Twitter API & OAuth 101 TVUG October 2009
View more presentations from Andrew Badera.
Showing posts with label twitter-api. Show all posts
Showing posts with label twitter-api. Show all posts
Tuesday, October 13
Google Groups Spammed & Spoofed
Someone used a paid relay service to send a blast of spam mail to Google Groups today, including an email to DotNetDevelopment forged to look like it was from me, and one to the Twitter development list from Abraham Williams. I wonder if I can tighten up my SPF records further ...
Note:
"node67-rs.smtp.com is a paid relay service. We do not tolerate UCE of any kind. Please report it ASAP to abuse@smtp.com"
Reported! Too bad they're sloppy enough to either take on a paying scammer, or allow their server(s) to be compromised.
Entire original header below:
Received: by 10.204.57.197 with SMTP id d5cs159454bkh;
Tue, 13 Oct 2009 05:46:41 -0700 (PDT)
Received: by 10.224.36.161 with SMTP id t33mr5712657qad.346.1255437999331;
Tue, 13 Oct 2009 05:46:39 -0700 (PDT)
Return-Path:
Received: from mail-yw0-f143.google.com (mail-yw0-f143.google.com [209.85.211.143])
by mx.google.com with ESMTP id 16si5931388qyk.49.2009.10.13.05.46.37;
Tue, 13 Oct 2009 05:46:38 -0700 (PDT)
Received-SPF: pass (google.com: domain of grbounce-CXXeHAUAAABT6iFcnV0tp2J8uwopwMrD=[name]=[mydomain]@googlegroups.com designates 209.85.211.143 as permitted sender) client-ip=209.85.211.143;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of grbounce-CXXeHAUAAABT6iFcnV0tp2J8uwopwMrD=[name]=[mydomain]@googlegroups.com designates 209.85.211.143 as permitted sender) smtp.mail=grbounce-CXXeHAUAAABT6iFcnV0tp2J8uwopwMrD=[name]=[mydomain]@googlegroups.com; dkim=pass (test mode) header.i=@googlegroups.com
Received: by ywh7 with SMTP id 7so11775014ywh.23
for <[name]@[mydomain]>; Tue, 13 Oct 2009 05:44:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=beta;
h=domainkey-signature:received:received:x-sender:x-apparently-to
:received:received:received:received-spf:received
:x-smtpcom-spam-policy:x-smtpcom-sender-id:x-smtpcom-tracking-number
:mime-version:from:reply-to:to:subject:content-type
:content-transfer-encoding:x-mailer:date:message-id:sender
:precedence:x-google-loop:mailing-list:list-id:list-post:list-help
:list-unsubscribe:x-beenthere-env:x-beenthere;
bh=v/3cjxr9yNnnn8YzYMWt3Zb3yFtZ6fg/QPjQ6F00xzU=;
b=f8zONo+Nd2OiMZboovaizKOIB3KdTwU639muyNz845TznnqnCLIFSbJBB8X9/tVaSP
SJXpcLquG3LMNCzwhNlwtxheFIo1gPaAqrBkoehXE5H6eVLh/lOUMazqBTVWITP+RN0p
QYspurQzDOcCZyOyToKh14c+5t9Y8jzYfDPS8=
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=googlegroups.com; s=beta;
h=x-sender:x-apparently-to:received-spf:authentication-results
:x-smtpcom-spam-policy:x-smtpcom-sender-id:x-smtpcom-tracking-number
:mime-version:from:reply-to:to:subject:content-type
:content-transfer-encoding:x-mailer:date:message-id:sender
:precedence:x-google-loop:mailing-list:list-id:list-post:list-help
:list-unsubscribe:x-beenthere-env:x-beenthere;
b=OdKVMgfgp0pSRBItb7s3AarQySGe3257BGdagGxmJ32sNCqC0EX3btfyBksKm3CKzB
+5rU+D4gFe8kxK7g3JvgJ3JHoimWFXHOL2c47ftI9iHPwjsHErQysprNE05keLcSovWo
NXkulIIxbH0hk9X4T6okRCjxYagz2g09IJpzQ=
Received: by 10.224.124.213 with SMTP id v21mr334295qar.44.1255437890651;
Tue, 13 Oct 2009 05:44:50 -0700 (PDT)
Received: by 10.176.233.14 with SMTP id f14gr43027yqh.0;
Tue, 13 Oct 2009 05:44:41 -0700 (PDT)
X-Sender: [name]@[mydomain]
X-Apparently-To: dotnetdevelopment@googlegroups.com
Received: by 10.224.95.213 with SMTP id e21mr1582186qan.0.1255437857334; Tue, 13 Oct 2009 05:44:17 -0700 (PDT)
Received: by 10.224.95.213 with SMTP id e21mr1582185qan.0.1255437857289; Tue, 13 Oct 2009 05:44:17 -0700 (PDT)
Return-Path: <[name]@[mydomain]>
Received: from node67-rs.smtp.com (node67-rs.smtp.com [74.205.51.67]) by gmr-mx.google.com with ESMTP id 18si409687ywh.13.2009.10.13.05.44.17; Tue, 13 Oct 2009 05:44:17 -0700 (PDT)
Received-SPF: neutral (google.com: 74.205.51.67 is neither permitted nor denied by best guess record for domain of [name]@[mydomain]) client-ip=74.205.51.67;
Received: from 41.248.202.187 (unknown [41.248.202.187]) by node67-rs.smtp.com (Postfix) with ESMTPA id D31FA2B0529 for; Tue, 13 Oct 2009 08:44:15 -0400 (EDT)
X-SMTPCOM-Spam-Policy: node67-rs.smtp.com is a paid relay service. We do not tolerate UCE of any kind. Please report it ASAP to abuse@smtp.com
X-SMTPCOM-Sender-ID: 2367
X-SMTPCOM-Tracking-Number: 71882385
MIME-Version: 1.0
From: "Forum" <[name]@[mydomain]>
Reply-To: dotnetdevelopment@googlegroups.com
To: dotnetdevelopment@googlegroups.com
Subject: [DotNetDevelopment] How To Unlock Locked iPod
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: SendBlaster.1.6.2
Date: Tue, 13 Oct 2009 12:44:09 +0200
Message-ID: <386066006496256206824@sweet-a0aa22526>
Sender: dotnetdevelopment@googlegroups.com
Precedence: bulk
X-Google-Loop: groups
Mailing-List: list dotnetdevelopment@googlegroups.com;
contact dotnetdevelopment+owner@googlegroups.com
List-Id:
List-Post:
List-Help:
List-Unsubscribe:,
X-BeenThere-Env: dotnetdevelopment@googlegroups.com
X-BeenThere: dotnetdevelopment@googlegroups.com
Note:
"node67-rs.smtp.com is a paid relay service. We do not tolerate UCE of any kind. Please report it ASAP to abuse@smtp.com"
Reported! Too bad they're sloppy enough to either take on a paying scammer, or allow their server(s) to be compromised.
Entire original header below:
Received: by 10.204.57.197 with SMTP id d5cs159454bkh;
Tue, 13 Oct 2009 05:46:41 -0700 (PDT)
Received: by 10.224.36.161 with SMTP id t33mr5712657qad.346.1255437999331;
Tue, 13 Oct 2009 05:46:39 -0700 (PDT)
Return-Path:
Received: from mail-yw0-f143.google.com (mail-yw0-f143.google.com [209.85.211.143])
by mx.google.com with ESMTP id 16si5931388qyk.49.2009.10.13.05.46.37;
Tue, 13 Oct 2009 05:46:38 -0700 (PDT)
Received-SPF: pass (google.com: domain of grbounce-CXXeHAUAAABT6iFcnV0tp2J8uwopwMrD=[name]=[mydomain]@googlegroups.com designates 209.85.211.143 as permitted sender) client-ip=209.85.211.143;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of grbounce-CXXeHAUAAABT6iFcnV0tp2J8uwopwMrD=[name]=[mydomain]@googlegroups.com designates 209.85.211.143 as permitted sender) smtp.mail=grbounce-CXXeHAUAAABT6iFcnV0tp2J8uwopwMrD=[name]=[mydomain]@googlegroups.com; dkim=pass (test mode) header.i=@googlegroups.com
Received: by ywh7 with SMTP id 7so11775014ywh.23
for <[name]@[mydomain]>; Tue, 13 Oct 2009 05:44:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=beta;
h=domainkey-signature:received:received:x-sender:x-apparently-to
:received:received:received:received-spf:received
:x-smtpcom-spam-policy:x-smtpcom-sender-id:x-smtpcom-tracking-number
:mime-version:from:reply-to:to:subject:content-type
:content-transfer-encoding:x-mailer:date:message-id:sender
:precedence:x-google-loop:mailing-list:list-id:list-post:list-help
:list-unsubscribe:x-beenthere-env:x-beenthere;
bh=v/3cjxr9yNnnn8YzYMWt3Zb3yFtZ6fg/QPjQ6F00xzU=;
b=f8zONo+Nd2OiMZboovaizKOIB3KdTwU639muyNz845TznnqnCLIFSbJBB8X9/tVaSP
SJXpcLquG3LMNCzwhNlwtxheFIo1gPaAqrBkoehXE5H6eVLh/lOUMazqBTVWITP+RN0p
QYspurQzDOcCZyOyToKh14c+5t9Y8jzYfDPS8=
DomainKey-Signature: a=rsa-sha1; c=nofws;
d=googlegroups.com; s=beta;
h=x-sender:x-apparently-to:received-spf:authentication-results
:x-smtpcom-spam-policy:x-smtpcom-sender-id:x-smtpcom-tracking-number
:mime-version:from:reply-to:to:subject:content-type
:content-transfer-encoding:x-mailer:date:message-id:sender
:precedence:x-google-loop:mailing-list:list-id:list-post:list-help
:list-unsubscribe:x-beenthere-env:x-beenthere;
b=OdKVMgfgp0pSRBItb7s3AarQySGe3257BGdagGxmJ32sNCqC0EX3btfyBksKm3CKzB
+5rU+D4gFe8kxK7g3JvgJ3JHoimWFXHOL2c47ftI9iHPwjsHErQysprNE05keLcSovWo
NXkulIIxbH0hk9X4T6okRCjxYagz2g09IJpzQ=
Received: by 10.224.124.213 with SMTP id v21mr334295qar.44.1255437890651;
Tue, 13 Oct 2009 05:44:50 -0700 (PDT)
Received: by 10.176.233.14 with SMTP id f14gr43027yqh.0;
Tue, 13 Oct 2009 05:44:41 -0700 (PDT)
X-Sender: [name]@[mydomain]
X-Apparently-To: dotnetdevelopment@googlegroups.com
Received: by 10.224.95.213 with SMTP id e21mr1582186qan.0.1255437857334; Tue, 13 Oct 2009 05:44:17 -0700 (PDT)
Received: by 10.224.95.213 with SMTP id e21mr1582185qan.0.1255437857289; Tue, 13 Oct 2009 05:44:17 -0700 (PDT)
Return-Path: <[name]@[mydomain]>
Received: from node67-rs.smtp.com (node67-rs.smtp.com [74.205.51.67]) by gmr-mx.google.com with ESMTP id 18si409687ywh.13.2009.10.13.05.44.17; Tue, 13 Oct 2009 05:44:17 -0700 (PDT)
Received-SPF: neutral (google.com: 74.205.51.67 is neither permitted nor denied by best guess record for domain of [name]@[mydomain]) client-ip=74.205.51.67;
Received: from 41.248.202.187 (unknown [41.248.202.187]) by node67-rs.smtp.com (Postfix) with ESMTPA id D31FA2B0529 for
X-SMTPCOM-Spam-Policy: node67-rs.smtp.com is a paid relay service. We do not tolerate UCE of any kind. Please report it ASAP to abuse@smtp.com
X-SMTPCOM-Sender-ID: 2367
X-SMTPCOM-Tracking-Number: 71882385
MIME-Version: 1.0
From: "Forum" <[name]@[mydomain]>
Reply-To: dotnetdevelopment@googlegroups.com
To: dotnetdevelopment@googlegroups.com
Subject: [DotNetDevelopment] How To Unlock Locked iPod
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: SendBlaster.1.6.2
Date: Tue, 13 Oct 2009 12:44:09 +0200
Message-ID: <386066006496256206824@sweet-a0aa22526>
Sender: dotnetdevelopment@googlegroups.com
Precedence: bulk
X-Google-Loop: groups
Mailing-List: list dotnetdevelopment@googlegroups.com;
contact dotnetdevelopment+owner@googlegroups.com
List-Id:
List-Post:
List-Help:
List-Unsubscribe:
X-BeenThere-Env: dotnetdevelopment@googlegroups.com
X-BeenThere: dotnetdevelopment@googlegroups.com
Thursday, September 3
New Twist on Twam
Noticing a scary twitterspam trend these past couple weeks: bambibots and other spambots on Twitter are getting a lot more subtle. A few months back, you saw them spewing out random bits of text obviously taken from other sources, but those bits were often fragments, and the following:followed ratio was hundreds:1 or worse. Account names were still pretty obviously simple enumerations or iterations.
This week, I'm seeing spambot accounts with reasonable following ratios, believable names, and bits of text that would almost make sense as entire thoughts or sentences, if you didn't understand that a word like "uni" for "school" or "college" wouldn't be used by a girl in Louisiana, particularly not in the middle of August.
Big giveaway: name reads "Kayla," Ms. 'Claire.' Ooops!
The linkspam volume has died down. You could almost believe it's a real account, not just a broadcast mouthpiece for porn, SEO and MLM links.
One giveaway the nasty spammers seem to fail to be dealing with: the source parameter. Without an officially registered app, the source parameter describing the app that a tweet was sent from is going to be displayed as "From API." Not "From Web." Not "From Tweetdeck" or "From Seesmic" -- "From API."
With OAuth, there's no reason for legitimate users to be calling in over Basic Auth anymore -- no reason a legit user should be displaying "From API" -- certainly not with any regularity.
Developers: register your app, use the freely available OAuth libraries that are proliferating, and deal with the occasional OAuth downtime.
Subscribe to:
Posts (Atom)