.

Which firewall to run will depend on how much protection you need and how much power your computer has available. Running a lot of protection software can slow older computers right down.

Recommended software firewalls:

;Commercial freeware
*[http://www.comodo.com/home/internet-security/firewall.php Comodo firewall]
*[http://www.zonealarm.com/security/en-us/anti-virus-spyware-free-download.htm ZoneAlarm Free Firewall]

===Firewall testing===
You can test your modem security configuration, the effectiveness of your firewalls and other security measures against on-line intrusion with this online test:

*[https://www.grc.com/x/ne.dll?bh0bkyd2 Shields Up]

==Don't install random programs==
A lot of malware is offered as "free screensavers" or programs to "make your PC run faster". Be aware that these are all tricks to get unwary Windows users to install malware.

Only install software from reputable sources. If in doubt, don't install it.

Be very wary of any file that has an extension of ".exe" (Windows executable) or ".scr" (screensaver). Be very careful of files that have double extensions such as ".txt.vb" or ".jpg.exe" as these are tricks to make you think the file is safe when it isn't. Many versions of Windows hide file extensions and this can display only the "safe-looking" extension and not the ".exe" extension. If you get these in your email from someone you know it is likely malware on their computer that sent it to you to spread itself.

Many attempts to get you to install malware are browser pop-ups that are designed to look like warning dialogue boxes from your computer. Almost all browsers can be set to block pop-ups so you won't see these. If you do get a pop-up examine it carefully before you accept installing anything. Most malware uses [https://en.wikipedia.org/wiki/Social_engineering_%28security%29 social engineering] tricks to fool you into installing it.

Think critically about everything you are going to click on.

==Don't routinely run an admin account==
On Windows XP and earlier the first account created has administrative privileges. This helps you set things up, but if you regularly use that as your daily user account and it gets compromised by malware then the malware has unrestricted access to the computer. Creating a second account to use as a daily-use account will restrict access should that account be compromised by malware.

==Browser toolbars==
A lot of users install browser toolbars, sometimes many of them all at once! Some of these are malware and nearly all the rest are [https://en.wikipedia.org/wiki/Adware adware], essentially spamming you to get you to buy things. Most of these slow your browser down and make the internet run slower for you. Most tool bars are at best useless and take up screen space that could be used to show websites instead.

If you really need one certain browser toolbar then make sure it is from a reputable source, otherwise, give these a miss.

==Watch out for USB drives==
Other people plugging USB drives into your computer is a quick way to spread malware. If a friend brings a drive over to show you something ensure it is scanned for malware first.

==Don't use Internet Explorer==
Internet Explorer (IE), Microsoft's own [[browser]] that comes with all versions of Windows, is not the best browser choice. Most versions of it are not standards compliant and don't display websites, like [[Zimbra]], correctly, which can make it frustrating to use.

IE also lacks a lot of modern browser features, like spell-checking, "do-not-track" and other useful things.

Older versions of Windows, like Windows XP, cannot use the latest versions of IE. For instance Windows XP cannot use versions newer than IE8, which was first released on 19 March 2009. The older IE versions are no longer supported by Microsoft and have unpatched vulnerabilities that can be exploited by malicious websites and compromise your computer.

There is no reason to use out-of-date browsers. Better browsers are available for free download and have new versions released frequently. NCF has tested and recommends the following browsers:

{{Recommended browsers}}

Most of these other browsers have add-ons available. The use of Adblock Plus and Ghostery will greatly reduce the number of opportunities to download malware and so installing these two add-ons is highly recommended.

* [https://adblockplus.org/en/firefox Adblock-Plus] will result in faster page loads, almost no advertising and the blocking of malicious javascript code.
*[https://addons.mozilla.org/en-US/firefox/addon/ghostery/ Ghostery] blocks a lot of tracking and spyware, but may cause some websites to not work right.

Other good extensions are:

*[https://www.eff.org/privacybadger Privacy Badger] from the Electronic Frontier Foundation which refuses tracking cookies, scripts and images, including ads that track you, improving privacy on Firefox and Chrome

*[https://www.eff.org/https-everywhere HTTPS Everywhere], also from the Electronic Frontier Foundation, causes websites to use encryption wherever possible to improve privacy. For on Firefox and Chrome.

*[https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies/ Self-Destructing Cookies] is a Firefox add-on that removes cookies as soon as you close the tab, reducing tracking.

Users should be careful of adding other browser add-ons, especially for Chrome, as some of these are malware themselves. Stick to browser add-ons that have been recommended by reliable sources.

Some people may have to use IE to access work-related websites that only work on IE. These websites are becoming rare these days, but there are still a few of these non-standards-compliant websites around. If you need to use IE for one website in particular then there is no need to use IE for all your other on-line work. You can open and run two browsers at once, if need be.

It can help to have a second web browser installed on your computer, as some websites do not work with all browsers correctly. It may be helpful, for instance to use Firefox as your main browser, but have Chrome installed in case a particular website does not display correctly.

==Don't use Outlook Express==
The Outlook Express email client came with older versions of Windows, including Windows XP. The latest version is Outlook Express 6.0 which was released in October 2001 and has been unsupported since October 2005. It has many unaddressed vulnerabilities, including:

* Database corruption issues
* Security issues
* Incorrect handling of PGP/MIME signed messages

[https://en.wikipedia.org/wiki/Outlook_Express This article] explains more about the problems with Outlook Express.

It is much safer to use [[Zimbra]], NCF's webmail from your browser, or if you want to use a local email client, then [https://www.mozilla.org/en-US/thunderbird/ Mozilla Thunderbird], is a free software email client that has much better security. Thunderbird's interface is very similar to Outlook Express and so it is easy to learn how to use it. Another alternative is [http://windows.microsoft.com/en-us/windows-live/essentials-other#essentials=overviewother Windows Essentials] by Microsoft, which is commercial freeware.

==Run your updates==
Windows operating system updates are very important, so don't skip installing them! They often contain patches to fix security risks that have been recently identified. If you don't install your updates you are leaving yourself open to malware.

If you find that installing the updates ties up your computer then install them at the end of the day so they can run overnight when the computer is not being otherwise used.

==Back-up your files==
[[File:Back up methods.JPG|right|thumb|A sample of some methods of backing up your files: a DVD and three USB mass-storage devices ("Thumb drives").]]
It is very important to make back-up copies of your files regularly, no matter which operating system you are using. Hard drives can fail, taking all your documents with them. When using Windows this is even more critical because many common Windows viruses will cause system corruptions that prevent Windows from booting. In that case a rescue disk may be helpful for [https://en.wikipedia.org/wiki/Data_recovery recovering your files]. Also even without malware woes, all versions of Windows break down over time and, if not reinstalled regularly, eventually every Windows installation will become un-bootable.

Back-ups also provide insurance in case your computer gets stolen. At least you will still have your files.

Files should be backed up on a regular basis, perhaps daily or at least weekly. Some people also make archive copies every few months or annually, so that old versions of files can be retrieved.

There are many ways of backing up files, including:

*CD or DVD
*External hard drive
*USB storage device (thumb drive)
*Cloud storage service

When making back-ups ensure that you back up your browser bookmarks and, if you are not using webmail, your e-mail as well.

===Ransomware===
The wide proliferation of [https://en.wikipedia.org/wiki/Ransomware ransomware], like [http://privacyblog.com/2015/06/15/tox-free-ransomware-is-now-available-for-everyone/ the Tox free ransomware] and Windows large vulnerability to it makes backing up your files even more important as this is the best way to recover your computer from a ransomware attack.

When subject to this type of attack just scrub the ransomware with anti-virus, if that is not possible, then reinstall your operating system and then your documents from backup.

Under no circumstances pay the ransom demanded, as you won't get your files released and will instead just get repeatedly victimized.

In is worth noting that generally only Windows is subject to ransomware, as Mac, BSD, Unix and Linux-based systems are much better protected against this.

==Unsupported operating systems are at risk==
Older versions of Windows that are no longer supported are security risks. Malware writers know that any vulnerabilities they discover in older Windows versions will not be corrected and that they are free to exploit them.

Here are Microsoft's official dates for the end-of-life for various Windows versions:

* [https://support.microsoft.com/en-us/lifecycle/search/default.aspx?sort=PN&alpha=Windows%2098&Filter=FilterNO 98 support ended on 11 July 2006]
* [https://support.microsoft.com/en-us/lifecycle/search/default.aspx?sort=PN&alpha=Windows%202000%20Professional%20Edition&Filter=FilterNO Windows 2000 and Windows ME support ended on 13 July 2010]
* [https://support.microsoft.com/en-us/lifecycle/search?alpha=Microsoft%20Windows%20XP%20Service%20Pack%203 Windows XP support ended on 8 April 2014]
* [https://support.microsoft.com/en-us/lifecycle/search/default.aspx?sort=PN&alpha=Windows%20Vista&Filter=FilterNO Windows Vista support ended on 11 April 2017]
* [https://support.microsoft.com/en-us/lifecycle/search/default.aspx?sort=PN&alpha=Windows%207%20Home%20Premium&Filter=FilterNO Windows 7 support ends on 14 January 2020]
* [https://support.microsoft.com/en-us/lifecycle/search/default.aspx?sort=PN&alpha=Windows%208&Filter=FilterNO Windows 8 support ends on 12 January 2016]
* [https://support.microsoft.com/en-us/lifecycle/search/default.aspx?sort=PN&alpha=Windows%208&Filter=FilterNO Windows 8.1 support ends on 1 October 2023]
* [https://support.microsoft.com/en-us/lifecycle/search?sort=PN&alpha=Windows%2010%20Home,%20released%20in%20July%202015&Filter=FilterNO Windows 10 support ends on 14 October 2025]

In the past, by the time most versions' support ran out there were very few users still employing the system, and therefore it attracted very little interest from malware creators. This meant that the risks of running unsupported systems were relatively small in the past. For instance, today very few people are writing malware for Windows 98. But Windows XP is an exception, because, many users are still running this now-unsupported operating system, making it a fairly valuable target for malware writers. There have been many media reports of wide-spread and successful attacks on Windows XP. See [[Replacing Windows XP]] for what you can do about this.

Keep track of your operating system end-of-life date and plan to either upgrade to a newer version of Windows (usually requires buying new hardware) or install a different, supported operating system on your existing hardware.

==See also==
*[[Best Of Free Windows Software]]
*[[Email blacklisting]]
*[[Replacing Windows XP]]
*[[Virtual Private Networks]]
*[[Windows 10]]

==Additional reading==
===Making Windows more secure===
*[https://spreadprivacy.com/windows-7-privacy-tips-b5dd62ffcd37 How To Protect Privacy On Windows 7]
*[https://spreadprivacy.com/windows-10-privacy-tips-4f1e73c1987d How To Protect Privacy On Windows 10]
*[http://mashable.com/2017/04/14/nsa-hacking-tools-shadowbrokers/ Windows users should be really worried about the latest NSA leak]

===Viruses and malware===
*[http://www.wikihow.com/Avoid-Getting-a-Computer-Virus-or-Worm How to Avoid Getting a Computer Virus or Worm] on wikihow.com
*[http://arstechnica.com/security/2014/01/malware-vendors-buy-chrome-extensions-to-send-adware-filled-updates/ Adware vendors buy Chrome Extensions to send ad- and malware-filled updates] by Ron Amadeo, Ars Technica
*[http://techrights.org/2009/12/23/loss-of-control-of-windows-pcs/ One in Two Windows PCs is a Zombie PC (Part of Botnet/s)] - TechRights
*[http://techrights.org/2008/05/14/windows-zombie-pc-40-pct/ A World Where Almost One in Two PCs is a Windows Zombie PC] - TechRights
*[http://www.makeuseof.com/tag/protect-data-ransomware-5-steps/ Protect Your Data From Ransomware With These 5 Steps] by Christian Cawley, Make Use Of

===Windows XP===
*[http://windows.microsoft.com/eos Windows XP support has ended] - Official Microsoft article
*[http://www.cbc.ca/news/technology/end-of-windows-xp-tech-support-how-it-will-affect-you-1.2584259 End of Windows XP tech support: How it will affect you] 25 March 2014, on CBC
*[http://www.cbc.ca/news/technology/windows-xp-holdouts-vulnerable-to-hackers-1.2532609 Windows XP holdouts vulnerable to hackers] - CBC article
*[http://windowssecrets.com/top-story/a-last-reprieve-for-the-enduring-windows-xp/ A last reprieve for the enduring Windows XP?] by Woody Leonhard on ''Windows Secrets''
*[http://linux.oneandoneis2.org/wrongms.htm What's wrong with Microsoft?] by Dominic Humphries
*[http://www.itworld.com/security/440707/russian-cybercrime-group-compromised-half-million-computers Russian cybercrime group compromised half a million computers] Article that shows an example of why users should not still be using Windows XP or Internet Explorer, 7 October 2014

===Anti-virus===
*[http://dottech.org/14151/windows-best-free-antivirus-antimalware-program-microsoft-security-essentials-vs-avira-vs-avast-vs-avg/ Avira vs avast vs AVG vs Panda Cloud vs Bitdefender vs MSE, review of best free anti-virus for Windows] on dottech, from February 2014
*[http://www.psychocats.net/ubuntucat/does-ubuntu-need-antivirus/ Does Ubuntu need antivirus?] - good article on security practices for everyone, by AY Siu

===Alternatives to Windows XP that run on Windows XP hardware===
*[http://www.gizmag.com/windows-xp-support-end-options/31218/ Windows XP support ends April 8: What are your options?] on Gizmag
*[http://www.omgubuntu.co.uk/2014/02/windows-xp-users-may-switch-linux 11 Percent of Windows XP Users Will Switch to Linux, Survey Claims], OMG Ubuntu, 21 February 2014
*[http://www.omgubuntu.co.uk/2014/02/four-reasons-why-windows-xp-users-should-switch-to-lubuntu-this-april Windows XP User? Here’s 4 Reasons to Switch to Lubuntu This April] By Joey-Elijah Sneddon, OMG Ubuntu
*[http://www.pcworld.com/article/2107641/3-easy-linux-alternatives-for-windows-xp-refugees-who-dont-want-a-new-pc.html 3 easy Linux alternatives for Windows XP refugees who don't want a new PC] on PC World

[[Category: Windows]]
[[Category:Computer Help]]
[[Category:Privacy and Security]]

Bell FTTP Migration FAQ

2024-11-05T20:35:10Z

Gd887:

==== I received a letter or call from Bell saying I must migrate my phone (landline) service to their fibre (FTTP) network. Will this impact my DSL service? ====
Bell is in the process of migrating their landlines from the copper line (POTS) to their fibre network (VOIP) which is not compatible with DSL. Members with wet line DSL who choose to migrate their landline to fibre will need to change their service to dry line to avoid loosing service upon migration. A wet to dry line change order must be scheduled at least 5 business days in advance, and the standard activation fee would apply.

However, Bell has told NCF that any landlines with wholesale DSL (DSL from NCF) are to be excluded from their migration at this point, and that any such letters to our members have been sent in error. Bell sent an apology letter to explain this, but NCF has received reports that Bell is still sending migration letters in error, and their technicians are also not all aware of the exclusion.

As long as members do not schedule migrating their line to fibre with Bell, they can continue using their landline and DSL without interruptions. Members wishing to continue with their current service should inform Bell they do not want to migrate (or to cancel the migration if scheduled), citing that they currently have wholesale DSL on the line.

'''My DSL stopped working after migrating my landline to fibre. Can I continue to get DSL service on the new system?'''

Bell's new landline service runs over their fibre network which is not compatible with DSL, but we can continue to provide service on the copper network by ordering a "dry line" service. Normally, we charge a one time activation fee of $49.95 for the order to switch to dry, however we are currently waiving the installation fee for members who unexpectedly lost their wet line service because of migrating their landline. A dry line does come with an added $5/month fee associated, as bell charges NCF a higher rate for dry DSL lines.

'''Can I revert my landline back to the copper network?'''

As far as we know, Bell will not reconnect any landline service on their copper network. Members who have had their line migrated will need to order dry line service to continue using our DSL on their line. For the time being, we are not charging the activation fee, but we do need to change the $5 monthly dry line fee after the installation.

'''Does dry line DSL work any differently as compared to on a wet line?'''

No, the internet service works exactly the same, and no changes to the DSL modem are required. The modem will be connected to the same copper line as before, and not through the new Bell landline which works over fibre. As there will be no longer be other devices on the same line, you will no longer need to use any DSL filters, and it's possible the DSL signal will be stronger with no other devices connected.

'''Why does it cost more for dry loop DSL, given it's the exact same service as a wet line?'''

Bell charges NCF a higher rate for DSL on lines without an active landline (POTS) service which we pass on as a monthly dry loop fee. Although these fees vary based on location, we normalize it to $5 so as to be fair to all members.

Bell FTTP Migration FAQ

2024-11-05T19:25:12Z

Gd887: Created page with "==== I received a letter or call from Bell saying I must migrate my phone (landline) service to their fibre (FTTP) network. Will this impact my DSL service? ==== Bell is in th..."

==== I received a letter or call from Bell saying I must migrate my phone (landline) service to their fibre (FTTP) network. Will this impact my DSL service? ====
Bell is in the process of migrating their landlines from the copper line (POTS) to their fibre network (VOIP) which is not compatible with DSL. Members with wet line DSL who choose to migrate their landline to fibre will need to change their service to dry line to avoid loosing service upon migration. As with other orders, it needs to be scheduled 5 business days in advance and the standard activation fee would apply.

However, Bell has told us that any landlines with wholesale DSL (DSL from NCF) are to be excluded from their migration at this point, and that any such letters to our members have been sent in error. Bell sent an apology letter to explain this, but apparently they are still sending migration letters in error and their agents are also not all aware of the exclusion.

As long as members do not schedule migrating their line to fibre with Bell, they can continue using their POTS landline and wet DSL without either being interrupted. Members wishing to continue with their current service should inform Bell they do not want to migrate (or to cancel the migration if scheduled), citing that they currently have wholesale DSL on the line.

We ask that members send us a screenshot or photo of letters they receive regarding migrating their line to help make our case to Bell.

'''My DSL stopped working after migrating my landline to fibre. Can I continue to get DSL service on the new system?'''

Bell's new landline service runs over their fibre network which is not compatible with DSL, but we can continue to provide service on the copper network by ordering a "dry line" service. Normally, we charge an extra fee of $5 per month for a dry line, and a one time activation fee of $49.95 for the order to switch to dry, however we are currently waiving both fees for members who unexpectedly lost their wet line service because of migrating their landline. The dry line activation needs be scheduled 5 business days in advance, but as we realize Bell has not been informing members that the migration will impact their DSL, and they have also been sending letters in error saying that the lines need to be migrated, we can use this as rationale for escalating the order to try getting an earlier date. We may not be waiving the monthly dry loop fee indefinitely, but will give ample notice before charging it to these members.

'''Can I revert my landline back to the copper network?'''

As far as we know, Bell will not reconnect any landline service on their copper network. Members who have had their line migrated will need to order dry line service to continue using our DSL on their line. For the time being, we are not charging the dry line or activation fees that would normally apply, but it can take a few days to get reconnected. (see previous answer)

'''Does dry line DSL work any differently as compared to on a wet line?'''

No, the internet service works exactly the same, and no changes are required to the DSL modem. The modem will need to be connected to the same copper line as before, and not through the new Bell landline which works over fibre. As there will be no longer be other devices on the same line, you will no longer need to use any DSL filters, and it's possible the DSL signal will be stronger with no other devices connected.

'''Why does it cost more for dry loop DSL, given it's the exact same service as a wet line?'''

Bell charges NCF a higher rate for DSL on lines without an active landline (POTS) service which we pass on as a monthly dry loop fee. Although these fees vary based on location, we normalize it to $5 so as to be fair to all members.

Spam

2024-11-02T18:31:19Z

Gd887:

Spam is usually considered as unsolicited email in the form of marketing communications from corporations, organizations and individuals. A number of common types of spam are '''phishing''' and '''spoofing'''. They can be deceptive and may have malicious intent.

==Phishing==
A phishing attack is a message designed to trick a person into revealing sensitive information to the sender, or to deploy malicious software on the victim's computer. Some examples of phishing attacks are:
* You receive an e-mail stating you have won a prize and requires you to contact them to receive the prize.
* You receive an e-mail stating your account will be deactivated if you do not confirm your identity or usage.
* You receive an e-mail regarding a package being delivered to you which you did not request.
It is important to not respond to a phishing attack. Responding to a phishing attack can provide the senders with more personal information that can be used to target you further. Included in all e-mails is information like your e-mail address and the sending IP address, both of which an attacker can use to create increasingly more sophisticated phishing attempts.

==Spoofing==
'''Spoofing''' is the faking of [[email]] addresses to disguise who is sending the email to you. This is often used to make the sender appear to be a trusted source and make their e-mails more enticing. Because the core protocols for email do not prevent it, it is easy for someone to email you using a fake address for the sender.
A common trick is to use the recipient's email address as the sender's as well, in other words the email will appear to come from you. This is used to fool spam filters as most people don't filter out their own address, but it is an easy-to-recognize indication that you are dealing with a spoofed address.

==How to spot Spoofing and Phishing attempts==
Emails on their own are safe to open, although their attachments may not be. 
1. Make sure the sender is who they claim to be.

[[File:Spoof1.png|500px]]

By hovering over the sender on Zimbra, you see a more information about the sender. In the picture above, the sender is claiming to be Zimbra. This e-mail is actually from @baruhotels.com, so Zimbra is a spoofed e-mail.

2. Make sure links go to a trusted domain

[[File:Spoof2.png|500px]]

By hovering over the links on Zimbra, you can see the URL the link redirects to. In the picture above, the link claims to go to mail.ncf.ca, but actually links out to a dccitevital.org domain and is a phishing attempt

==What to do with Phishing and Spoofing attempts?==
'''Do not open any attachments!''' 
'''Do not open any links!''' 
Deleting the e-mail is the best option.

==Reporting Phishing Emails==
Phishing e-mails can be reported to the [https://www.priv.gc.ca/en/report-a-concern/report-spam/ Office of the Privacy Commissioner of Canada] through their website or by forwarding your e-mails to spam@fightspam.gc.ca.

Phishing links can be reported to Google at [https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en]

==Advanced E-mail tracking==
If you want to find out where the email is really coming from you need to check the email headers ("show original"), as shown here in [[Zimbra]], NCF's webmail interface:

[[File:Zimbra8_advanced_show_original.png|800px]]

Here is an example of a set of email headers from a spoofed email:

Return-Path: youraddress@ncf.ca
Received: from localhost (LHLO mail.ncf.ca) (127.0.0.1) by melkor.ncf.ca
with LMTP; Wed, 16 Sep 2015 19:08:57 -0400 (EDT)
Received: from mail.ncf.ca (localhost [127.0.0.1])
by mail.ncf.ca (Postfix) with ESMTP id A8607A0547
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
X-Spam-Checker-Version: SpamAssassin 3https://help.ncf.ca/Spam#Zimbra_Filters.4.0 (2014-02-07) on melkor.ncf.ca
X-Spam-Level:
X-Spam-Status: No, score=-0.0 required=6.0 tests=BAYES_00,FSL_BULK_SIG,
HTML_IMAGE_ONLY_32,HTML_MESSAGE,PYZOR_CHECK,RCVD_IN_DNSWL_NONE,
RCVD_IN_MSPIKE_H2,T_REMOTE_IMAGE autolearn=no autolearn_force=no version=3.4.0
X-Spam-Virus: No
Received: from mx1.ncf.ca (pallando.ncf.ca ['''134.117.136.70'''])
by mail.ncf.ca (Postfix) with ESMTP id 942A5A051C
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.9.1 mail.ncf.ca 942A5A051C
Received: from mx1.ncf.ca (localhost ['''127.0.0.1'''])
by mx1.ncf.ca (Postfix) with ESMTP id 73766BEE75
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
X-Greylist: delayed 420 seconds by postgrey-1.34 at pallando; Wed, 16 Sep 2015 19:08:55 EDT
Received: from smtpg-pc.aruba.it (smtp217-pc.aruba.it ['''62.149.157.217'''])
by mx1.ncf.ca (Postfix) with ESMTP id 0D616BEE7C
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:54 -0400 (EDT)
Received: from WORLDST-UQ3K9Q0 (['''181.26.209.230'''])
by smtpcm2-pc.aruba.it with bizsmtp
id Hz0g1r0094yo4K101z1GXd; Thu, 17 Sep 2015 01:01:54 +0200https://help.ncf.ca/Spam#Zimbra_Filters

The "received" sections show the [https://en.wikipedia.org/wiki/IP_address IP addresses] which the mail has travelled through and ultimately originates from. The IP addresses in the header are shown '''in bold''' to make them stand out. Because the bottom one is the originator, it can now be traced to see where it comes from.

===Tracing IP addresses===
Tracing IP addresses is fairly easy using tools like [https://launchpad.net/ubuntu/+source/whois whois] on Linux. They can also be traced through the websites of the IP registration authorities:

* [http://whois.arin.net/ui ARIN] (North America)
* [http://www.ripe.net/fcgi-bin/whois RIPE NCC] (Europe, the Middle East and Central Asia)
* [http://www.apnic.net/apnic-info/whois_search APNIC] (Asia Pacific)
* [http://lacnic.net/cgi-bin/lacnic/whois LACNIC] (Latin American and Caribbean)
* [http://www.afrinic.net/ AfriNIC] (Africa)
* [http://www.ip-adress.com/ IP-adress.com] (sic)
* [http://www.find-ip-address.org/ Find-IP-address.org]

If an address is not found in one registry, it will probably be in another one.

In the case of the header example above the IP address '''181.26.209.230''' traces to ''Telefonica de Argentina'' in Buenos Aires, Argentina, so you can be sure it did not originate with NCF and that the return address is spoofed.

=== Volunteer Dave - A Spoofing Story ===

'''An informative narrative written by one of our volunteers and his saga to expose spoofers when he found they were sending mail out from his address.'''

Someone is "Spoofing" your email address or has "hijacked" your email account. Please review the following for advice on what you can do to minimize the occurrences. Please try the suggestions and get back to us if you have further questions.

From: http://www.pcworld.com/article/2927993/what-to-do-when-your-email-address-sends-spam.html

What’s worse than getting spam? Unwittingly sending it. When bogus and probably malware-laden advertising goes out in your name, you look bad. And you get flooded with bounced messages from dead addresses that some crook attempted to spam in your name.

The good news: You’re not sending out spam. Neither is your computer or your IP address. But the bad news can still be pretty bad.

If spam is going out from your email address, the address has been either spoofed or hijacked. Either way, the spam isn’t going out from your computer, and probably not from the criminal’s computer, either. It’s probably going out from an unknowing victim’s malware-infected PC.

Spoofing an email address is, in a sense, forging it. The criminal sends out mail with your From address, even though they have no access to your account.

There’s really no solution to spoofing. Fortunately, for their own reasons, cybercrooks tend to change spoofed addresses frequently. The annoyance will disappear soon.

Hijacking is worse. In this case, the criminal takes control of your account. They can read your mail, and they can target people you know when they spam. And they can lock you out of your own account.

Fortunately, you can do something about hijacking.

As soon as you discover that your address is spamming people, try to change your password…immediately. If you succeed, you’ve fixed the problem.

But if your mail service rejects your password, the problem is serious. The hijacker has changed the password first and now controls your account.

If you’re still connected and can receive mail, try to login on another computer or using your browser’s private mode. When the login fails, try the service’s “Forgot your password” or “Need help” link. The service will email you a new password. Hopefully, you’ll get it before the bad guy.

If that fails, you’ll have to contact the mail service and discuss the problem. Here are the links for [https://support.google.com/mail/bin/answer.py?hl=en&answer=502700 Gmail] and Microsoft’s [https://support.microsoft.com/en-ca/help/4026971/microsoft-account-how-to-reset-your-password Outlook] . If you’re using another service, you’ll have to find the right address yourself.

Have you been using the same password for other services? If so, change them as soon as possible.

Once you’ve got everything under control, email apologies to everyone who received, or might have received, spam apparently coming from you.

Finally, follow these steps to make sure this doesn’t happen again:

Use strong, long passwords that people can’t guess.

Use different passwords for different services, and keep track of them with a password manager.

Set up 2-step verification for your service. You should find instructions on the service’s setup or options screen.

Never email your password to anyone, and I mean anyone.

Shortly after I wrote this article, my daughter's Gmail account was hacked, and everyone she knew received messages telling them to "Click on the document below and log in with your email and password to view it." I gave her the Gmail URL above, and within a few minutes she had her account back.

Here is a link to another good article about this [https://askleo.com/someones-sendin/ "From:spoofing"]

Dave

== Zimbra Filters ==
Zimbra offers powerful filtering options for blocking spammers. Zimbra is build into our email back end, so even if you're not using the Zimbra web client to access your emails, Zimbra filters will still work. This means that even if you're using a popular mail client like outlook, gmail, or your phone, Zimbra filters still offer protection against spammers. The simplest way to block a spammer is by setting up a filter for the email address that the spammer is using to send you spam.

Follow these instructions to set up a filter to block emails from a specific address. In this example the hypothetical spammer is sending us emails from the address: '''daily@spam.com.'''

# Log into your [https://mail.ncf.ca Zimbra] webclient, then go to Preferences > Filters.
## Click on "New Filter" to create a new filter. You can make as many filters as you'd like. [[File:Zimbra Filter Preferences.png|none|thumb]]
# Under '''"If any of the following conditions are met"''' set the first option to '''"from"''', and leave all other drop down options as default.[[File:Zimbra NewFilter 1.png|none|thumb]]
# In the text field to the right, enter the spammer's entire email address, in this example we're using '''daily@spam.com''', but this will be specific to who is sending you spam.[[File:Zimbra NewFilter 2.png|none|thumb]]
# Under '''"Perform the following actions"''' select '''"Move into folder"'''.[[File:Zimbra NewFilter 3.png|none|thumb|note: in this example our filter will automatically put emails sent from '''daily@spam.com''' to our junk folder, instead of arriving to our inbox. If you'd instead like for them to be sent to your trash right away, select '''"Discard"''' instead.]]
# Click on '''"Browse..."''' to select the folder you'd like to send the emails to.[[File:Zimbra NewFilter 4.png|none|thumb]]
# Click on the '''"Junk"''' folder, then click on '''"Ok"''' to save[[File:Zimbra NewFilter 5.png|none|thumb|You have the option to select any folder, even custom folders, if you'd prefer. For spam we recommend the Junk folder.]]
# At this point your filter should be set up as the following:
## filter condition = "From" "Matches exactly" "Spammer's email address" "all".
## filter action = "Move into folder" "Junk".
## Click on the '''"Ok"''' button to save the filter.[[File:Zimbra NewFilter 6.png|none|thumb]]
# You should now see your new filter under '''"Active Filters"'''. Your filter is now working on your incoming mail!
## You can run your filter by clicking on your filter's name, then clicking '''"Run Filter"'''.[[File:Zimbra ActiveFilters.png|none|thumb]]
# Choose which folder you'd like to run the filter on. Then click '''"OK"''' to run the filter.[[File:Zimbra RunFilter.png|none|thumb|This will filter through your existing emails, and move any existing spam into your junk folder.]]

==External links==
*Phishing quiz on [https://www.opendns.com/phishing-quiz/ Open DNS]
*[https://en.wikipedia.org/wiki/Email_spoofing Email spoofing] on Wikipedia
*NCF's 2018 workshop [[:File:SWaC - Spam+Phishing.pdf]]

[[Category:Email]]

Spam

2024-11-02T18:30:45Z

Gd887:

Spam is usually considered as unsolicited email in the form of marketing communications from corporations, organizations and individuals. A number of common types of spam are '''phishing''' and '''spoofing'''. They can be deceptive and may have malicious intent.

==Phishing==
A phishing attack is a message designed to trick a person into revealing sensitive information to the sender, or to deploy malicious software on the victim's computer. Some examples of phishing attacks are:
* You receive an e-mail stating you have won a prize and requires you to contact them to receive the prize.
* You receive an e-mail stating your account will be deactivated if you do not confirm your identity or usage.
* You receive an e-mail regarding a package being delivered to you which you did not request.
It is important to not respond to a phishing attack. Responding to a phishing attack can provide the senders with more personal information that can be used to target you further. Included in all e-mails is information like your e-mail address and the sending IP address, both of which an attacker can use to create increasingly more sophisticated phishing attempts.

==Spoofing==
'''Spoofing''' is the faking of [[email]] addresses to disguise who is sending the email to you. This is often used to make the sender appear to be a trusted source and make their e-mails more enticing. Because the core protocols for email do not prevent it, it is easy for someone to email you using a fake address for the sender.
A common trick is to use the recipient's email address as the sender's as well, in other words the email will appear to come from you. This is used to fool spam filters as most people don't filter out their own address, but it is an easy-to-recognize indication that you are dealing with a spoofed address.

==How to spot Spoofing and Phishing attempts==
Emails on their own are safe to open, although their attachments may not be. 
1. Make sure the sender is who they claim to be.

[[File:Spoof1.png|500px]]

By hovering over the sender on Zimbra, you see a more information about the sender. In the picture above, the sender is claiming to be Zimbra. This e-mail is actually from @baruhotels.com, so Zimbra is a spoofed e-mail.

2. Make sure links go to a trusted domain

[[File:Spoof2.png|500px]]

By hovering over the links on Zimbra, you can see the URL the link redirects to. In the picture above, the link claims to go to mail.ncf.ca, but actually links out to a dccitevital.org domain and is a phishing attempt

==What to do with Phishing and Spoofing attempts?==
'''Do not open any attachments!''' 
'''Do not open any links!''' 
Deleting the e-mail is the best option.

==Reporting Phishing Emails==
Phishing e-mails can be reported to the [https://www.priv.gc.ca/en/report-a-concern/report-spam/ Office of the Privacy Commissioner of Canada] through their website or by forwarding your e-mails to spam@fightspam.gc.ca.

Phishing links can be reported to Google at [https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en]

==Advanced E-mail tracking==
If you want to find out where the email is really coming from you need to check the email headers ("show original"), as shown here in [[Zimbra]], NCF's webmail interface:

[[File:Zimbra8_advanced_show_original.png|800px]]

Here is an example of a set of email headers from a spoofed email:

Return-Path: youraddress@ncf.ca
Received: from localhost (LHLO mail.ncf.ca) (127.0.0.1) by melkor.ncf.ca
with LMTP; Wed, 16 Sep 2015 19:08:57 -0400 (EDT)
Received: from mail.ncf.ca (localhost [127.0.0.1])
by mail.ncf.ca (Postfix) with ESMTP id A8607A0547
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
X-Spam-Checker-Version: SpamAssassin 3https://help.ncf.ca/Spam#Zimbra_Filters.4.0 (2014-02-07) on melkor.ncf.ca
X-Spam-Level:
X-Spam-Status: No, score=-0.0 required=6.0 tests=BAYES_00,FSL_BULK_SIG,
HTML_IMAGE_ONLY_32,HTML_MESSAGE,PYZOR_CHECK,RCVD_IN_DNSWL_NONE,
RCVD_IN_MSPIKE_H2,T_REMOTE_IMAGE autolearn=no autolearn_force=no version=3.4.0
X-Spam-Virus: No
Received: from mx1.ncf.ca (pallando.ncf.ca ['''134.117.136.70'''])
by mail.ncf.ca (Postfix) with ESMTP id 942A5A051C
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.9.1 mail.ncf.ca 942A5A051C
Received: from mx1.ncf.ca (localhost ['''127.0.0.1'''])
by mx1.ncf.ca (Postfix) with ESMTP id 73766BEE75
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
X-Greylist: delayed 420 seconds by postgrey-1.34 at pallando; Wed, 16 Sep 2015 19:08:55 EDT
Received: from smtpg-pc.aruba.it (smtp217-pc.aruba.it ['''62.149.157.217'''])
by mx1.ncf.ca (Postfix) with ESMTP id 0D616BEE7C
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:54 -0400 (EDT)
Received: from WORLDST-UQ3K9Q0 (['''181.26.209.230'''])
by smtpcm2-pc.aruba.it with bizsmtp
id Hz0g1r0094yo4K101z1GXd; Thu, 17 Sep 2015 01:01:54 +0200https://help.ncf.ca/Spam#Zimbra_Filters

The "received" sections show the [https://en.wikipedia.org/wiki/IP_address IP addresses] which the mail has travelled through and ultimately originates from. The IP addresses in the header are shown '''in bold''' to make them stand out. Because the bottom one is the originator, it can now be traced to see where it comes from.

===Tracing IP addresses===
Tracing IP addresses is fairly easy using tools like [https://launchpad.net/ubuntu/+source/whois whois] on Linux. They can also be traced through the websites of the IP registration authorities:

* [http://whois.arin.net/ui ARIN] (North America)
* [http://www.ripe.net/fcgi-bin/whois RIPE NCC] (Europe, the Middle East and Central Asia)
* [http://www.apnic.net/apnic-info/whois_search APNIC] (Asia Pacific)
* [http://lacnic.net/cgi-bin/lacnic/whois LACNIC] (Latin American and Caribbean)
* [http://www.afrinic.net/ AfriNIC] (Africa)
* [http://www.ip-adress.com/ IP-adress.com] (sic)
* [http://www.find-ip-address.org/ Find-IP-address.org]

If an address is not found in one registry, it will probably be in another one.

In the case of the header example above the IP address '''181.26.209.230''' traces to ''Telefonica de Argentina'' in Buenos Aires, Argentina, so you can be sure it did not originate with NCF and that the return address is spoofed.

=== Volunteer Dave - A Spoofing Story ===

'''An informative narrative written by one of our volunteers and his saga to expose spoofers when he found they were sending mail out from his address.'''

Someone is "Spoofing" your email address or has "hijacked" your email account. Please review the following for advice on what you can do to minimize the occurrences. Please try the suggestions and get back to us if you have further questions.

From: http://www.pcworld.com/article/2927993/what-to-do-when-your-email-address-sends-spam.html

What’s worse than getting spam? Unwittingly sending it. When bogus and probably malware-laden advertising goes out in your name, you look bad. And you get flooded with bounced messages from dead addresses that some crook attempted to spam in your name.

The good news: You’re not sending out spam. Neither is your computer or your IP address. But the bad news can still be pretty bad.

If spam is going out from your email address, the address has been either spoofed or hijacked. Either way, the spam isn’t going out from your computer, and probably not from the criminal’s computer, either. It’s probably going out from an unknowing victim’s malware-infected PC.

Spoofing an email address is, in a sense, forging it. The criminal sends out mail with your From address, even though they have no access to your account.

There’s really no solution to spoofing. Fortunately, for their own reasons, cybercrooks tend to change spoofed addresses frequently. The annoyance will disappear soon.

Hijacking is worse. In this case, the criminal takes control of your account. They can read your mail, and they can target people you know when they spam. And they can lock you out of your own account.

Fortunately, you can do something about hijacking.

As soon as you discover that your address is spamming people, try to change your password…immediately. If you succeed, you’ve fixed the problem.

But if your mail service rejects your password, the problem is serious. The hijacker has changed the password first and now controls your account.

If you’re still connected and can receive mail, try to login on another computer or using your browser’s private mode. When the login fails, try the service’s “Forgot your password” or “Need help” link. The service will email you a new password. Hopefully, you’ll get it before the bad guy.

If that fails, you’ll have to contact the mail service and discuss the problem. Here are the links for [https://support.google.com/mail/bin/answer.py?hl=en&answer=502700 Gmail] and Microsoft’s [https://support.microsoft.com/en-ca/help/4026971/microsoft-account-how-to-reset-your-password Outlook] . If you’re using another service, you’ll have to find the right address yourself.

Have you been using the same password for other services? If so, change them as soon as possible.

Once you’ve got everything under control, email apologies to everyone who received, or might have received, spam apparently coming from you.

Finally, follow these steps to make sure this doesn’t happen again:

Use strong, long passwords that people can’t guess.

Use different passwords for different services, and keep track of them with a password manager.

Set up 2-step verification for your service. You should find instructions on the service’s setup or options screen.

Never email your password to anyone, and I mean anyone.

Shortly after I wrote this article, my daughter's Gmail account was hacked, and everyone she knew received messages telling them to "Click on the document below and log in with your email and password to view it." I gave her the Gmail URL above, and within a few minutes she had her account back.

Here is a link to another good article about this [https://askleo.com/someones-sendin/ "From:spoofing"]

Dave

== Zimbra Filters ==
Zimbra offers powerful filtering options for blocking spammers. Zimbra is build into our email back end, so even if you're not using the Zimbra web client to access your emails, Zimbra filters will still work. This means that even if you're using a popular mail client like outlook, gmail, or your phone, Zimbra filters still offer protection against spammers. The simplest way to block a spammer is by setting up a filter for the email address that the spammer is using to send you spam.

Follow these instructions to set up a filter to block emails from a specific address. In this example the hypothetical spammer is sending us emails from the address: '''daily@spam.com.'''

# Log into your [https://mail.ncf.ca Zimbra] webclient, then go to Preferences > Filters.
## Click on "New Filter" to create a new filter. You can make as many filters as you'd like.
[[File:Zimbra Filter Preferences.png|none|thumb]]
# Under '''"If any of the following conditions are met"''' set the first option to '''"from"''', and leave all other drop down options as default.[[File:Zimbra NewFilter 1.png|none|thumb]]
# In the text field to the right, enter the spammer's entire email address, in this example we're using '''daily@spam.com''', but this will be specific to who is sending you spam.[[File:Zimbra NewFilter 2.png|none|thumb]]
# Under '''"Perform the following actions"''' select '''"Move into folder"'''.[[File:Zimbra NewFilter 3.png|none|thumb|note: in this example our filter will automatically put emails sent from '''daily@spam.com''' to our junk folder, instead of arriving to our inbox. If you'd instead like for them to be sent to your trash right away, select '''"Discard"''' instead.]]
# Click on '''"Browse..."''' to select the folder you'd like to send the emails to.[[File:Zimbra NewFilter 4.png|none|thumb]]
# Click on the '''"Junk"''' folder, then click on '''"Ok"''' to save[[File:Zimbra NewFilter 5.png|none|thumb|You have the option to select any folder, even custom folders, if you'd prefer. For spam we recommend the Junk folder.]]
# At this point your filter should be set up as the following:
## filter condition = "From" "Matches exactly" "Spammer's email address" "all".
## filter action = "Move into folder" "Junk".
## Click on the '''"Ok"''' button to save the filter.[[File:Zimbra NewFilter 6.png|none|thumb]]
# You should now see your new filter under '''"Active Filters"'''. Your filter is now working on your incoming mail!
## You can run your filter by clicking on your filter's name, then clicking '''"Run Filter"'''.[[File:Zimbra ActiveFilters.png|none|thumb]]
# Choose which folder you'd like to run the filter on. Then click '''"OK"''' to run the filter.[[File:Zimbra RunFilter.png|none|thumb|This will filter through your existing emails, and move any existing spam into your junk folder.]]

==External links==
*Phishing quiz on [https://www.opendns.com/phishing-quiz/ Open DNS]
*[https://en.wikipedia.org/wiki/Email_spoofing Email spoofing] on Wikipedia
*NCF's 2018 workshop [[:File:SWaC - Spam+Phishing.pdf]]

[[Category:Email]]

Spam

2024-11-02T18:30:20Z

Gd887:

Spam is usually considered as unsolicited email in the form of marketing communications from corporations, organizations and individuals. A number of common types of spam are '''phishing''' and '''spoofing'''. They can be deceptive and may have malicious intent.

==Phishing==
A phishing attack is a message designed to trick a person into revealing sensitive information to the sender, or to deploy malicious software on the victim's computer. Some examples of phishing attacks are:
* You receive an e-mail stating you have won a prize and requires you to contact them to receive the prize.
* You receive an e-mail stating your account will be deactivated if you do not confirm your identity or usage.
* You receive an e-mail regarding a package being delivered to you which you did not request.
It is important to not respond to a phishing attack. Responding to a phishing attack can provide the senders with more personal information that can be used to target you further. Included in all e-mails is information like your e-mail address and the sending IP address, both of which an attacker can use to create increasingly more sophisticated phishing attempts.

==Spoofing==
'''Spoofing''' is the faking of [[email]] addresses to disguise who is sending the email to you. This is often used to make the sender appear to be a trusted source and make their e-mails more enticing. Because the core protocols for email do not prevent it, it is easy for someone to email you using a fake address for the sender.
A common trick is to use the recipient's email address as the sender's as well, in other words the email will appear to come from you. This is used to fool spam filters as most people don't filter out their own address, but it is an easy-to-recognize indication that you are dealing with a spoofed address.

==How to spot Spoofing and Phishing attempts==
Emails on their own are safe to open, although their attachments may not be. 
1. Make sure the sender is who they claim to be.

[[File:Spoof1.png|500px]]

By hovering over the sender on Zimbra, you see a more information about the sender. In the picture above, the sender is claiming to be Zimbra. This e-mail is actually from @baruhotels.com, so Zimbra is a spoofed e-mail.

2. Make sure links go to a trusted domain

[[File:Spoof2.png|500px]]

By hovering over the links on Zimbra, you can see the URL the link redirects to. In the picture above, the link claims to go to mail.ncf.ca, but actually links out to a dccitevital.org domain and is a phishing attempt

==What to do with Phishing and Spoofing attempts?==
'''Do not open any attachments!''' 
'''Do not open any links!''' 
Deleting the e-mail is the best option.

==Reporting Phishing Emails==
Phishing e-mails can be reported to the [https://www.priv.gc.ca/en/report-a-concern/report-spam/ Office of the Privacy Commissioner of Canada] through their website or by forwarding your e-mails to spam@fightspam.gc.ca.

Phishing links can be reported to Google at [https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en]

==Advanced E-mail tracking==
If you want to find out where the email is really coming from you need to check the email headers ("show original"), as shown here in [[Zimbra]], NCF's webmail interface:

[[File:Zimbra8_advanced_show_original.png|800px]]

Here is an example of a set of email headers from a spoofed email:

Return-Path: youraddress@ncf.ca
Received: from localhost (LHLO mail.ncf.ca) (127.0.0.1) by melkor.ncf.ca
with LMTP; Wed, 16 Sep 2015 19:08:57 -0400 (EDT)
Received: from mail.ncf.ca (localhost [127.0.0.1])
by mail.ncf.ca (Postfix) with ESMTP id A8607A0547
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
X-Spam-Checker-Version: SpamAssassin 3https://help.ncf.ca/Spam#Zimbra_Filters.4.0 (2014-02-07) on melkor.ncf.ca
X-Spam-Level:
X-Spam-Status: No, score=-0.0 required=6.0 tests=BAYES_00,FSL_BULK_SIG,
HTML_IMAGE_ONLY_32,HTML_MESSAGE,PYZOR_CHECK,RCVD_IN_DNSWL_NONE,
RCVD_IN_MSPIKE_H2,T_REMOTE_IMAGE autolearn=no autolearn_force=no version=3.4.0
X-Spam-Virus: No
Received: from mx1.ncf.ca (pallando.ncf.ca ['''134.117.136.70'''])
by mail.ncf.ca (Postfix) with ESMTP id 942A5A051C
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.9.1 mail.ncf.ca 942A5A051C
Received: from mx1.ncf.ca (localhost ['''127.0.0.1'''])
by mx1.ncf.ca (Postfix) with ESMTP id 73766BEE75
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
X-Greylist: delayed 420 seconds by postgrey-1.34 at pallando; Wed, 16 Sep 2015 19:08:55 EDT
Received: from smtpg-pc.aruba.it (smtp217-pc.aruba.it ['''62.149.157.217'''])
by mx1.ncf.ca (Postfix) with ESMTP id 0D616BEE7C
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:54 -0400 (EDT)
Received: from WORLDST-UQ3K9Q0 (['''181.26.209.230'''])
by smtpcm2-pc.aruba.it with bizsmtp
id Hz0g1r0094yo4K101z1GXd; Thu, 17 Sep 2015 01:01:54 +0200https://help.ncf.ca/Spam#Zimbra_Filters

The "received" sections show the [https://en.wikipedia.org/wiki/IP_address IP addresses] which the mail has travelled through and ultimately originates from. The IP addresses in the header are shown '''in bold''' to make them stand out. Because the bottom one is the originator, it can now be traced to see where it comes from.

===Tracing IP addresses===
Tracing IP addresses is fairly easy using tools like [https://launchpad.net/ubuntu/+source/whois whois] on Linux. They can also be traced through the websites of the IP registration authorities:

* [http://whois.arin.net/ui ARIN] (North America)
* [http://www.ripe.net/fcgi-bin/whois RIPE NCC] (Europe, the Middle East and Central Asia)
* [http://www.apnic.net/apnic-info/whois_search APNIC] (Asia Pacific)
* [http://lacnic.net/cgi-bin/lacnic/whois LACNIC] (Latin American and Caribbean)
* [http://www.afrinic.net/ AfriNIC] (Africa)
* [http://www.ip-adress.com/ IP-adress.com] (sic)
* [http://www.find-ip-address.org/ Find-IP-address.org]

If an address is not found in one registry, it will probably be in another one.

In the case of the header example above the IP address '''181.26.209.230''' traces to ''Telefonica de Argentina'' in Buenos Aires, Argentina, so you can be sure it did not originate with NCF and that the return address is spoofed.

=== Volunteer Dave - A Spoofing Story ===

'''An informative narrative written by one of our volunteers and his saga to expose spoofers when he found they were sending mail out from his address.'''

Someone is "Spoofing" your email address or has "hijacked" your email account. Please review the following for advice on what you can do to minimize the occurrences. Please try the suggestions and get back to us if you have further questions.

From: http://www.pcworld.com/article/2927993/what-to-do-when-your-email-address-sends-spam.html

What’s worse than getting spam? Unwittingly sending it. When bogus and probably malware-laden advertising goes out in your name, you look bad. And you get flooded with bounced messages from dead addresses that some crook attempted to spam in your name.

The good news: You’re not sending out spam. Neither is your computer or your IP address. But the bad news can still be pretty bad.

If spam is going out from your email address, the address has been either spoofed or hijacked. Either way, the spam isn’t going out from your computer, and probably not from the criminal’s computer, either. It’s probably going out from an unknowing victim’s malware-infected PC.

Spoofing an email address is, in a sense, forging it. The criminal sends out mail with your From address, even though they have no access to your account.

There’s really no solution to spoofing. Fortunately, for their own reasons, cybercrooks tend to change spoofed addresses frequently. The annoyance will disappear soon.

Hijacking is worse. In this case, the criminal takes control of your account. They can read your mail, and they can target people you know when they spam. And they can lock you out of your own account.

Fortunately, you can do something about hijacking.

As soon as you discover that your address is spamming people, try to change your password…immediately. If you succeed, you’ve fixed the problem.

But if your mail service rejects your password, the problem is serious. The hijacker has changed the password first and now controls your account.

If you’re still connected and can receive mail, try to login on another computer or using your browser’s private mode. When the login fails, try the service’s “Forgot your password” or “Need help” link. The service will email you a new password. Hopefully, you’ll get it before the bad guy.

If that fails, you’ll have to contact the mail service and discuss the problem. Here are the links for [https://support.google.com/mail/bin/answer.py?hl=en&answer=502700 Gmail] and Microsoft’s [https://support.microsoft.com/en-ca/help/4026971/microsoft-account-how-to-reset-your-password Outlook] . If you’re using another service, you’ll have to find the right address yourself.

Have you been using the same password for other services? If so, change them as soon as possible.

Once you’ve got everything under control, email apologies to everyone who received, or might have received, spam apparently coming from you.

Finally, follow these steps to make sure this doesn’t happen again:

Use strong, long passwords that people can’t guess.

Use different passwords for different services, and keep track of them with a password manager.

Set up 2-step verification for your service. You should find instructions on the service’s setup or options screen.

Never email your password to anyone, and I mean anyone.

Shortly after I wrote this article, my daughter's Gmail account was hacked, and everyone she knew received messages telling them to "Click on the document below and log in with your email and password to view it." I gave her the Gmail URL above, and within a few minutes she had her account back.

Here is a link to another good article about this [https://askleo.com/someones-sendin/ "From:spoofing"]

Dave

== Zimbra Filters ==
Zimbra offers powerful filtering options for blocking spammers. Zimbra is build into our email back end, so even if you're not using the Zimbra web client to access your emails, Zimbra filters will still work. This means that even if you're using a popular mail client like outlook, gmail, or your phone, Zimbra filters still offer protection against spammers. The simplest way to block a spammer is by setting up a filter for the email address that the spammer is using to send you spam.

Follow these instructions to set up a filter to block emails from a specific address. In this example the hypothetical spammer is sending us emails from the address: '''daily@spam.com.'''

# Log into your [https://mail.ncf.ca Zimbra] webclient, then go to Preferences > Filters.
## Click on "New Filter" to create a new filter. You can make as many filters as you'd like.
# [[File:Zimbra Filter Preferences.png|none|thumb]]
# Under '''"If any of the following conditions are met"''' set the first option to '''"from"''', and leave all other drop down options as default.[[File:Zimbra NewFilter 1.png|none|thumb]]
# In the text field to the right, enter the spammer's entire email address, in this example we're using '''daily@spam.com''', but this will be specific to who is sending you spam.[[File:Zimbra NewFilter 2.png|none|thumb]]
# Under '''"Perform the following actions"''' select '''"Move into folder"'''.[[File:Zimbra NewFilter 3.png|none|thumb|note: in this example our filter will automatically put emails sent from '''daily@spam.com''' to our junk folder, instead of arriving to our inbox. If you'd instead like for them to be sent to your trash right away, select '''"Discard"''' instead.]]
# Click on '''"Browse..."''' to select the folder you'd like to send the emails to.[[File:Zimbra NewFilter 4.png|none|thumb]]
# Click on the '''"Junk"''' folder, then click on '''"Ok"''' to save[[File:Zimbra NewFilter 5.png|none|thumb|You have the option to select any folder, even custom folders, if you'd prefer. For spam we recommend the Junk folder.]]
# At this point your filter should be set up as the following:
## filter condition = "From" "Matches exactly" "Spammer's email address" "all".
## filter action = "Move into folder" "Junk".
## Click on the '''"Ok"''' button to save the filter.[[File:Zimbra NewFilter 6.png|none|thumb]]
# You should now see your new filter under '''"Active Filters"'''. Your filter is now working on your incoming mail!
## You can run your filter by clicking on your filter's name, then clicking '''"Run Filter"'''.[[File:Zimbra ActiveFilters.png|none|thumb]]
# Choose which folder you'd like to run the filter on. Then click '''"OK"''' to run the filter.[[File:Zimbra RunFilter.png|none|thumb|This will filter through your existing emails, and move any existing spam into your junk folder.]]

==External links==
*Phishing quiz on [https://www.opendns.com/phishing-quiz/ Open DNS]
*[https://en.wikipedia.org/wiki/Email_spoofing Email spoofing] on Wikipedia
*NCF's 2018 workshop [[:File:SWaC - Spam+Phishing.pdf]]

[[Category:Email]]

Spam

2024-11-02T18:29:53Z

Gd887:

Spam is usually considered as unsolicited email in the form of marketing communications from corporations, organizations and individuals. A number of common types of spam are '''phishing''' and '''spoofing'''. They can be deceptive and may have malicious intent.

==Phishing==
A phishing attack is a message designed to trick a person into revealing sensitive information to the sender, or to deploy malicious software on the victim's computer. Some examples of phishing attacks are:
* You receive an e-mail stating you have won a prize and requires you to contact them to receive the prize.
* You receive an e-mail stating your account will be deactivated if you do not confirm your identity or usage.
* You receive an e-mail regarding a package being delivered to you which you did not request.
It is important to not respond to a phishing attack. Responding to a phishing attack can provide the senders with more personal information that can be used to target you further. Included in all e-mails is information like your e-mail address and the sending IP address, both of which an attacker can use to create increasingly more sophisticated phishing attempts.

==Spoofing==
'''Spoofing''' is the faking of [[email]] addresses to disguise who is sending the email to you. This is often used to make the sender appear to be a trusted source and make their e-mails more enticing. Because the core protocols for email do not prevent it, it is easy for someone to email you using a fake address for the sender.
A common trick is to use the recipient's email address as the sender's as well, in other words the email will appear to come from you. This is used to fool spam filters as most people don't filter out their own address, but it is an easy-to-recognize indication that you are dealing with a spoofed address.

==How to spot Spoofing and Phishing attempts==
Emails on their own are safe to open, although their attachments may not be. 
1. Make sure the sender is who they claim to be.

[[File:Spoof1.png|500px]]

By hovering over the sender on Zimbra, you see a more information about the sender. In the picture above, the sender is claiming to be Zimbra. This e-mail is actually from @baruhotels.com, so Zimbra is a spoofed e-mail.

2. Make sure links go to a trusted domain

[[File:Spoof2.png|500px]]

By hovering over the links on Zimbra, you can see the URL the link redirects to. In the picture above, the link claims to go to mail.ncf.ca, but actually links out to a dccitevital.org domain and is a phishing attempt

==What to do with Phishing and Spoofing attempts?==
'''Do not open any attachments!''' 
'''Do not open any links!''' 
Deleting the e-mail is the best option.

==Reporting Phishing Emails==
Phishing e-mails can be reported to the [https://www.priv.gc.ca/en/report-a-concern/report-spam/ Office of the Privacy Commissioner of Canada] through their website or by forwarding your e-mails to spam@fightspam.gc.ca.

Phishing links can be reported to Google at [https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en]

==Advanced E-mail tracking==
If you want to find out where the email is really coming from you need to check the email headers ("show original"), as shown here in [[Zimbra]], NCF's webmail interface:

[[File:Zimbra8_advanced_show_original.png|800px]]

Here is an example of a set of email headers from a spoofed email:

Return-Path: youraddress@ncf.ca
Received: from localhost (LHLO mail.ncf.ca) (127.0.0.1) by melkor.ncf.ca
with LMTP; Wed, 16 Sep 2015 19:08:57 -0400 (EDT)
Received: from mail.ncf.ca (localhost [127.0.0.1])
by mail.ncf.ca (Postfix) with ESMTP id A8607A0547
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on melkor.ncf.ca
X-Spam-Level:
X-Spam-Status: No, score=-0.0 required=6.0 tests=BAYES_00,FSL_BULK_SIG,
HTML_IMAGE_ONLY_32,HTML_MESSAGE,PYZOR_CHECK,RCVD_IN_DNSWL_NONE,
RCVD_IN_MSPIKE_H2,T_REMOTE_IMAGE autolearn=no autolearn_force=no version=3.4.0
X-Spam-Virus: No
Received: from mx1.ncf.ca (pallando.ncf.ca ['''134.117.136.70'''])
by mail.ncf.ca (Postfix) with ESMTP id 942A5A051C
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.9.1 mail.ncf.ca 942A5A051C
Received: from mx1.ncf.ca (localhost ['''127.0.0.1'''])
by mx1.ncf.ca (Postfix) with ESMTP id 73766BEE75
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
X-Greylist: delayed 420 seconds by postgrey-1.34 at pallando; Wed, 16 Sep 2015 19:08:55 EDT
Received: from smtpg-pc.aruba.it (smtp217-pc.aruba.it ['''62.149.157.217'''])
by mx1.ncf.ca (Postfix) with ESMTP id 0D616BEE7C
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:54 -0400 (EDT)
Received: from WORLDST-UQ3K9Q0 (['''181.26.209.230'''])
by smtpcm2-pc.aruba.it with bizsmtp
id Hz0g1r0094yo4K101z1GXd; Thu, 17 Sep 2015 01:01:54 +0200https://help.ncf.ca/Spam#Zimbra_Filters

The "received" sections show the [https://en.wikipedia.org/wiki/IP_address IP addresses] which the mail has travelled through and ultimately originates from. The IP addresses in the header are shown '''in bold''' to make them stand out. Because the bottom one is the originator, it can now be traced to see where it comes from.

===Tracing IP addresses===
Tracing IP addresses is fairly easy using tools like [https://launchpad.net/ubuntu/+source/whois whois] on Linux. They can also be traced through the websites of the IP registration authorities:

* [http://whois.arin.net/ui ARIN] (North America)
* [http://www.ripe.net/fcgi-bin/whois RIPE NCC] (Europe, the Middle East and Central Asia)
* [http://www.apnic.net/apnic-info/whois_search APNIC] (Asia Pacific)
* [http://lacnic.net/cgi-bin/lacnic/whois LACNIC] (Latin American and Caribbean)
* [http://www.afrinic.net/ AfriNIC] (Africa)
* [http://www.ip-adress.com/ IP-adress.com] (sic)
* [http://www.find-ip-address.org/ Find-IP-address.org]

If an address is not found in one registry, it will probably be in another one.

In the case of the header example above the IP address '''181.26.209.230''' traces to ''Telefonica de Argentina'' in Buenos Aires, Argentina, so you can be sure it did not originate with NCF and that the return address is spoofed.

=== Volunteer Dave - A Spoofing Story ===

'''An informative narrative written by one of our volunteers and his saga to expose spoofers when he found they were sending mail out from his address.'''

Someone is "Spoofing" your email address or has "hijacked" your email account. Please review the following for advice on what you can do to minimize the occurrences. Please try the suggestions and get back to us if you have further questions.

From: http://www.pcworld.com/article/2927993/what-to-do-when-your-email-address-sends-spam.html

What’s worse than getting spam? Unwittingly sending it. When bogus and probably malware-laden advertising goes out in your name, you look bad. And you get flooded with bounced messages from dead addresses that some crook attempted to spam in your name.

The good news: You’re not sending out spam. Neither is your computer or your IP address. But the bad news can still be pretty bad.

If spam is going out from your email address, the address has been either spoofed or hijacked. Either way, the spam isn’t going out from your computer, and probably not from the criminal’s computer, either. It’s probably going out from an unknowing victim’s malware-infected PC.

Spoofing an email address is, in a sense, forging it. The criminal sends out mail with your From address, even though they have no access to your account.

There’s really no solution to spoofing. Fortunately, for their own reasons, cybercrooks tend to change spoofed addresses frequently. The annoyance will disappear soon.

Hijacking is worse. In this case, the criminal takes control of your account. They can read your mail, and they can target people you know when they spam. And they can lock you out of your own account.

Fortunately, you can do something about hijacking.

As soon as you discover that your address is spamming people, try to change your password…immediately. If you succeed, you’ve fixed the problem.

But if your mail service rejects your password, the problem is serious. The hijacker has changed the password first and now controls your account.

If you’re still connected and can receive mail, try to login on another computer or using your browser’s private mode. When the login fails, try the service’s “Forgot your password” or “Need help” link. The service will email you a new password. Hopefully, you’ll get it before the bad guy.

If that fails, you’ll have to contact the mail service and discuss the problem. Here are the links for [https://support.google.com/mail/bin/answer.py?hl=en&answer=502700 Gmail] and Microsoft’s [https://support.microsoft.com/en-ca/help/4026971/microsoft-account-how-to-reset-your-password Outlook] . If you’re using another service, you’ll have to find the right address yourself.

Have you been using the same password for other services? If so, change them as soon as possible.

Once you’ve got everything under control, email apologies to everyone who received, or might have received, spam apparently coming from you.

Finally, follow these steps to make sure this doesn’t happen again:

Use strong, long passwords that people can’t guess.

Use different passwords for different services, and keep track of them with a password manager.

Set up 2-step verification for your service. You should find instructions on the service’s setup or options screen.

Never email your password to anyone, and I mean anyone.

Shortly after I wrote this article, my daughter's Gmail account was hacked, and everyone she knew received messages telling them to "Click on the document below and log in with your email and password to view it." I gave her the Gmail URL above, and within a few minutes she had her account back.

Here is a link to another good article about this [https://askleo.com/someones-sendin/ "From:spoofing"]

Dave

== Zimbra Filters ==
Zimbra offers powerful filtering options for blocking spammers. Zimbra is build into our email back end, so even if you're not using the Zimbra web client to access your emails, Zimbra filters will still work. This means that even if you're using a popular mail client like outlook, gmail, or your phone, Zimbra filters still offer protection against spammers. The simplest way to block a spammer is by setting up a filter for the email address that the spammer is using to send you spam.

Follow these instructions to set up a filter to block emails from a specific address. In this example the hypothetical spammer is sending us emails from the address: '''daily@spam.com.'''

# Log into your [https://mail.ncf.ca Zimbra] webclient, then go to Preferences > Filters.
## Click on "New Filter" to create a new filter. You can make as many filters as you'd like.
[[File:Zimbra Filter Preferences.png|none|thumb]]
# Under '''"If any of the following conditions are met"''' set the first option to '''"from"''', and leave all other drop down options as default.[[File:Zimbra NewFilter 1.png|none|thumb]]
# In the text field to the right, enter the spammer's entire email address, in this example we're using '''daily@spam.com''', but this will be specific to who is sending you spam.[[File:Zimbra NewFilter 2.png|none|thumb]]
# Under '''"Perform the following actions"''' select '''"Move into folder"'''.[[File:Zimbra NewFilter 3.png|none|thumb|note: in this example our filter will automatically put emails sent from '''daily@spam.com''' to our junk folder, instead of arriving to our inbox. If you'd instead like for them to be sent to your trash right away, select '''"Discard"''' instead.]]
# Click on '''"Browse..."''' to select the folder you'd like to send the emails to.[[File:Zimbra NewFilter 4.png|none|thumb]]
# Click on the '''"Junk"''' folder, then click on '''"Ok"''' to save[[File:Zimbra NewFilter 5.png|none|thumb|You have the option to select any folder, even custom folders, if you'd prefer. For spam we recommend the Junk folder.]]
# At this point your filter should be set up as the following:
## filter condition = "From" "Matches exactly" "Spammer's email address" "all".
## filter action = "Move into folder" "Junk".
## Click on the '''"Ok"''' button to save the filter.[[File:Zimbra NewFilter 6.png|none|thumb]]
# You should now see your new filter under '''"Active Filters"'''. Your filter is now working on your incoming mail!
## You can run your filter by clicking on your filter's name, then clicking '''"Run Filter"'''.[[File:Zimbra ActiveFilters.png|none|thumb]]
# Choose which folder you'd like to run the filter on. Then click '''"OK"''' to run the filter.[[File:Zimbra RunFilter.png|none|thumb|This will filter through your existing emails, and move any existing spam into your junk folder.]]

==External links==
*Phishing quiz on [https://www.opendns.com/phishing-quiz/ Open DNS]
*[https://en.wikipedia.org/wiki/Email_spoofing Email spoofing] on Wikipedia
*NCF's 2018 workshop [[:File:SWaC - Spam+Phishing.pdf]]

[[Category:Email]]

Spam

2024-11-02T18:28:00Z

Gd887: added zimbra filters section

Spam is usually considered as unsolicited email in the form of marketing communications from corporations, organizations and individuals. A number of common types of spam are '''phishing''' and '''spoofing'''. They can be deceptive and may have malicious intent.

==Phishing==
A phishing attack is a message designed to trick a person into revealing sensitive information to the sender, or to deploy malicious software on the victim's computer. Some examples of phishing attacks are:
* You receive an e-mail stating you have won a prize and requires you to contact them to receive the prize.
* You receive an e-mail stating your account will be deactivated if you do not confirm your identity or usage.
* You receive an e-mail regarding a package being delivered to you which you did not request.
It is important to not respond to a phishing attack. Responding to a phishing attack can provide the senders with more personal information that can be used to target you further. Included in all e-mails is information like your e-mail address and the sending IP address, both of which an attacker can use to create increasingly more sophisticated phishing attempts.

==Spoofing==
'''Spoofing''' is the faking of [[email]] addresses to disguise who is sending the email to you. This is often used to make the sender appear to be a trusted source and make their e-mails more enticing. Because the core protocols for email do not prevent it, it is easy for someone to email you using a fake address for the sender.
A common trick is to use the recipient's email address as the sender's as well, in other words the email will appear to come from you. This is used to fool spam filters as most people don't filter out their own address, but it is an easy-to-recognize indication that you are dealing with a spoofed address.

==How to spot Spoofing and Phishing attempts==
Emails on their own are safe to open, although their attachments may not be. 
1. Make sure the sender is who they claim to be.

[[File:Spoof1.png|500px]]

By hovering over the sender on Zimbra, you see a more information about the sender. In the picture above, the sender is claiming to be Zimbra. This e-mail is actually from @baruhotels.com, so Zimbra is a spoofed e-mail.

2. Make sure links go to a trusted domain

[[File:Spoof2.png|500px]]

By hovering over the links on Zimbra, you can see the URL the link redirects to. In the picture above, the link claims to go to mail.ncf.ca, but actually links out to a dccitevital.org domain and is a phishing attempt

==What to do with Phishing and Spoofing attempts?==
'''Do not open any attachments!''' 
'''Do not open any links!''' 
Deleting the e-mail is the best option.

==Reporting Phishing Emails==
Phishing e-mails can be reported to the [https://www.priv.gc.ca/en/report-a-concern/report-spam/ Office of the Privacy Commissioner of Canada] through their website or by forwarding your e-mails to spam@fightspam.gc.ca.

Phishing links can be reported to Google at [https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en]

==Advanced E-mail tracking==
If you want to find out where the email is really coming from you need to check the email headers ("show original"), as shown here in [[Zimbra]], NCF's webmail interface:

[[File:Zimbra8_advanced_show_original.png|800px]]

Here is an example of a set of email headers from a spoofed email:

Return-Path: youraddress@ncf.ca
Received: from localhost (LHLO mail.ncf.ca) (127.0.0.1) by melkor.ncf.ca
with LMTP; Wed, 16 Sep 2015 19:08:57 -0400 (EDT)
Received: from mail.ncf.ca (localhost [127.0.0.1])
by mail.ncf.ca (Postfix) with ESMTP id A8607A0547
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on melkor.ncf.ca
X-Spam-Level:
X-Spam-Status: No, score=-0.0 required=6.0 tests=BAYES_00,FSL_BULK_SIG,
HTML_IMAGE_ONLY_32,HTML_MESSAGE,PYZOR_CHECK,RCVD_IN_DNSWL_NONE,
RCVD_IN_MSPIKE_H2,T_REMOTE_IMAGE autolearn=no autolearn_force=no version=3.4.0
X-Spam-Virus: No
Received: from mx1.ncf.ca (pallando.ncf.ca ['''134.117.136.70'''])
by mail.ncf.ca (Postfix) with ESMTP id 942A5A051C
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
DKIM-Filter: OpenDKIM Filter v2.9.1 mail.ncf.ca 942A5A051C
Received: from mx1.ncf.ca (localhost ['''127.0.0.1'''])
by mx1.ncf.ca (Postfix) with ESMTP id 73766BEE75
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:55 -0400 (EDT)
X-Greylist: delayed 420 seconds by postgrey-1.34 at pallando; Wed, 16 Sep 2015 19:08:55 EDT
Received: from smtpg-pc.aruba.it (smtp217-pc.aruba.it ['''62.149.157.217'''])
by mx1.ncf.ca (Postfix) with ESMTP id 0D616BEE7C
for <fn352@ncf.ca>; Wed, 16 Sep 2015 19:08:54 -0400 (EDT)
Received: from WORLDST-UQ3K9Q0 (['''181.26.209.230'''])
by smtpcm2-pc.aruba.it with bizsmtp
id Hz0g1r0094yo4K101z1GXd; Thu, 17 Sep 2015 01:01:54 +0200

The "received" sections show the [https://en.wikipedia.org/wiki/IP_address IP addresses] which the mail has travelled through and ultimately originates from. The IP addresses in the header are shown '''in bold''' to make them stand out. Because the bottom one is the originator, it can now be traced to see where it comes from.

===Tracing IP addresses===
Tracing IP addresses is fairly easy using tools like [https://launchpad.net/ubuntu/+source/whois whois] on Linux. They can also be traced through the websites of the IP registration authorities:

* [http://whois.arin.net/ui ARIN] (North America)
* [http://www.ripe.net/fcgi-bin/whois RIPE NCC] (Europe, the Middle East and Central Asia)
* [http://www.apnic.net/apnic-info/whois_search APNIC] (Asia Pacific)
* [http://lacnic.net/cgi-bin/lacnic/whois LACNIC] (Latin American and Caribbean)
* [http://www.afrinic.net/ AfriNIC] (Africa)
* [http://www.ip-adress.com/ IP-adress.com] (sic)
* [http://www.find-ip-address.org/ Find-IP-address.org]

If an address is not found in one registry, it will probably be in another one.

In the case of the header example above the IP address '''181.26.209.230''' traces to ''Telefonica de Argentina'' in Buenos Aires, Argentina, so you can be sure it did not originate with NCF and that the return address is spoofed.

=== Volunteer Dave - A Spoofing Story ===

'''An informative narrative written by one of our volunteers and his saga to expose spoofers when he found they were sending mail out from his address.'''

Someone is "Spoofing" your email address or has "hijacked" your email account. Please review the following for advice on what you can do to minimize the occurrences. Please try the suggestions and get back to us if you have further questions.

From: http://www.pcworld.com/article/2927993/what-to-do-when-your-email-address-sends-spam.html

What’s worse than getting spam? Unwittingly sending it. When bogus and probably malware-laden advertising goes out in your name, you look bad. And you get flooded with bounced messages from dead addresses that some crook attempted to spam in your name.

The good news: You’re not sending out spam. Neither is your computer or your IP address. But the bad news can still be pretty bad.

If spam is going out from your email address, the address has been either spoofed or hijacked. Either way, the spam isn’t going out from your computer, and probably not from the criminal’s computer, either. It’s probably going out from an unknowing victim’s malware-infected PC.

Spoofing an email address is, in a sense, forging it. The criminal sends out mail with your From address, even though they have no access to your account.

There’s really no solution to spoofing. Fortunately, for their own reasons, cybercrooks tend to change spoofed addresses frequently. The annoyance will disappear soon.

Hijacking is worse. In this case, the criminal takes control of your account. They can read your mail, and they can target people you know when they spam. And they can lock you out of your own account.

Fortunately, you can do something about hijacking.

As soon as you discover that your address is spamming people, try to change your password…immediately. If you succeed, you’ve fixed the problem.

But if your mail service rejects your password, the problem is serious. The hijacker has changed the password first and now controls your account.

If you’re still connected and can receive mail, try to login on another computer or using your browser’s private mode. When the login fails, try the service’s “Forgot your password” or “Need help” link. The service will email you a new password. Hopefully, you’ll get it before the bad guy.

If that fails, you’ll have to contact the mail service and discuss the problem. Here are the links for [https://support.google.com/mail/bin/answer.py?hl=en&answer=502700 Gmail] and Microsoft’s [https://support.microsoft.com/en-ca/help/4026971/microsoft-account-how-to-reset-your-password Outlook] . If you’re using another service, you’ll have to find the right address yourself.

Have you been using the same password for other services? If so, change them as soon as possible.

Once you’ve got everything under control, email apologies to everyone who received, or might have received, spam apparently coming from you.

Finally, follow these steps to make sure this doesn’t happen again:

Use strong, long passwords that people can’t guess.

Use different passwords for different services, and keep track of them with a password manager.

Set up 2-step verification for your service. You should find instructions on the service’s setup or options screen.

Never email your password to anyone, and I mean anyone.

Shortly after I wrote this article, my daughter's Gmail account was hacked, and everyone she knew received messages telling them to "Click on the document below and log in with your email and password to view it." I gave her the Gmail URL above, and within a few minutes she had her account back.

Here is a link to another good article about this [https://askleo.com/someones-sendin/ "From:spoofing"]

Dave

== Zimbra Filters ==
Zimbra offers powerful filtering options for blocking spammers. Zimbra is build into our email back end, so even if you're not using the Zimbra web client to access your emails, Zimbra filters will still work. This means that even if you're using a popular mail client like outlook, gmail, or your phone, Zimbra filters still offer protection against spammers. The simplest way to block a spammer is by setting up a filter for the email address that the spammer is using to send you spam.

Follow these instructions to set up a filter to block emails from a specific address. In this example the hypothetical spammer is sending us emails from the address: '''daily@spam.com.'''

# Log into your [https://mail.ncf.ca Zimbra] webclient, then go to Preferences > Filters.
## Click on "New Filter" to create a new filter. You can make as many filters as you'd like.[[File:Zimbra Filter Preferences.png|none|thumb]]
# Under '''"If any of the following conditions are met"''' set the first option to '''"from"''', and leave all other drop down options as default.[[File:Zimbra NewFilter 1.png|none|thumb]]
# In the text field to the right, enter the spammer's entire email address, in this example we're using '''daily@spam.com''', but this will be specific to who is sending you spam.[[File:Zimbra NewFilter 2.png|none|thumb]]
# Under '''"Perform the following actions"''' select '''"Move into folder"'''.[[File:Zimbra NewFilter 3.png|none|thumb|note: in this example our filter will automatically put emails sent from '''daily@spam.com''' to our junk folder, instead of arriving to our inbox. If you'd instead like for them to be sent to your trash right away, select '''"Discard"''' instead.]]
# Click on '''"Browse..."''' to select the folder you'd like to send the emails to.[[File:Zimbra NewFilter 4.png|none|thumb]]
# Click on the '''"Junk"''' folder, then click on '''"Ok"''' to save[[File:Zimbra NewFilter 5.png|none|thumb|You have the option to select any folder, even custom folders, if you'd prefer. For spam we recommend the Junk folder.]]
# At this point your filter should be set up as the following:
## filter condition = "From" "Matches exactly" "Spammer's email address" "all".
## filter action = "Move into folder" "Junk".
## Click on the '''"Ok"''' button to save the filter.[[File:Zimbra NewFilter 6.png|none|thumb]]
# You should now see your new filter under '''"Active Filters"'''. Your filter is now working on your incoming mail!
## You can run your filter by clicking on your filter's name, then clicking '''"Run Filter"'''.[[File:Zimbra ActiveFilters.png|none|thumb]]
# Choose which folder you'd like to run the filter on. Then click '''"OK"''' to run the filter.[[File:Zimbra RunFilter.png|none|thumb|This will filter through your existing emails, and move any existing spam into your junk folder.]]

==External links==
*Phishing quiz on [https://www.opendns.com/phishing-quiz/ Open DNS]
*[https://en.wikipedia.org/wiki/Email_spoofing Email spoofing] on Wikipedia
*NCF's 2018 workshop [[:File:SWaC - Spam+Phishing.pdf]]

[[Category:Email]]

File:Zimbra RunFilter.png

2024-11-02T18:27:15Z

Gd887:

runfilter

File:Zimbra ActiveFilters.png

2024-11-02T18:25:58Z

Gd887:

Zimbra ActiveFilters

File:Zimbra NewFilter 6.png

2024-11-02T18:25:25Z

Gd887:

Zimbra NewFilter 6

File:Zimbra NewFilter 5.png

2024-11-02T18:24:26Z

Gd887:

Zimbra NewFilter 5

File:Zimbra NewFilter 4.png

2024-11-02T18:23:38Z

Gd887:

Zimbra NewFilter 4

File:Zimbra NewFilter 3.png

2024-11-02T18:21:53Z

Gd887:

Zimbra NewFilter 3

File:Zimbra NewFilter 2.png

2024-11-02T18:20:17Z

Gd887:

Zimbra NewFilter 2

File:Zimbra NewFilter 1.png

2024-11-02T18:19:45Z

Gd887:

Zimbra NewFilter 1

File:Zimbra Filter Preferences.png

2024-11-02T18:18:21Z

Gd887:

Zimbra Filter Preferences

Changing DNS Settings on SmartRG Modems

2024-11-01T17:45:25Z

Gd887: minor formatting change

<div class="ncfrightbox"> {{Template:Troubleshooting DSL Links}} </div>

{| class="wikitable"
| colspan="2" |'''Summary of Configuration Information and Changes'''
|-
|Modem Login Page:

Modem Administrator User Name:

Modem Administrator Password:
|[http://192.168.1.1 192.168.1.1]
'''admin'''

DSL password (Default is '''admin''')
|-
|Where to go in Menu:
|'''Advanced Setup > DNS > DNS Server'''
|-
|What to change:
| Primary DNS Server: 1.1.1.1
Secondary DNS Server: 1.0.0.1
|}
1. Connect to your modem using a wired Ethernet cable or join your Wireless network.

2. Open an Internet browser on your computer and connect to the modem by typing [http://192.168.1.1 192.168.1.1] in the address bar.

3. Click on the '''Manage Gateway(Advanced)'''” Log in to the Administrative Account:
* Username: '''admin'''
* Password: Your DSL password (Default is '''admin''')
[[File:SR505n-Login Page.png|alt=SmartRG Login Page|none|thumb|672x672px|SmartRG modem Login Page]]
4. From the '''Advanced Settings''' page, navigate to the '''Advanced Setup > DNS > DNS Server''' option on the left.

5. Change the settings to '''"Use the following Static DNS IP address:"'''. We recommend using the cloudflare DNS servers at:
* Primary DNS Server: 1.1.1.1
* [[Category:DSL]] [[Category:Modems]] Secondary DNS Server: 1.0.0.1
6. Change the settings for '''"Use the following Static IPv6 DNS IP address:"'''. We recommend using the cloudflare DNS servers at:
*Primary DNS Server: 2606:4700:4700::1111
* [[Category:DSL]] [[Category:Modems]] Secondary DNS Server: 2606:4700:4700::1001
7. Click '''Apply/Save''' at the bottom of the page.
[[File:SmartRG DNS Settings.png|none|thumb|454x454px|SmartRG cloudflare DNS Settings]]
'''The following steps are only available on Firmware version 2.6.2.6 or later'''

8. Navigate to the Advance Setup > LAN
[[File:Advanced DNS Settings.png|none|thumb|SmartRG Advanced DNS settings]]
9. Change the settings for the Static DNS Servers (optional). We recommend using the cloudflare DNS servers at:

*Primary DNS Server: 1.1.1.1
* [[Category:DSL]] [[Category:Modems]] Secondary DNS Server: 1.0.0.1

[[File:Advance SmartRG Cloudflare Settings.png|none|thumb|697x697px|Advance SmartRG Cloudflare Settings]]
10. Click '''Apply/Save''' at the botton of the page.

== See Also ==
*[[Modem Configuration]] - for a complete list of instructions for all NCF modems