I read a recent post here about McAffee Site Advisor, became curious and checked them out. I ran one of my sites through just to check them out and to my horror they are telling some out right lies and some misleading things about the one site.

The site is floridafishinginformation.com the advisor report is here (http://www.siteadvisor.com/sites/floridafishinginformation.com).


They say they "signed up on my web site and are now receiving 2.4 emails a month.
That's impossible. I don't have a news letter, I never send mass e-mails and sometimes don't even answer real form results from real people. If a real human asks a real question or gives a fishing report I respond but I've certinly never received anything from McAffee!

In the detailed "E-mail Analysis" section thay are giving me a 3 out of 10 "spammines" rating!
Again, I don't have a newsletter nor do I do any mass e-mail of any kind!

The "Established In" date is way wrong (1996 not 2004!)

Overall it's not a bad report I suppose, but it's not accurate, and for some reason that whole spamminess thing has me really irked!



You should see what they say (http://www.siteadvisor.com/sites/googlesyndication.com/summary/) about "googlesyndication.com!" Hilarious!

I can't say why McAfee got it so wrong. But I have McAfee Site Advisor installed on IE 6, and the good news is that it shows green, with a ballooned comment to the effect that McAfee tested the website and found no significant issues.

I'm guessing that very few people would follow the link to details to learn more.

DrayScherm

dray design studio
www.draydesign.com

You could be sending out Spam e-mail and not even know it.

I have one site hosted by godaddy,com that started sending me emails with "Cannot send error" messages
when i looked at the email addresses sending these messages they weren't mine, but somoeone who had hacked into godaddy (either directly or through my portal) and was creating and sending emails through names they made on my domain. (via whatever@mydomain.com)
When I contacted godaddy about this, they told me to turn off the catch all feature of my main account. All this would do, would to be keep me from getting the messages. They offered no relief from the problem except that they would check into it.
Bottom line is somebody could be using your domain name to send spam and you wouldn't even know about.... call your hoster and make sure this is not the case.

If you are clean, then call McAffee and blow a spleen.

You could be sending out Spam e-mail and not even know it.

I have one site hosted by godaddy,com that started sending me emails with "Cannot send error" messages
when i looked at the email addresses sending these messages they weren't mine, but somoeone who had hacked into godaddy (either directly or through my portal) and was creating and sending emails through names they made on my domain. (via whatever@mydomain.com)
When I contacted godaddy about this, they told me to turn off the catch all feature of my main account. All this would do, would to be keep me from getting the messages. They offered no relief from the problem except that they would check into it.
Bottom line is somebody could be using your domain name to send spam and you wouldn't even know about.... call your hoster and make sure this is not the case.

If you are clean, then call McAffee and blow a spleen.

He's correct. Your server could be controlled by a zombie network or such. They are so good they can turn things on and off by remote control seemingly.

And if you are such a victim you owe McAfee a retraction.

They offered no relief from the problem except that they would check into it. I can help where godaddy cannot... Try disabling "Formmail.cgi" or renaming it at least. Also configure the security systems in it (not as hard as it sounds). Spammers have figured out how to use it to send their e-mails...

As far this being the prob w/ my Mcaffe thing, I'm not thinking that's it (my hosting company swears I can leave formail.cgi intact as they have some kind of secret procedure that stops spammers from doing this . . .), because the mcaffee site showes the subjewct line of the e-mails they recieved and it is the one that shows when the form sends me an e-mail (its mispelled because I'm the only one who sees it), with an re: in front of it.

ie; when someone fills out the form, i get an e-mail with the subject line: FFI feddback they show an e-mail subject line that says RE:FFI feddback.

But you're right what else can I do but contact them.

And DrayScherm is right too, overall they still give me a positive rating so maybe I should just let it go.

Hey Texx,

I'm guessing you saw my message in the other thread about our problems with McAfee SiteAdvisor. If you like you can try contacting the support guy I've been in contact with. I'll PM you his email address. Not sure it will get you anywhere as they still haven't removed all the ridiculous comments about our site, but you're welcome to try.

I just had a thought... What if instead of PMing the McAfee support guy's email I posted it publicly so that it could be harvested by spam bots. LOL!

- Paul

I'm guessing you saw my message in the other thread about our problems with McAfee SiteAdvisor -- Yup!

Thanks for the PM!

Thanks for the info Texxs

It's also conceivable that the spams are being sent out with your address as the sender without any access to your mail server-- there's really nothing (much) that prevents you from putting any sender address you want at the top of an email... If they trace things back using the header and the messages are originating from your server that's a different matter, but if this is only based on the sender address matching your domain, then, well... there's really nothing to be done about it, and it proves nothing about whether you actually sent the message anyway.

-A
After Cheese: Movie and Pop Culture Commentary (http://www.aftercheese.com/)

Spam-mails are always sent with a faked return address, but that could only have confused one of SiteAdvisors voluntary reviewers - not their automatic robot simply signing up to any forms present.

However, below the surface there might be a phish lurking nevertheless. I was recently reminded of a somewhat similar case, where the websites owner obviously still isn't aware of the hidden phish (at least they haven't removed it yet):

http://www.siteadvisor.com/sites/uniroma2.it/postid/?p=314871#post314871

In any case, you could post your own comment on Siteadvisor, speaking on behalf of the site itself...

I poked around the site advisor site a bit, it doesn't seem that posting a comment helps a bit. I'll try calling them.

on an intersting side note did you see that site dicussed in you link is down?

http://mac125.bio.uniroma2.it

On an intersting side note did you see that site dicussed in you link is down? http://mac125.bio.uniroma2.it

About time they discovered that phish, and removed it; it's been lurking there for months...

I poked around the site advisor site a bit, it doesn't seem that posting a comment helps a bit. I'll try calling them.

Why not both? I'll still suggest that you post a correction, not as reviewer but as the website owner.

The "Established In" date is way wrong (1996 not 2004!)

I just tried WHOIS (at dnsstuff.com) and got this: Created 05-mar-2004 - Updated 11-jan-2007 - Expires 05-mar-2008. Mayby you should contact Whois as well...

It's also conceivable that the spams are being sent out with your address as the sender without any access to your mail server-- there's really nothing (much) that prevents you from putting any sender address you want at the top of an email... If they trace things back using the header and the messages are originating from your server that's a different matter, but if this is only based on the sender address matching your domain, then, well... there's really nothing to be done about it, and it proves nothing about whether you actually sent the message anyway.

This is exactly right. Yo do not need to have access to your domain name to create an e-mail that appears as if it were coming from you. This is easily done from many scripting tools available, or even Outlook.

Of course, the e-mail has to be sent from somewhere, and that's what zombie servers are for, but that is unlikely to be your problem here.

Texxs, FWIW, I have had some run-ins with McAfee and this Site Adviser BS. Yes, they (like Alexa) are putting up erroneous info for websites. It's several years off with the "Established in:" area for me as well; "Links to green sites" only lists a few of my OBL's and lists the ones that are not important or well known; and what I hate most of all is the "Popularity" icon which lets everyone know you have little traffic. That is harmful to the success of the site.

The jerks refuse to fix any of this and I think they should be sued for tossing out false potentially slanderous/harmful data.

Revealing the traffic of any site, large or small,
is what Alexa has been doing for many years now.
If you want to blame SiteAdvisor for that, why not Alexa too..?

And another point: "It's several years off with the 'Established in:'..".
When I asked Whois, it said the same as SiteAdvisor, 2004.
If that's not correct, then blame Whois, and make them change the year...

hmmm, I noticed the who is data was wrong. I wonder what's up with that . . .

If whois data is incorrect, maybe two sites have been mixed up. That could (perhaps) explain SiteAdvisor too...

I didn't think that was possible. Isn't technology infallible? Ok, just kidding. I do trust technology too much sometimes though...

Mixing two sites up seems like it could mean bad things for the internet though.

"Isn't technology infallible?"

Does that mean you have never met windows 3.0 (or tried frontpage)?

I don't know who made the original error (but probably a human, as they have never been known to be infallible).
But I'm quite sure SiteAdvisor got those data from Whois (as would I). Where did Whois get it from..?

If you could solve that, we would all be less mystified...

it is accurate in most cases. i use the mozilla addon and it is even able to tag my google search results :)