Category: Email (Page 1 of 3)

Shentel/Mail2World’s 2024 Spam Problem

March 9, 2024 / Jesse Mueller / 0 Comments

If you still use a Shentel email address, you should know that there’s a problem with Mail2World’s spam filter right now. Some (but not all) Shentel.net email inboxes are getting a lot more junk email than is normal. After talking with Shentel tech support, I can’t say that I know what the problem is. I don’t know when it will be fixed. I can’t say with certainty that Mail2World is anything more than 3 children in a trenchcoat. But what I can do is teach you how to cope with Shentel/Mailworld’s 2024 Spam Problem in this blog post.

Shentel/Mail2World’s 2024 Spam Problem — Some people are getting several copies of EACH of these spam messages in their inboxes, every day!

What NOT to Do

First of all, don’t call Shentel expecting a quick fix. This problem is out of their hands, because Remember: Shentel doesn’t manage their email addresses anymore. They offshored their Shentel.net addresses to a company called Mail2World. And that company is really hard to get a hold of. But Shentel assures me that M2W knows about the problem and is working on it…

Next, do NOT unsubscribe from any spam! Clicking on unsubscribe (or any other links) in an unwanted message is asking for trouble. If you click on links in spam, you could attract more spam or lead your computer to a malicious website or download.

While you’re at it, don’t bother trying to use Block Sender on spam. It can’t hurt, but it isn’t likely to help. Block Sender is typically useful only for someone who always uses the same email address. Like that annoying relative who always forwards tacky joke emails to everyone he knows. Or the neighborhood Tupperware salesperson. Or a mentally questionable ex-boyfriend. Block those people to keep your inbox stress-free, but spammers change their email on every message they send. Blocking a spammer won’t work!

What to Do

Your best tool against spam coming to your Shentel inbox is the Mark as Spam function. This is not easy to find! Let me run through some steps on how to find this:

Visit the Shentel Webmail site and sign in with your email credentials
Identify any spam messages in your inbox, and check the box(es) to the left of each one
Above and to the right of your inbox email, click More and then click Mark as Spam

Using this feature removes the spam from the inbox and also sends a message back to Mail2World (and their anti-spam vendor) that these types of messages are spam. It should eventually help them block more spam, which benefits everyone.

Taking It to the Next Level

If we wait this out long enough, the hope is that Mail2World will figure things out, kick their spam filter into gear, and things will go back to … normal. A normal amount of spam, reliable email coming and going, etc.

But what if that doesn’t happen? What if this problem persists for much longer, or how about if new problems emerge as this one resolves? Mail2World doesn’t have the best track record and I am not prepared to assure you of their capabilities.

If you can’t abide anymore, then your next option would be to create a new email address. Gmail, Outlook.com, ProtonMail and a variety of other email offerings exist. You can create a new address with them at the drop of a hat, and for free.

I realize that concept is intimidating. Switching your email address, in some ways, is more of a labor than changing your mailing address. Not only are you faced with notifying all of your friends and family, but you must reach out to companies with the new email info. And then you get to log into all of your important websites, one by one, to convince each to update your email info.

But consider this: Changing your email address doesn’t have to be accomplished all in one weekend. You can create a new address and migrate things over to it at your pace. You can check two email addresses for as long as you want. Maybe you decide to keep and maintain both addresses?

Also, some email users create a new email address and forward their Shentel mail into it. This is a safeguard against people who “don’t get the memo” about your new address. And it can help with spam! For example, let’s say that you create a new Gmail, and route your Shentel mail into it. All inbound Shentel mail passes through their subpar junk filter, and then gets bounced over to Google. Then Gmail runs it all through their superlative spam filter, and the worthwhile messages arrive in your new Googly inbox.

Email Your Future Self

December 26, 2023 / Jesse Mueller / 0 Comments

If you’ve ever wanted to send an email to your future self, there’s a great website for that!

FutureMe

You’re welcome to use this website for free, and it does exactly what it says on the tin: You write an email to your future self, and FutureMe promises to send it to you at the date of your choice.

I can imagine a lot of positive uses for this, but if you need examples, check out their FAQ page and their Public Letters page for more info.

How to Recognize Spam

December 6, 2023 / Jesse Mueller / 6 Comments

For some, it’s easy to spot spam in your inbox. But for others, it can be a real challenge. Spammers use a variety of tactics to make their email look tempting, believable and worthy of attention. But much like a spoiled brat or a passive-aggressive boss, we don’t want to encourage a spammer any more than we have to. The following common characteristics will help you recognize spam, so that you can react correctly when it arrives:

Mismatched Sender Email Addresses

When you get an email that you’re not sure about, consider the sender’s address. Many spammers use Gmail/Outlook/Yahoo addresses, because they are quick & easy to create. Other spammers use whatever email address they please, because they’ve spoofed it to look like a trusted domain name. In any case, looking at the email address from which the message came is your first clue to spam.

For example, if you have a curious email about your Norton subscription, but it came from GregoireBandersnatch@harvard.edu, that should immediately tell you that you have spam. A legit email from Norton would likely have Norton.com in the address.

Also imagine: You’re looking at a message from HelloFresh, and it seems to have been sent by Hell0Fr3shMark3t1ng@gmail.com. Wouldn’t the real HelloFresh send their marketing messages from an address ending in “HelloFresh.com”?

Gobbledygook Email Address

While you’re checking the sender email address, any kind of gobbledygook you see there is another tip-off. If the message came from d4H3f9a2fb1@serenitynow.com, you can probably consider that as spam.

Homoglyphs

Even though this may be new vocabulary to you, you probably already know what this is from past spam. A homoglyph is a character or symbol that is very similar in appearance to another. Homoglyphs can be used in humorous or creative ways, such as in l33tspeak or slangy texting, but spammers use it a lot in their subject lines and message bodies. Homoglyphic substitution helps their email get past some spam filters, while preserving the overall meaning for their recipients.

Șó aṇỿtɨmе yóu sее an еmaɨ| mеssagе that |óóks |ɨke thɨs sеṇtеṇçе, knów that ɨt ɨs spam and trеat ɨt as suçh.

Spelling and Grammar

Some spam employs flawless English, while other spam does not. If that message from WholeFoods is horribly written, or that offer from Wal*Mart misspelled the word “coupon”, beware! A big company surely has an editor on staff to review any mass communications, and would almost never broadcast anything so unprofessional.

Incidentally, I should remind you that spammers intentionally send spam with misspellings and poor grammar. They’re not ignorant. They do this as a tactic to target their audience and get responses from the people who are more likely to fall for their scams.

Outlandish Claims

“Extraordinary claims require extraordinary evidence.” Please do not believe or react too quickly in response to any email making outlandish claims or promises. I assure you that:

The Grand Vizier of Mazumba Province is not going to bequeath $10M to you
You are not going to get rich quick by investing in a secret Bitcoin opportunity
Secret Shoppers are not being hired in your zip code and you will not make $100k in your first year
That payout from a casino or lottery (that you’ve never heard of) is not going to make you rich

These emails persist, because they can sweep people up in their hopeful emotions and take advantage of our trusting nature. Don’t fall for it. Practice critical thinking skills and research things without haste, without responding to such spam.

Urgency

Is an email urging you to Act Now Before Time Runs Out? Is their special offer only good for another 15 minutes, and the message even shows an animated clock, counting down? Or is there a veiled threat of bad things coming, if you don’t act in a timely manner?

In any case, if an unexpected message is conveying a sense of urgency, that’s a big red flag. Legitimate offers won’t push or rush you into any decision. Hurrying you to decide something is a tactic meant to compromise your judgment.

Nearly Empty Messages

Some spam plays their game in the other direction: Their message shows up blank or mostly vacant of any real text. What little there is in the message is a lure.

Sometimes, the spam contains only a single sentence or phrase. It’s usually vague but just interesting enough to entice you. And it will be a weblink; you will instinctively know that you could click it to learn more. Don’t click it! It’s a trap!

Other times, the spam will have absolutely no text in the body. there will be only a single large image, and your email program may ask you if you want to Display Images? This, also, is a trap. Never ask your email app to display images from any unknown sender.

Anyone tricked by these messages will confirm to the sender that they’ve read the email and interacted with it. That leads to more spam and scams in their inboxes. Also, clicking links could expose them to malware downloads, phishing websites and worse.

This post should end with a recap on what you should do, and not do, with spam.

Just delete it, OR
Mark it as Spam/Junk mail (if your email offers you such an option)
Feel free to open and read any potential spam message, BUT
Do NOT reply to spam, do NOT call any phone numbers shown in spam
Do NOT click any links inside of spam, do NOT open any attachments
Do NOT unsubscribe from spam. Any unsubscribe options, even when offered by Google, can result in your receiving MORE spam.

Some good news on the horizon: Google is adding AI to their spam filtering software. They claim this will make them more successful at blocking homoglyph abuse and other sneaky spam. And if Google is deploying this new technology, I bet Microsoft and other big tech firms will follow suit.

Mail2World ↔ Gmail Problems

September 11, 2023 / Jesse Mueller / 1 Comment

If you use Shentel (or other Mail2World) email, you might notice that you can’t get an email to go through to someone’s Gmail address. Or maybe a Gmail user is telling you that they can’t send email to you at your Shentel.net address. I’ve seen Mail2World ↔ Gmail Problems off and on for many years now. Here are Too Many Words™ about why that is:

Email Authentication

As email flies around the globe, it runs through many checks and authentication. Mail servers scan email for legitimacy, spam content and other safety concerns. These authorization methods are a bit above my paygrade to discuss in detail, but the main ones are called SPF, DKIM and DMARC. You can look them up and read about them, if that’s your cup of tea.

Google takes security seriously. They are very strict with their email authentication, and they frequently improve their server security. Due to Google’s size, when they raise the bar for email authentication, it affects the entire world. Other providers take notice and follow suit whenever Google makes a change to their email protocols. If email providers don’t update their email security to match Google, some legitimate email may be marked as spam. Other email may simply not get through.

The Email Block

And here we get to a problem I frequently see with Shentel email and other Mail2World-offered email addresses. It goes both ways:

Gmail user sends a message to a Shentel address, and receives an Undeliverable message in response.
Shentel mail user sends a message to a Gmail address, and receives an Failed_Precondition message in response.

You can always try sending your email in a different way. Log into a different browser or a different email app. Try using the webmail site, if you haven’t already. Go to a different computer or device. If the problem persists across multiple pieces of technology, then the problem is not yours and it’s out of your hands.

What to Do About It

If you’ve got Mail2World ↔ Gmail Problems, it is Mail2World’s fault. M2W needs to update & fix their email security. For anyone impacted by this, please consider these options:

Call Shentel tech support at 1-800-SHENTEL and report the details of your email error messages.
Email Mail2World tech support at support@mail2world.com
Consider creating/switching to another email address

I really do need you to consider that last one, if you suffer from this problem. Shentel can only report your trouble to Mail2World. Mail2World may or may not respond to your direct queries. They do respond to emails… sometimes. They have fixed this kind of problem before… but it took weeks or even months. Please know that Gmail/Outlook/AOL/Yahoo/ProtonMail/Apple email addresses typically do NOT have this problem! There are more reliable email products out there for you!

New Storage Limits on Outlook.com

April 13, 2023 / Jesse Mueller / 0 Comments

Microsoft has made some changes to the amount of free storage you get with their email and other cloud services. If you are a paid member of Microsoft 365, you probably don’t have to worry about any of this. But free users are in a different boat. The new storage limits on Outlook.com email addresses are likely to cause confusion and total email blockage!

There’s a lot of confusion about it all, because Microsoft has created a very complicated problem here. I hope I can explain it a little better than they do:

The Basic Quotas

Free users of Microsoft storage get 5GB of storage space for their files. This is where your OneDrive files go, if you use that.
Free users of Microsoft email get 15GB of storage space for their emails, contacts and calendar entries.
Microsoft free services work great, until you exceed a storage quota. Once you exceed a quota, the service stops working until you resolve the overage.

The Confusion

Here’s where Microsoft has made things confusing: your email attachments now count against both quotas. Depending on the size of your total saved attachments, you can be under quota in Outlook.com, but over your quota for Microsoft (cloud) storage. I’ll paint a hypothetical for you:

Let’s say that I’ve been saving years of emails in my Outlook.com address, and those messages total 10GB in size. That’s fine! That’s well under the 15GB Outlook.com quota. But due to the new rule, those 10GB of messages have close to 10GB of attachments, and those count against the other quota. When Microsoft notices that my email attachments are exceeding my 5GB Microsoft storage quota, they shut down my email, until I fix it.

When this email stoppage occurs, you will see it when you visit your email on the web, at Outlook.com. You may not get this stoppage alert in other email clients (Thunderbird, Outlook, Apple Mail, etc.)! So if your Outlook.com address is malfunctioning, visit the Microsoft email website to see if you get an explanation there.

Resolving an Email Stoppage

If your Outlook.com email has stoppage due to this quota issue, you’ll see a message about it at the top, as you log into the email website. But go further to see a proper breakdown and explanation of the quotas for your account:

Once logged in at Outlook.com, click the settings Cogwheel to the upper-right.
Go down the list and click View All Outlook Settings.
On the left, click General, and then click Storage in the second column.

You’ll see something like this:

If the Total used figure is over 5GB, you have a problem to address. You can either a) start deleting emails, or b) pay Microsoft for more storage.

If you’re of a mind to delete things, click the link for Outlook (Attachments) next to Free Up Space. That should take you back to your inbox, but sorted such that the largest email with attached files are at the top. Trash as much as you can stand, and then refresh the page to recheck your quota.

Or if you prefer, Microsoft will sell you more storage for as low as $20/year. If you sign up for Microsoft 365 Basic, your email storage quota will jump to 50GB instantly.

Ads in Your Email Signatures

March 25, 2023 / Jesse Mueller / 0 Comments

Some companies and software products use your email to advertise their product. Free antivirus companies commonly do this, but Microsoft and Apple are also guilty of this. They insert a blurb into your email signature, so that everyone you contact will read a promotion text at the end of your message.

Other companies do not engage in this behavior, but if you are uncertain, send yourself an email to check. I’ve met many people that had no idea that their email signature had been repurposed as a billboard.

And if you find something unnecessary in your email signature, you do have the right to turn it off or delete it out of there!

Windows Mail

If you use the Mail app under Windows 10/11:

Open Mail
Click the cogwheel icon
Click Signature
Turn off “Use an email signature”
Click Save

Apple Mail

If you use the Mail app on any iPhone or iPad:

Tap on Settings
Tap on Mail
Tap on Signature
Backspace over the text until “Sent from my iPhone” is gone

Microsoft Outlook

If you use the Outlook app on your phone:

Open Outlook
Tap the Outlook button to the upper-left
Tap the Settings cogwheel to the lower-left
Tap Signature
Backspace over the text until “Get Outlook for Android/iOS” is gone
Tap the checkmark to the upper-right

AOL App

If you use the AOL app on your mobile device:

Open AOL and tap the Inbox icon to the lower-left
Tap the Account button to the upper-left
Tap the Settings cogwheel
Scroll down and tap Signatures
Use the slider to turn off “Include signature in new messages”

ProtonMail

If you use ProtonMail on the web:

Click Settings, then click Go to Settings.
On the left, click Identity and addresses.
Delete the text in the Signature box.

Special note: ProtonMail has an additional ad at the bottom of their emails, called the Proton Mail footer. You’ll see it right below the Signature box. You cannot turn off this footer, unless you upgrade to a paid plan.

Avast Antivirus Free

Open Avast Antivirus
Click the Hamburger Menu
Click Settings
Click Protection
Click Core Shields
Scroll down to “Configure shield settings” and click Mail Shield
Uncheck the box for “Add a signature to the end of sent emails”

AVG Antivirus Free

Open AVG Antivirus
Click the Hamburger Menu
Click Settings
Click Basic Protection
Click Email Shield
Uncheck the box for “Add a signature to the end of sent emails”

Let me know if you notice this with any other big name software or email product, and I may be able to add the removal steps to this post, thanks!

Microsoft Outlook for Mac — Now Free!

March 7, 2023 / Jesse Mueller / 0 Comments

Microsoft has made their Outlook email client free to download & use on Apple computers.

This is just for the Outlook app. If you want Word, Excel or other Office apps, you’ll still have to pay up. Or use LibreOffice.

Outlook aims to be the swiss-army tool of mail clients, with calendaring, tasks and more. If you prefer something more simplistic, MacOS Mail isn’t going anywhere. And if you need something with lots of features but want to avoid Micro$oft, there’s always the free Thunderbird email client.

Check Mail from Other Accounts with Gmail

February 11, 2023 / Jesse Mueller / 0 Comments

Google has built in a very useful feature with their email service. In Gmail, you can configure something called “Check Mail from other Accounts”, and then Google will continually pull in the messages sent to another email address you control. You can do this with one or many other email addresses!

The Steps

Before you start, make sure you know your full email address and its login password.

Go to your Gmail at Gmail.com on a computer.
Click the cogwheel icon.
Click See All Settings.
Click Accounts and Import.
Scroll down to find the subsection labelled Check mail from other accounts.
Click Add an email account and fill in an email address. Click Next.
Choose Import mail from my other account (POP3) and click Next again.
Adjust the Username field to show the entire email address that you want Google to check.
Type in its password in the second field.
You may want to check the box next to Label incoming messages so that the incoming messages stand out from the ones sent directly to your Gmail.
Click Add Account to finish.

Disclaimers & Cautions

If that final setup screen did not fill in the POP server field automagically, you may have to figure out the correct server name to enter. You may also have to double-check the port number. That may mean calling your ISP or doing some research. Reach out to me if you need help with this!

This process can result in you importing a lot of email. If the other address has a lot of email in the inbox, you can expect a lot to arrive in your Gmail. But it shouldn’t hurt anything. At the worst, you’ll just have a lot of unneeded messages to delete.

This only brings messages. Contacts, Calendar entries or Notes are separate and would involve a different set of steps to bring over.

Google only checks the other email once an hour for new messages. That means that as people email your other address, they will arrive in your Gmail inbox, but there may be a time delay of up to one hour.

What Good Is All of This?

People most commonly use this feature when they are switching from an old email address to a new Gmail. It’s really helpful, because all of the old email dumps into the new Gmail inbox. Now you only have one inbox to check! And the label feature helps you determine who is still using the old address. You’ll know form that whom to contact, to let them know about your new address.

You might use this feature, even if you plan to keep the other email address, long-term. It may be too much work to abandon the other address, but it may still help to have everything arriving in one inbox.

Also, Gmail’s spam filter may be the best of its kind, at least amongst free offerings. Routing a spam-laden email address into your Gmail inbox can filter out a horde of nastiness.

Lastly, I often recommend this approach when mail forwarding is not working for someone. If you had set up mail forwarding in your other address and it wasn’t reliable, you can turn it off and try this method instead. Google will get the job done properly.

Shentel/Mail2World’s 2023 Email Outage

February 10, 2023 / Jesse Mueller / 0 Comments

Can you believe it’s been a whole year since the worldwide Mail2World 2022 email outage? Also: Can you believe it’s only been a year and Mail2World has brought us another email outage?

OK, so far, it looks like it’s only affecting Shentel email. I am checking in with other Mail2World clients, and they report no issues at this time. But if you use Shentel email, you may not be able to access your messages, nor will you be able to send or receive anything.

This outage seems to extend to Shentel Webmail, mail clients, and the mobile app. Wherever you go, Shentel email is kicking up some scary security warnings:

If you’re suffering from these errors, there little that you or I can do. It’s on Mail2World to fix this. They may have forgotten to renew a security certificate on the server that makes your email work. For now, I see your options as:

Call Shentel at 1-800-SHENTEL and inquire politely for an ETR.
Sit tight and check your email occasionally.

I will update this page if I encounter new information!

UPDATE@9:30PM: Shentel Webmail is starting to open up again for people. M2W may have bought a quick 1-month security certificate to tide things over.

If you’re still getting errors from your email client (Mail, Outlook, Thunderbird), reboot your computer and see if things start working again!

UPDATE@7:30AM, 2/10/2023: Looks like everything is back to normal and functional again. But now we get to wait a month and see if this recurs on 3/13/2023. Mail2World, we’ll be watching you.

Mail2World’s 2022 Email Outage

January 14, 2022 / Jesse Mueller / 15 Comments

On Wednesday, 1/12/2022, an email provider named Mail2World disappeared from the internet. They’re a modest company based in California that provides email for millions of people worldwide. They handle the email service for many different ISPs (including Shentel, Buckeye Broadband, and SRT), as well as for individuals and small businesses. Information on this outage was challenging to come by, so I’m going to chronicle what I saw and learned during this event, below.

Day One (January 12)

Around 7AM EST, all email service with Mail2World stopped. For the entire day, no answers were forthcoming. People calling their ISPs got only vague explanations: “Email is completely down, we have no ETR.”

Those that contacted Mail2World directly received an unprofessional response. I had hoped they would issue a press release or a Pinned Post on Facebook. But, ironically commenting on an older Facebook Post about “improving your chances of getting your email read,” Mail2World shared only a few vague tidbits. It was nothing informative (“Please be advised that we’re fully and diligently working on the current email service outage.”) and only aggravated their clients further.

Day Two (January 13)

With email still down, Mail2World told some ISPs to expect a 3PM EST recovery time. But that deadline came and went, and everyone had to face the fact that nothing would be restored this day.

A sharp-eyed Facebook commenter pointed out a breaking news story (alternate link) about a ransomware attack and suggested it might be relevant. I called the ISP mentioned in the story and got confirmation: Mail2World is their email provider, and a ransomware attack had brought down all of Mail2World.

Day Three (January 14)

The outage continued, but repair progress could be detected. Using DNS detection websites, people could see that Mail2World DNS entries were coming back online, across the globe. M2W had been completely absent from the world’s DNS servers for the first two days of this outage!

Repeatedly contacting Mail2World, I could only get the briefest assurance from M2W that no one data was compromised or stolen. And as more news reports about the ransomware attack emerged, that seemed to confirm that user data was safe through this debacle. Other ISPs started to report more details, as well.

After much teeth-grinding, Mail2World posted an non-update on their Facebook Page. Huzzah! And their sales website came back online, more progress!

Day Four (January 15)

Early in the morning, Shentel reported email service may be restored in the next 24 hours. By some estimates, that would be extremely quick and efficient, but not unheard of.

By mid-day, a rare few M2W email accounts were able to send out messages, although they arrived with security warnings and other malformations. Still, it showed further progress!

As Day Four drew to close, a few users reported in about email arriving to their Mail2World accounts. We couldn’t declare a complete recovery yet, but some people were able to send off a few messages, and verify that their old emails were once again available.

Day Five (January 16)

I woke to reports of Shentel (Virginia) email users happy with their restored accounts. Reports from other states (Indiana, South Dakota, Ohio) were varied, but most showed some signs of functionality. Other countries (Sweden, Australia, Mexico) also reported in about recovery, again varied, with some at full email ability, while others still hampered or limited.

This outage was mentioned over at Slashdot, but still hadn’t garnered any national or large-scale news coverage.

For my part, I recommended to anyone with fully-restored ISP email, to call into to their internet providers for a refund or credit. Since Mail2World would surely pay a penalty to their ISP clients for the outage, I reasoned that that money should be passed along to the ISP customers themselves. And my experience with many ISPs is that: If you don’t ask, you don’t get!

Day Six (January 17)

Today I found that most people worldwide have their basic M2W email service back. But there are some outliers that are still waiting, in Sweden or Mexico. These folks tend to be individuals that have enrolled in free email service directly with Mail2World. I can only guess that they are low-priority, and may have a much longer repair time than the blocks of email addresses repaired for the large ISP customers.

If you’re still waiting for an M2W repair, I can only tell you to hang in there, keep waiting and reach out to Mail2World repeatedly as time goes on. You can call them at +1 (310) 209-0060, visit their website, check them on Facebook, or find their Twitter feed. Good luck!

Epilogue (March 9)

Most everyone I know has moved on from this issue. But I am still disappointed. There are many questions left unanswered: What ransomware or criminal group caused this? Was the attack successful because of employee error or a zero-day exploit? Was the ransom paid or not?

For my part, I’ve pinged M2W for 2 months, through FB/Twitter/email/LinkedIn, asking for more info. And today, I got a phone call from one of their agents. He explained that the matter has been investigated, mitigated, resolved and put to bed. All informative reports have been finished and submitted… to the ISPs and involved companies.

He didn’t have any press releases or documentation for me. Or for the masses of email users out there. All of the “post-mortem” reports have been sent to Shentel, Buckeye Broadband and similar companies. And those big ISPs might not share that info with us little people, because, well… lawyers.

But this kind gentleman who called me reiterated: The ransomware attack did not expose anyone’s email info. He briefly mentioned that a 3rd-party vendor made a mistake and left a port open somewhere, and bad actors capitalized on the vulnerability. Now that all the forensics and investigation is through, M2W has improved their security and procedures to prevent this from happening again.