Hi Alain... Apologies for the delayed reply. I'm mid-move cross country with my family and have limited access to email.
Living Social, stemming from their recent internal compromise, sent notifications of the breach to any address from which they'd had a touchpoint in the past. They hit a *lot* of traps while trying to do the right thing -- asking consumers to reset credentials, etc. Based on the subject line in the below message, it looks like you got one such notice. Did you happen to read the email? I understand this thread has been tabled (trying to sign up for the dev list now) -- wanted to get out a reply before the thread was lost entirely. Under any other circumstances, we would have suspended Living Social from our program due to their compliance issue from this campaign. Considering this was a PSA aimed at protecting consumers, we gave them additional leeway. If we had suspended their IPs, it's likely hundreds of thousands of messages aimed at engaged consumers would have been spamfoldered or blocked, and the vulnerable consumers would have stayed in the dark. I hope you can understand our actions in this case. It would also be particularly helpful if you could confirm the trap hit you received was regarding the compromise. If not, LS has some deeper issues we're unaware of, and we'd need to have a chat with them. Many thanks, Margot Romary Director, Compliance and Security Return Path, Inc. Sent from my iPhone On Apr 27, 2013, at 5:27 AM, "Alain Kelder" <spamassas...@ak4life.com> wrote: > Hello, > > Today a spam message from livingsocial.com got through. It was sent to a > honey pot address (e.g. not used for legitimate mail). I don't even have > an account with livingsocial.com. This spam message would have been > caught had SA not credited it -5 points with two RP rules: > > RCVD_IN_RP_CERTIFIED=-3 > RCVD_IN_RP_SAFE=-2 > > I've overridden the scores for the above tests in my SA configuration, > but wanted to report this so it might benefit others. > > Thanks, > Alain > > P.S. Here's the spam message: > > Return-Path: <repl...@bounces.livingsocial.com> > Received: from [REMOVED] ([unix socket]) > by [REMOVED] (Cyrus v2.2.13-Debian-2.2.13-19+squeeze3) with LMTPA; > Sat, 27 Apr 2013 01:48:01 -0700 > X-Sieve: CMU Sieve 2.2 > Received: from localhost (localhost [127.0.0.1]) > by [REMOVED] (Postfix) with ESMTP id 51ED157ADB > for <[REMOVED]>; Sat, 27 Apr 2013 01:48:01 -0700 (PDT) > X-Virus-Scanned: Debian amavisd-new at [REMOVED] > X-Spam-Flag: NO > X-Spam-Score: -2.277 > X-Spam-Level: > X-Spam-Status: No, score=-2.277 required=4 tests=[BAYES_05=-3, > DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, MIME_HTML_ONLY=0.723, > MIME_HTML_ONLY_MULTI=0.001, MPART_ALT_DIFF=0.79, MXCOW_SPAMTRAP=4.1, > RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_RP_CERTIFIED=-3, > RCVD_IN_RP_SAFE=-2, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, > T_DKIM_INVALID=0.01] autolearn=no > Received: from [REMOVED] ([127.0.0.1]) > by localhost ([REMOVED] [127.0.0.1]) (amavisd-new, port 10024) > with ESMTP id 9d1f7y+swmdQ for <[REMOVED]>; > Sat, 27 Apr 2013 01:47:57 -0700 (PDT) > Received: from mta-34c9.livingsocial.com (mta-34c9.livingsocial.com > [199.91.52.201]) > by [REMOVED] (Postfix) with ESMTP id 3F84757ADA > for <[REMOVED]>; Sat, 27 Apr 2013 01:47:57 -0700 (PDT) > DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; s=ls3; > d=livingsocial.com; > h=Date:List-Unsubscribe:from:To:Message-ID:Subject:MIME-Version:Content-Type; > bh=MeSEhi/r/Te6TwcICMCrN+cn7RI=; > b=q6eqSXDJtFSpF31Wb9TlDte5QIjEuc7Kxjo56psPTu6fKHshnyyzsyzJz38BRtdXAzOl+dwcKzst > 9L2zaRYhdF+WXOSy0IKdZyedIjJ7qxiCCoJ37/uv64ky4EzSy1X7s10n9s0j4G/kpZN3Z2e1z5uo > 3f/CDVsk2IJReXPVnC0= > Received: from app-mail02.iad.livingsocial.net (172.17.4.94) by > mta-34c9.livingsocial.com id hfe8bq1ilg0v for <[REMOVED]>; Sat, 27 Apr > 2013 08:45:22 +0000 (envelope-from <repl...@bounces.livingsocial.com>) > Date: Sat, 27 Apr 2013 08:45:22 +0000 > X-MSFBL: > c3BtdHJwQGFrNGxpZmUuY29tQGJpbmRpbmdAYmluZGluZ19ncm91cEBnX044VlVKMThGQjBFTTc0OEJVVlA5VlVQNDlRMkgwODRJUEMzUUZQMlRJUjVUR0VUSjVKVUc9PT09 > X-score: 1 > X-Ls-Send-Id: g_N8VUJ18FB0EM748BUVP9VUP49Q2H084IPC3QFP2TIR5TGETJ5JUG==== > X-Mailer: Syringe 1.0.0 > List-Unsubscribe: > <mailto:unsubscribe-g_N8VUJ18FB0EM748BUVP9VUP49Q2H084IPC3QFP2TIR5TGETJ5JUG====@bounces.livingsocial.com> > from: LivingSocial <upda...@livingsocial.com> > To: [REMOVED] > Message-ID: > <898585605.1019.1367052321169.javamail.do...@app-mail02.iad.livingsocial.net> > Subject: An important update on your LivingSocial.com account > MIME-Version: 1.0 > Content-Type: multipart/alternative; > boundary="----=_Part_1017_1518702247.1367052321167" > reply_to: norepl...@livingsocial.com > x-avocado-domain: hungrymachine.com > x-ls-priority: whale > > ------=_Part_1017_1518702247.1367052321167 > Content-Type: text/html; charset=utf-8 > Content-Transfer-Encoding: 7bit > Content-Disposition: inline > > <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" > "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";> > <html> > <head> > <title>Important Information</title> > <style type="text/css"> > body { width: 100% !important; } > .appleDevice a, .ii a, .ReadMsgBody a {color:#1D81C1; text-decoration:none;} > #header img {color:#f1c52c;} > /* mobile styles */ > @media only screen and (max-device-width: 480px) { > table[class="container"], > table[class="main_container"], > td[class="main_content"], td[class="main_content"] p, > td[class="footer_container"], td[class="footer_content"] { width: 100% > !important;} > > td[class="inner_container"] { padding: 10px 0px !important;} > > td[class="main_content"], td[class="main_content"] p { font-size: 24px > !important;} > td[class="header_headline"] { font-size: 30px !important;} > td[class="footer_content"], td[class="footer_content"] p { font-size: > 16px !important;} > > /* deal info blocks */ > td[class="deal_image_container"] { width: 130px !important;} > td[class="deal_info_container"] { padding-right: 10px !important; > padding-left: 10px !important; width: 100% !important; } > img[class="deal_image"] { height: 186px !important; width: 130px > !important; } > a[class="deal_merchant"] { font-size: 24px !important; } > span[class="deal_title"] {font-size: 20px !important; } > p[class="deal_description"] { font-size: 18px !important; } > > td[class="button_container"] { height: 60px !important; margin: 10px 0px > 0px 0px !important; width: 100% !important; } > td[class="button"] { > background-color: #58cef9 !important; > background-image: -webkit-gradient(linear, left top, left bottom, > color-stop(0%, #58cef9), color-stop(100%, #3eabd6)) !important; > background-image: -webkit-linear-gradient(top, #58cef9, #3eabd6) !important; > background-image: -moz-linear-gradient(top, #58cef9, #3eabd6) !important; > background-image: -ms-linear-gradient(top, #58cef9, #3eabd6) !important; > background-image: -o-linear-gradient(top, #58cef9, #3eabd6) !important; > background-image: linear-gradient(top, #58cef9, #3eabd6) !important; > -webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.4) !important; > -moz-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.4) !important; > -ms-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.4) !important; > -o-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.4) !important; > box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.4) !important; > -webkit-border-radius: 4px !important; > -moz-border-radius: 4px !important; > -ms-border-radius: 4px !important; > -o-border-radius: 4px !important; > border-radius: 4px !important; > border: 1px solid #298eb6 !important; > color: white !important; > display: inherit !important; > display: -moz-inline-box !important; > -moz-box-orient: vertical !important; > display: inline-block !important; > font: 22px/100% "arial rounded mt bold", helvetica, arial, sans-serif > !important; > line-height: 18px !important; > padding: 10px 15px !important; > outline: none !important; > text-align: center !important; > text-decoration: none !important; > text-transform: lowercase !important; > vertical-align: baseline !important; > zoom: 1 !important; > *display: inline !important; > *margin-left: .3em !important; > *vertical-align: auto !important; > } > > div[class="online-redemption"] { width: 98% !important; } > div[class="online-redemption"] div[class="or_deal_img_title"] { margin: > 0px; padding: 0px; } > div[class="online-redemption"] div[class="or_deal_image_container"] { > display: none !important; } > div[class="online-redemption"] div[class="or_deal_image_container"] > img[class="deal_image"] { display: none !important; } > div[class="online-redemption"] div[class="or_deal_img_title"] > div[class="or_deal_title"] h2 { font-size: 24px !important; > margin-bottom: 5px !important; } > div[class="online-redemption"] div[class="or_deal_img_title"] > div[class="expiration-notice"] { font-size: 14px !important; } > > div[class="online-redemption"] ol[class="or_redemption_instructions"] { > margin-left: 10px !important; } > div[class="online-redemption"] ol[class="or_redemption_instructions"] > li[class="instruction_steps"] { margin-bottom: 10px !important;} > div[class="online-redemption"] ol[class="or_redemption_instructions"] > li[class="instruction_steps"] img { max-width: 300px !important; margin: > 0px !important; padding: 15px 0px !important;} > div[class="online-redemption"] div[class="or_redemption_code_container"] > h3 { font-size: 20px !important; } > div[class="online-redemption"] div[class="or_redemption_code_container"] > div[class="or_redemption_code"] { margin: 0px !important; padding: 5px > 0px !important;} > div[class="online-redemption"] div[class="or_redemption_code_container"] > h2 { font-size: 20px !important; padding-left: 0px !important;} > } > > </style> > </head> > <body style="padding: 0; margin: 0; background-color: #262626;"> > <table bgcolor="#262626" border="0" cellspacing="0" cellpadding="0" > id="newsletter" width="100%"> > <tbody> > <tr> > <td style="padding-top: 10px; vertical-align: top;"> > <table align="center" border="0" cellspacing="0" cellpadding="0" > width="600" class="container"> > <tbody> > <tr> > <td class="inner_container" style="padding-top: 10px; padding-right: > 10px; padding-bottom: 10px; padding-left: 10px; vertical-align: top;"> > <table border="0" cellspacing="0" cellpadding="0" width="600" > class="main_container"> > <tbody> > <tr> > <td colspan="2" width="600" align="center" > style="color:#f0f0f0;font-family:helvetica,arial,sans-serif;font-size:11px"><p > style="margin:0px;padding:0px 0px 10px 0px;color:#999999"> LivingSocial > Account Update <br /><span style="font-style:italic">You are receiving > this message based on your relationship with LivingSocial, even though > you may have previously unsubscribed. If you have unsubscribed you will > not receive any other messages from us.</span></p></td> > </tr> > <tr> > <td id="header" style="vertical-align: bottom; padding-bottom:10px;"> > <img > src="http://a4.ak.lscdn.net/imgs/8b538ad9-933a-41d8-89fb-59570b5e4f9d"; > style="border:none;" alt="LivingSocial" width="112" height="42" /> </td> > </tr> > <tr> > <td class="header_headline" style="color: #ffffff; font-family: 'Arial > Rounded MT Bold', Helvetica, Arial, sans-serif; font-size: 40px; > font-weight: bold;"> </td> > </tr> > <tr> > <td bgcolor="#ffffff" class="main_content" style="border: 1px solid > #d6d6d6; color: #666666; font-family: Helvetica, Arial, sans-serif; > font-size: 14px; padding:20px; vertical-align: top;"> > <table width="600" border="0" cellpadding="0" cellspacing="0"> > <tbody> > <tr> > <td colspan="2" valign="top" style="padding-right: 20px;"> <p > style="font-family: 'arial rounded mt bold', helvetica, arial, > sans-serif; margin-top: 0px; color: #262626; font-size: 18px;"> > IMPORTANT INFORMATION<br /></p> <p style="color: #373332; font-family: > helvetica, arial, sans-serif; font-size: 12px; line-height: > 140%;">LivingSocial recently experienced a cyber-attack on our computer > systems that resulted in unauthorized access to some customer data from > our servers. We are actively working with law enforcement to investigate > this issue. </p> <p style="color: #373332; font-family: helvetica, > arial, sans-serif; font-size: 12px; line-height: 140%;">The information > accessed includes names, email addresses, date of birth for some users, > and encrypted passwords -- technically ‘hashed’ and ‘salted’ passwords. > We never store passwords in plain text.</p> <p style="color: #373332; > font-family: helvetica, arial, sans-serif; font-size: 12px; line-height: 14 > 0%;">Two things you should know: </p> > <ol style="color: #373332; font-family: helvetica, arial, sans-serif; > font-size: 12px; line-height: 140%;"> > <li>The database that stores customer credit card information was not > affected or accessed.</li> > <li>If you connect to LivingSocial using Facebook Connect, your Facebook > credentials were not compromised.</li> > </ol> <span style="color: #373332; font-family: helvetica, arial, > sans-serif; font-size: 12px; line-height: 140%;">You do not need to take > any action at this time, but we wanted to be sure you were fully > informed of what happened.</span><p></p> <p style="color: #373332; > font-family: helvetica, arial, sans-serif; font-size: 12px; line-height: > 140%;"><strong>The security of your information is our > priority.</strong> We always strive to ensure the security of our > customer information, and we are redoubling efforts to prevent any > issues in the future.</p> <p style="color: #373332; font-family: > helvetica, arial, sans-serif; font-size: 12px; line-height: > 140%;">Please note that LivingSocial will never ask you directly for > personal or account information in an email. We will always direct you > to the LivingSocial website – and require you to login – before making > any changes to your account. Please disregard any emails claiming to be > from LivingSocial that requ > est such information or direct you to a website that asks for such > information.</p> <p style="color: #373332; font-family: helvetica, > arial, sans-serif; font-size: 12px; line-height: 140%;">If you have > additional questions about this process, the "Create New > Password" button on LivingSocial.com will direct you to a page that > has instructions on creating a new password and answers to frequently > asked questions. </p> <p style="color: #373332; font-family: helvetica, > arial, sans-serif; font-size: 12px; line-height: 140%;">We are sorry > this incident occurred, and we look forward to continuing to introduce > you to new and exciting things to do in your community.</p> <p > style="color: #373332; font-family: helvetica, arial, sans-serif; > font-size: 12px; line-height: 140%;">Sincerely, <br />Tim O'Shaughnessy, > CEO</p> </td> > </tr> > </tbody> > </table> </td> > </tr> > </tbody> > </table> <br /> > <table width="600" class="footer_container"> > <tbody> > <tr> > <td class="footer_content" style="font-size: 10px; > padding:20px;font-family: Helvetica, Arial, sans-serif; color:#d1d1d1; > text-align:center;"> <p style="margin-bottom:10px;"> This message was > sent by LivingSocial, 1445 New York Ave NW, Suite 200, Washington, DC > 20005. </p> <p style="margin-bottom: 0"> You are receiving this email > because you have an existing relationship with > http://www.livingsocial.com/. </p> </td> > </tr> > </tbody> > </table> > <!-- end footer_container --> </td> > </tr> > </tbody> > </table> > <!-- end container --> </td> > </tr> > </tbody> > </table> > <img height="0" width="0" border="0" alt="" > src="http://t.livingsocial.com/track/g_N8VUJ18FB0EM748BUVP9VUP49Q2H084IPC3QFP2TIR5TGETJ5JUG===="; > /> > </body> > </html> > ------=_Part_1017_1518702247.1367052321167--
