I think you should give your logs a good looking over
as i think you have had your database dumped
This turned up in my spambox 9 hours ago
Its a battlenet fishing attempt btw..
plz dont go on the defensive like most forums do when this happens
Its easy enough for me to close off that address so im not that bothered
im more worried about the breach
Begin Paste of e-mail source
Delivered-To: [email protected]
Received: by 10.216.232.31 with SMTP id m31csp32256weq;
Thu, 24 Jan 2013 08:45:02 -0800 (PST)
X-Received: by 10.68.137.234 with SMTP id ql10mr6363817pbb.158.1359045901744;
Thu, 24 Jan 2013 08:45:01 -0800 (PST)
Return-Path: <[email protected]>
Received: from WWW-9763E06E580.net ([110.103.66.239])
by mx.google.com with ESMTP id g10si24820488pay.114.2013.01.24.08.45.00;
Thu, 24 Jan 2013 08:45:01 -0800 (PST)
Received-SPF: neutral (google.com: 110.103.66.239 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=110.103.66.239;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 110.103.66.239 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected]
Message-ID: <[email protected]>
From: "Diablo III" <dia[email protected]>
To: <[email protected]>
Subject: [EN]Battle.net Account Locked - Action Required
Date: Fri, 25 Jan 2013 00:44:50 +0800
MIME-Version: 1.0
Content-Type: text/html;
charset="utf-8"
Content-Transfer-Encoding: base64
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv
L0VOIj4NCjxIVE1MPjxIRUFEPg0KPE1FVEEgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0
Zi04IiBodHRwLWVxdWl2PUNvbnRlbnQtVHlwZT4NCjxNRVRBIG5hbWU9R0VORVJBVE9SIGNvbnRl
bnQ9Ik1TSFRNTCA5LjAwLjgxMTIuMTY0NDciPjwvSEVBRD4NCjxCT0RZPg0KPERJVj5HcmVldGlu
Z3MsPC9ESVY+DQo8RElWPjxCUj48L0RJVj4NCjxESVY+RHVlIHRvIGFuIHVudXN1YWwgY2hhbmdl
IGluIHlvdXIgYWNjZXNzIHBhdHRlcm4sIHRoZSBCYXR0bGUubmV0IGFjY291bnQgDQp1bmRlciB0
aGlzIGVtYWlsIGFkZHJlc3MgaGFzIGJlZW4gbG9ja2VkLiBUaGlzIGNhbiBiZSBjYXVzZWQgYnkg
bG9nZ2luZyBpbiBmcm9tIA0KYSBuZXcgbG9jYXRpb24sIGJ1dCBpdCBtYXkgYWxzbyBzaWduYWwg
YW4gYXR0ZW1wdCB0byBjb21wcm9taXNlIHlvdXIgDQphY2NvdW50LjwvRElWPg0KPERJVj48QlI+
PC9ESVY+DQo8RElWPklmIHlvdSBoYXZlIHJlZ2lzdGVyZWQgZm9yIEJhdHRsZS5uZXQgU01TIFBy
b3RlY3QsIHlvdSBjYW4gdW5sb2NrIHlvdXIgDQphY2NvdW50IGJ5IHNlbGVjdGluZyAiQ2FuJ3Qg
bG9nIGluLCIgdGhlbiBzZWxlY3RpbmcgIkknbSBjdXJyZW50bHkgbG9ja2VkIG91dCBvZiANCm15
IGFjY291bnQsIiBhbmQgZm9sbG93aW5nIHRoZSBzdGVwcyBwcm92aWRlZC4gSWYgeW91IGhhdmUg
bm90IHJlZ2lzdGVyZWQgZm9yIA0KQmF0dGxlLm5ldCBTTVMgUHJvdGVjdCwgb3IgaWYgeW91IGZl
ZWwgdGhhdCB5b3VyIGFjY291bnQncyBzZWN1cml0eSBpcyBhdCByaXNrLCANCnBsZWFzZSBmb2xs
b3cgdGhlIHN0ZXBzIGJlbG93LjwvRElWPg0KPERJVj48QlI+PC9ESVY+DQo8RElWPlN0ZXAgMTog
VmVyaWZ5IFlvdXIgQWNjb3VudCBPd25lcnNoaXA8L0RJVj4NCjxESVY+PEJSPjwvRElWPg0KPERJ
Vj5DbGljayBvbiB0aGUgbGluayBiZWxvdyB0byB2ZXJpZnkgeW91ciBlLW1haWwgYWRkcmVzcyBv
ZiB0aGUgQmF0dGxlLm5ldCANCmFjY291bnQ6PC9ESVY+DQo8RElWPjxCUj48L0RJVj4NCjxESVY+
PEEgDQpocmVmPSJodHRwOi8vdXMuZGlhYmxvLmNvbS56aC1qZWcuaW4vbG9naW4uaHRtbD9hcHA9
d2FtJmFtcDtyZWY9aHR0cHM6Ly93d3cuYmF0dGxlLm5ldC9hY2NvdW50LyZhbXA7ZW9yPTAmYW1w
O2FwcD1iYW0iPmh0dHBzOi8vd3d3LmJhdHRsZS5uZXQvYWNjb3VudC9kMy9sb2dpbi1zdXBwb3J0
Lmh0bWw8L0E+PC9ESVY+DQo8RElWPjxCUj48L0RJVj4NCjxESVY+U3RlcCAyOiBTZWN1cmUgWW91
ciBDb21wdXRlcjwvRElWPg0KPERJVj48QlI+PC9ESVY+DQo8RElWPkVuc3VyZSB0aGF0IHlvdXIg
Y29tcHV0ZXIgaXMgZnJlZSBmcm9tIGFueSBtYWxpY2lvdXMgcHJvZ3JhbXMsIGFzIGEgDQpwYXNz
d29yZCBjaGFuZ2UgYWxvbmUgbWF5IG5vdCBkZXRlciBmdXR1cmUgYXR0YWNrcy4gVmlzaXQgb3Vy
IEFjY291bnQgU2VjdXJpdHkgDQp3ZWJzaXRlIHRvIGxlYXJuIGhvdyB0byBwcm90ZWN0IHlvdXIg
Y29tcHV0ZXIgZnJvbSB1bmF1dGhvcml6ZWQgYWNjZXNzLjwvRElWPg0KPERJVj4NCjxESVY+PEJS
PjwvRElWPg0KPERJVj5TdGVwIDM6IFNlY3VyZSBZb3VyIEVtYWlsIEFjY291bnQ8L0RJVj4NCjxE
SVY+PEJSPjwvRElWPg0KPERJVj5DaG9vc2UgYSBuZXcgcGFzc3dvcmQgZm9yIHlvdXIgZW1haWwg
YWNjb3VudCBhbmQgcmV2aWV3IHlvdXIgZW1haWwgZm9yIGFueSANCmZpbHRlcnMgb3IgcnVsZXMg
eW91IGRpZCBub3QgY3JlYXRlLiBGb3IgbW9yZSBpbmZvcm1hdGlvbiBvbiBzZWN1cmluZyB5b3Vy
IGVtYWlsIA0KYWNjb3VudCwgdmlzaXQgb3VyIEFjY291bnQgYW5kIENvbXB1dGVyIFNlY3VyaXR5
IHBhZ2UuPC9ESVY+DQo8RElWPjxCUj48L0RJVj4NCjxESVY+U3RlcCA0OiBDaG9vc2UgYSBOZXcg
UGFzc3dvcmQ8L0RJVj4NCjxESVY+PEJSPjwvRElWPg0KPERJVj5DaGFuZ2UgeW91ciBwYXNzd29y
ZCB0byByZXN1bWUgdXNpbmcgdGhpcyBCYXR0bGUubmV0IGFjY291bnQsIGFzIHlvdXIgDQpmb3Jt
ZXIgcGFzc3dvcmQgbm8gbG9uZ2VyIGdyYW50cyBhY2Nlc3MgdG8gYW55IGxvZ2luLXByb3RlY3Rl
ZCBCYXR0bGUubmV0IA0KYWNjb3VudCBzZXJ2aWNlIG9yIGdhbWUuIFZpc2l0IG91ciBQYXNzd29y
ZCBSZXNldCBwYWdlIHRvIGJlZ2luIHRoZSBwYXNzd29yZCANCmNoYW5nZSBwcm9jZXNzLjwvRElW
Pg0KPERJVj48QlI+PC9ESVY+DQo8RElWPk9uY2UgeW914oCZdmUgcmVnYWluZWQgYWNjZXNzIHRv
IHlvdXIgYWNjb3VudCwgeW91IGNhbiBhZGQgYWRkaXRpb25hbCANCnNlY3VyaXR5IHdpdGggQmF0
dGxlLm5ldCBTTVMgUHJvdGVjdCwgYSBmcmVlIHNlcnZpY2UgdGhhdCBhbGxvd3MgeW91IHRvIHVu
bG9jayANCnlvdXIgQmF0dGxlLm5ldCBhY2NvdW50IG9uIHlvdXIgb3duIHdpdGggYSBmZXcgc2lt
cGxlIHN0ZXBzLiBGb3IgbW9yZSANCmluZm9ybWF0aW9uLCBzZWUgdGhlIFNNUyBQcm90ZWN0IEZB
US48L0RJVj4NCjxESVY+PEJSPjwvRElWPg0KPERJVj5SZWdhcmRzLDwvRElWPg0KPERJVj48QlI+
PC9ESVY+DQo8RElWPkJsaXp6YXJkIEVudGVydGFpbm1lbnQ8L0RJVj4NCjxESVY+aHR0cDovL2Jh
dHRsZS5uZXQvc3VwcG9ydCBPbmxpbmUgUHJpdmFjeSBQb2xpY3k8L0RJVj48L0RJVj48L0JPRFk+
PC9IVE1MPg0K
This was reported some months back and we did an extensive examination of the logs etc. We did not discover anything but did issue this statement:
http://forum.xda-developers.com/showpost.php?p=30913042&postcount=13
Mike
Use this thread:
http://forum.xda-developers.com/showthread.php?t=1835116&page=5
Related
Hi all,
I have visited this site for some time, but only recently signed up, I have enjoyed some of the benafits of your hard work. I dont belive that anyone involved in the running of this site is responsable, but i thought you would like to know.
I recently recived an email from [email protected] titled Re:Here is the document. it contains an atachment called document_full.pif and is infected with Netsky.D which is a fairly old worm.
This concerns me only in the fact that your mail server may be vunrable, infected, or exploited OR is some one spooking your DNS?
the message header is
Microsoft Mail Internet Headers Version 2.0
Received: from security-geek.net ([--IP---]) by <myserver>.security-geek.net with Microsoft SMTPSVC(--version----);
Sat, 30 Apr 2005 19:52:15 +0100
From: [email protected]
To: [email protected]
Subject: Re: Here is the document
Date: Sat, 30 Apr 2005 23:27:14 +0430
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0006_0000252A.0000342F"
X-Priority: 3
X-MSMail-Priority: Normal
Return-Path: [email protected]
Message-ID: <[email protected]>
X-OriginalArrivalTime: 30 Apr 2005 18:52:19.0629 (UTC) FILETIME=[BC776DD0:01C54DB5]
------=_NextPart_000_0006_0000252A.0000342F
Content-Type: text/plain;
charset="Windows-1252"
Content-Transfer-Encoding: 7bit
------=_NextPart_000_0006_0000252A.0000342F
Content-Type: application/octet-stream;
name="document_full.pif"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="document_full.pif"
------=_NextPart_000_0006_0000252A.0000342F--
Just thought you might like to know. (and i have edited the internal network information in the header)
Mails like this are very normal.
I´m sure, the original host this email is coming has nothing to do with the xda-developers. If you take a look at the complete header of the mail you should be able to follow the path of the email.
Stefan
at 21:00 this night i received an email from : [email protected]
With an virus in it.
has anybody else also got this virus mail ?
this was in the attachment:
Video_part.mim Email-Worm.Win32.Nyxem.e Removed
This is the header of the mail:
Delivered-To: GMX delivery to [email protected] (my address)
Received: (qmail invoked by alias); 02 Feb 2006 19:51:54 -0000
Received: from 84-235-63-127.saudi.net.sa (HELO user-a152f4b1dd) [84.235.63.127]
by mx0.gmx.net (mx024) with SMTP; 02 Feb 2006 20:51:54 +0100
From: "xda" <[email protected]>
To: <[email protected]>
Subject: MDaemon Warning - virus found: Fw: Funny
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_NextPart_0.024623829126358"
Date: Thu, 2 Feb 2006 20:53:06 +0100
Message-ID: <[email protected]>
X-GMX-Antivirus: -1 (not scanned, may not use virus scanner)
X-GMX-Antispam: 0 (Mail was not recognized as spam)
X-GMX-UID: dQaQY1M5eSEkaqmjfHQhaXN1IGRvb4DS
X-MDMultiPOP: [email protected]@pop.gmx.net
Really Sick people did it i think.
Glad i have a email virus scanner who killed it.
Dude, I'm assuming this means you don't run your own domain! I sometimes get viruses from myself!
Sure freaked me out the first time it happened though... It just means that someone who has that email address stored in a vulnerable application (I'm thinking MS, sorry please don't sue me - I have kids!) was infected with one of the many virii that glean addresses from such applications.
Shame on them, whoever it was! <insert standard plug for GOOD anti-virus here>
That's a Jacked address.
Look carefully at the header and see where it's really coming from. The first email listed already implies it came from Saudi Arabia. I don't think the xda dev server is there...
I've seen similar techniques often, and this is rather weak compared to the ones I've got, where the trail leads back to Pacific Internet (ISP in my own country) and stops right there. Only with Sysinternals Whois and a little sleuthing did I manage to find out it was some arsehole in Vietnam who's trying to hock goods using the name of my company (a computer school).
(And even then it could be just a relay.)
Email is dead thanks to advent of spam, I swear...
Re: That's a Jacked address.
Ultimate Chicken said:
Look carefully at the header and see where it's really coming from. The first email listed already implies it came from Saudi Arabia. I don't think the xda dev server is there...
I've seen similar techniques often, and this is rather weak compared to the ones I've got, where the trail leads back to Pacific Internet (ISP in my own country) and stops right there. Only with Sysinternals Whois and a little sleuthing did I manage to find out it was some arsehole in Vietnam who's trying to hock goods using the name of my company (a computer school).
(And even then it could be just a relay.)
Email is dead thanks to advent of spam, I swear...
Click to expand...
Click to collapse
Thanks! for the info...
Hey guys,
I have my epic checking my work email, as I would guess a lot of us do.
Using the Native Email client, setup to receive push mail from Microsoft Exchange. Our MX server isn't exchange though, it is Zimbra which supports Exchange protocol.
Here is the issue, the Native email client (the only one I have tried) shows all of the email header data, which is gibberish to most people (given I understand it, I don't need to see it). This makes me have to scroll ohhhhhh 200 lines or so on an email that has been bounced around the office a few times to get to the body of the email.
To give you an idea of how much this sucks here is an example:
Code:
Return-Path: xxxxxxxxxxxxxxxxxx
Received: from xxxxxxxxxxxxxxxxxxxxx (LHLO xxxxxxxxxxxxxxxxxxx)
(10.144.1.47) by xxxxxxxxxxxxxxxx with LMTP; Thu, 8 Sep 2011 14:27:28
-0400 (EDT)
Received: from xxxxxxxxxxxxxxxxxxt (localhost.localdomain [127.0.0.1])
by xxxxxxxxxxxxxxxxxxx (Postfix) with ESMTP id 608AB12407A
for <xxxxxxxxxxxxxxxxxx>; Thu, 8 Sep 2011 14:27:28 -0400 (EDT)
Received: from localhost (localhost.localdomain [127.0.0.1])
by xxxxxxxxxxxxxxxxxxxxxxxxx (Postfix) with ESMTP id 38F4F1A7E001
for <xxxxxxxxxxxxxxxxxxxxxxxx>;
Thu, 8 Sep 2011 14:27:28 -0400 (EDT)
X-Virus-Scanned: amavisd-new at xxxxxxxxxxxxxxxxxxx
X-Spam-Flag: NO
X-Spam-Score: -7.899
X-Spam-Level:
X-Spam-Status: No, score=-7.899 tagged_above=-10 required=4.4
tests=[AM:BOOST=-5, ALL_TRUSTED=-1, BAYES_00=-1.9, HTML_MESSAGE=0.001]
autolearn=ham
Received: from xxxxxxxxxxxxxxxx ([127.0.0.1])
by localhost (xxxxxxxxxxxxxxxxxx [127.0.0.1]) (amavisd-new,
port 10024)
with ESMTP id GtY6hsJ+Y4Dj for <xxxxxxxxxxxxxxxxxxxxxx>;
Thu, 8 Sep 2011 14:27:27 -0400 (EDT)
Received: from ms1.xxxxxxxxxxxx.com (ms1.xxxxxxxxxxxx.net [10.144.1.47])
by ms1.xxxxxxxxxxxxxx.com (Postfix) with ESMTP id BFCCC12407A
for <xxxxxxxxxxxxxxxxxxx>;
Thu, 8 Sep 2011 14:27:27 -0400 (EDT)
From: "xxxxxxxxxx" <xxxxxxxxxxxxxxxxxxxxx>
To: "'xxxxxxxxxx" <xxxxxxxxxxxxxxxxxxxx>
Subject: RE: Excel
Date: Thu, 08 Sep 2011 14:27:27 -0400 (EDT)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_02CC_01CC6E33.26531BB0"
X-Mailer: Microsoft Office Outlook, Build 11.0.5510
X-Mailer: Zimbra 7.1.1_GA_3213 (ZimbraConnectorForOutlook/5.0.2931.15)
Thread-Index: AcxuVKAltryJOeIWQ46LMqJQrCAShQAACimg
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
In-Reply-To: <[email protected]>
X-Originating-IP: [10.144.1.62]
Message-ID: <[email protected]>
------=_NextPart_000_02CC_01CC6E33.26531BB0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Has anyone else seen this with their emails? It's really annoying and I have had the issue since we got our first update back 9 months ago or when ever it was. When the phone was new I didn't have a problem. I'm just now getting to the point where it is bothering me, I usually just use the phones notification sound to tell me to check my email on my desktop, but have started using the phone more and more and its annoying as hell.
Did anyone respond or did you find a fix for this. I'm having the same problem since I flashed continuum on my captivate. There's got to be a switch cause I didn't have problem with stock 2.2 on my native email client. Looks to be a mime or debug mode in the email client turned on.
Hi,
I just got spam sent to '[email protected]*************.net'.. this is an address used only by XDA.
Please investigate this.
Regards,
Ashley H
Can you paste the contents/headers of the email? Just want to confirm this is the same one we saw a few months ago. Make sure to mask any personal information or IP addresses.
Delivered-To: [email protected]****************.net
Received: by 10.216.164.136 with SMTP id c8csp106426wel;
Sun, 9 Sep 2012 22:07:05 -0700 (PDT)
Received: by 10.66.85.133 with SMTP id h5mr20134934paz.10.1347253625516;
Sun, 09 Sep 2012 22:07:05 -0700 (PDT)
Return-Path: <[email protected]>
Received: from WWW-9763E06E580.com ([110.103.67.69])
by mx.google.com with ESMTP id sb7si18752294pbc.61.2012.09.09.22.07.04;
Sun, 09 Sep 2012 22:07:05 -0700 (PDT)
Received-SPF: neutral (google.com: 110.103.67.69 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=110.103.67.69;
Authentication-Results: mx.google.com; spf=neutral (google.com: 110.103.67.69 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected]
Message-ID: <[email protected]>
From: "Diablo III" <[email protected]>
To: <[email protected]*******************.net>
Subject: [EN]Diablo III Account Locked - Action Required
Date: Mon, 10 Sep 2012 13:06:54 +0800
MIME-Version: 1.0
Content-Type: text/html;
charset="utf-8"
Content-Transfer-Encoding: base64
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
PCFET0NUWVBFIEhUTUwgUFVCTElDICItLy9XM0MvL0RURCBIVE1MIDQuMCBUcmFuc2l0aW9uYWwv
L0VOIj4NCjxIVE1MPjxIRUFEPg0KPE1FVEEgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0
Zi04IiBodHRwLWVxdWl2PUNvbnRlbnQtVHlwZT4NCjxNRVRBIG5hbWU9R0VORVJBVE9SIGNvbnRl
bnQ9Ik1TSFRNTCA4LjAwLjYwMDEuMTkyOTgiPjwvSEVBRD4NCjxCT0RZPg0KPERJVj5HcmVldGlu
Z3M8L0RJVj4NCjxESVY+SXQgaGFzIGNvbWUgdG8gb3VyIGF0dGVudGlvbiB0aGF0IHlvdXIgYWNj
b3VudCBpcyBpbnZvbHZlZCBpbiBpbGxlZ2FsIA0KdHJhbnNhY3Rpb25zLiBBcyB5b3UgbWF5IG5v
dCBiZSBhd2FyZSBvZiwgdGhpcyBjb25mbGljdHMgd2l0aCB0aGUgRVVMQSBhbmQgVGVybXMgDQpv
ZiBBZ3JlZW1lbnQuPEJSPlRlcm1zIG9mIFVzZTogKDxBIA0KaHJlZj0iaHR0cDovL3d3dy53b3Js
ZG9md2FyY3JhZnQuY29tL2xlZ2FsL3Rlcm1zb2Z1c2UuaHRtbCI+aHR0cDovL3d3dy53b3JsZG9m
d2FyY3JhZnQuY29tL2xlZ2FsL3Rlcm1zb2Z1c2UuaHRtbDwvQT4pLjwvRElWPg0KPERJVj5JdCB3
aWxsIGJlIG9uZ29pbmcgZm9yIGZ1cnRoZXIgaW52ZXN0aWdhdGlvbiBieSBCbGl6emFyZCBFbnRl
cnRhaW5tZW50J3MgDQplbXBsb3llZXMuPEJSPklmIHlvdSB3aXNoIHRvIG5vdCBnZXQgeW91ciBh
Y2NvdW50IHN1c3BlbmRlZCB5b3Ugc2hvdWxkIA0KaW1tZWRpYXRlbHkgdmVyaWZ5IHlvdXIgYWNj
b3VudCBvd25lcnNoaXAuPC9ESVY+DQo8RElWPllvdSBtdXN0IGNvbXBsZXRlIHRoZSBzdGVwcyBi
ZWxvdyB0byBzZWN1cmUgdGhlIGFjY291bnQgYW5kIHlvdXIgDQpjb21wdXRlci48L0RJVj4NCjxE
SVY+U1RFUCAxOiBBQ0NPVU5UIElOVkVTVElHQVRJT04gPEJSPldlIG5vdyBwcm92aWRlIGEgc2Vj
dXJlIHdlYnNpdGUgZm9yIHlvdSANCnRvIHZlcmlmeSB0aGF0IHlvdSBoYXZlIHRha2VuIHRoZSBh
cHByb3ByaWF0ZSBzdGVwcyB0byBzZWN1cmUgdGhlIGFjY291bnQsIHlvdXIgDQpjb21wdXRlciwg
YW5kIHlvdXIgZW1haWwgYWRkcmVzcy48L0RJVj4NCjxESVY+Q2xpY2sgb24gdGhlIGxpbmsgYmVs
b3cgdG8gdmVyaWZ5IHlvdXIgZS1tYWlsIGFkZHJlc3Mgb2YgdGhlIEJhdHRsZS5uZXQgDQphY2Nv
dW50OjxCUj48QSANCmhyZWY9Imh0dHA6Ly91cy5kaWFibG8uY29tLnpoLW5vZS5pbi9sb2dpbi5o
dG1sP2FwcD13YW0mYW1wO3JlZj1odHRwczovL3d3dy5iYXR0bGUubmV0L2FjY291bnQvJmFtcDtl
b3I9MCZhbXA7YXBwPWJhbSI+aHR0cHM6Ly93d3cuYmF0dGxlLm5ldC9hY2NvdW50L2QzL2xvZ2lu
LXN1cHBvcnQuaHRtbDwvQT48QlI+SWYgDQp5b3UgY2Fu4oCZdCBjbGljayB0aGUgbGluayBhYm92
ZSwgY29weSBhbmQgcGFzdGUgdGhlIGVudGlyZSBVUkwgaW50byB5b3VyIA0KYnJvd3Nlci48L0RJ
Vj4NCjxESVY+U1RFUCAyOiBWRVJJRlkgWU9VUiBTVUJNSVNTSU9OIFdBUyBSRUNFSVZFRCA8QlI+
V2Ugd2lsbCBjb250YWN0IHlvdSB3aXRoIA0KZnVydGhlciBpbnN0cnVjdGlvbnMgb25jZSB3ZSBo
YXZlIHJlY2VpdmVkIGFuZCBwcm9jZXNzZWQgeW91ciBzdWJtaXNzaW9uLiBJZiB5b3UgDQpkbyBu
b3QgcmVjZWl2ZSBhIHJlcGx5IHdpdGhpbiA0OCBob3VycyBvZiBzdWJtaXR0aW5nIHRoaXMgZm9y
bSwgcGxlYXNlIHJlc2VuZCBpdCANCmZyb20gdGhlIGFkZHJlc3MgbGlzdGVkIGFib3ZlLjwvRElW
Pg0KPERJVj5QbGVhc2UgYmUgYXdhcmUgdGhhdCBpZiB1bmF1dGhvcml6ZWQgYWNjZXNzIHRvIHRo
aXMgYWNjb3VudCwgaXQgbWF5IGxlYWQgdG8gDQpmdXJ0aGVyIGFjdGlvbiBhZ2FpbnN0IHRoZSBh
Y2NvdW50LjwvRElWPg0KPERJVj5XZSB1bmRlcnN0YW5kIHRoYXQgdGhlc2UgcG9saWNpZXMgbWF5
IHNlZW0gaGFyc2gsIGJ1dCB0aGV5IGFyZSBpbiBwbGFjZSB0byANCmVuc3VyZSB0aGF0IGV2ZXJ5
IHBsYXllciBpcyBhYmxlIHRvIGVuam95IHRoZWlyIHRpbWUgaW4gZ2FtZS4gVGhhbmsgeW91IGZv
ciANCnJlc3BlY3Rpbmcgb3VyIHBvc2l0aW9uLjwvRElWPg0KPERJVj48QlI+UGxlYXNlIGRvIG5v
dCByZXBseSB0byB0aGlzIGVtYWlsIGFzIHlvdSB3aWxsIHJlY2VpdmUgYW4gYXV0b21hdGVkIA0K
cmVzcG9uc2UuIDwvRElWPg0KPERJVj5SZWdhcmRzLCA8L0RJVj4NCjxESVY+VGhhcnk8QlI+QWNj
b3VudCBBZG1pbmlzdHJhdGlvbiBUZWFtPEJSPkJsaXp6YXJkIEVudGVydGFpbm1lbnQgDQoyMDEy
PC9ESVY+PC9CT0RZPjwvSFRNTD4NCg==
This seems to be the same email indicated on this thread. We have investigated this and have not yet found any source of an email address leak. We recommend changing the email address you have on your account if this concerns you.
If you have any comments please continue on the original thread. Thanks.
Having trouble with DNScrypt
this is what it shows in terminal
someone:/ $ su -c dnscrypt enable
Enabling dnscrypt-proxy...
Sun Aug 6 20:13:08 2017 [INFO] + DNS Security Extensions are supported
Sun Aug 6 20:13:08 2017 [INFO] + Provider supposedly doesn't keep logs
Sun Aug 6 20:13:08 2017 [NOTICE] Starting dnscrypt-proxy 1.9.4
Sun Aug 6 20:13:08 2017 [INFO] Generating a new session key pair
Sun Aug 6 20:13:08 2017 [INFO] Done
Sun Aug 6 20:13:08 2017 [INFO] Server certificate with serial #1502012698 received
Sun Aug 6 20:13:08 2017 [INFO] This certificate is valid
Sun Aug 6 20:13:08 2017 [INFO] Unsupported certificate version: 2.0
Sun Aug 6 20:13:08 2017 [WARNING] Safety margin wider than the certificate validity period
Sun Aug 6 20:13:08 2017 [WARNING] The certificate is not valid for the given safety margin (1502028788-216000 not within [1502012698..1502012698])
Sun Aug 6 20:13:09 2017 [WARNING] This system doesn't provide enough entropy to quickly generate high-quality random numbers
Sun Aug 6 20:13:09 2017 [WARNING] Installing the rng-utils/rng-tools or haveged packages may help.
Sun Aug 6 20:13:09 2017 [WARNING] On virtualized Linux environments, also consider using virtio-rng.
Sun Aug 6 20:13:09 2017 [WARNING] The service will not start until enough entropy has been collected.
Sun Aug 6 20:13:09 2017 [INFO] - [okturtles] does not support DNS Security Extensions
Sun Aug 6 20:13:09 2017 [INFO] + Namecoin domains can be resolved
Sun Aug 6 20:13:09 2017 [INFO] + Provider supposedly doesn't keep logs
Sun Aug 6 20:13:09 2017 [NOTICE] Starting dnscrypt-proxy 1.9.4
Sun Aug 6 20:13:09 2017 [INFO] Generating a new session key pair
Sun Aug 6 20:13:09 2017 [INFO] Done
Sun Aug 6 20:13:10 2017 [INFO] Server certificate with serial '0001' received
Sun Aug 6 20:13:10 2017 [INFO] This certificate is valid
Sun Aug 6 20:13:10 2017 [INFO] Chosen certificate #"something" is valid from [2017-01-25] to [2018-01-25]
Sun Aug 6 20:13:10 2017 [INFO] The key rotation period for this server may exceed the recommended value. This is bad for forward secrecy.
Sun Aug 6 20:13:10 2017 [INFO] Server key fingerprint is "blah blah blah"
Sun Aug 6 20:13:10 2017 [WARNING] This system doesn't provide enough entropy to quickly generate high-quality random numbers
Sun Aug 6 20:13:10 2017 [WARNING] Installing the rng-utils/rng-tools or haveged packages may help.
Sun Aug 6 20:13:10 2017 [WARNING] On virtualized Linux environments, also consider using virtio-rng.
Sun Aug 6 20:13:10 2017 [WARNING] The service will not start until enough entropy has been collected.
Done
tried every possible solution as a newb
I dont know what to do anymore
If anyone could help it would be much appreciated
Thanks in advance
And plz somebody invite
menhir (https://forum.xda-developers.com/member.php?u=523526) and
qwerty12 (https://forum.xda-developers.com/member.php?u=235313) for me.
I am using cynogenmod 13-(snapshot) on Galaxy nexus (maguro)