/me nods And the best part is alot of the bonehead isps dont use smtp servers that actually check the ip they just blindly follow whatever is sent to them. ----- Original Message ----- From: "Doug White" <[EMAIL PROTECTED]> To: "CF-Community" <[EMAIL PROTECTED]> Sent: Thursday, June 26, 2003 1:56 PM Subject: Re: how stupid
> Only the IP number in the email header will reveal the true source of the > virus-infected email. > > The from address is usually spoofed. > > ====================================== > Stop spam on your domain, use our gateway! > For hosting solutions http://www.clickdoug.com > ISP rated: http://www.forta.com/cf/isp/isp.cfm?isp_id=772 > ====================================== > If you are not satisfied with my service, my job isn't done! > > ----- Original Message ----- > From: "Jeff Garza" <[EMAIL PROTECTED]> > To: "CF-Community" <[EMAIL PROTECTED]> > Sent: Thursday, June 26, 2003 12:27 PM > Subject: Re: how stupid > > > | Actually, the Klez virus can take any email from the list it's sending from > | and use that email as the From and Reply-To fields. This happend to my mom. > | I'm sure she doesn't have the Klez virus on her machine yet she still gets > | about 50 bounce messages a day from AOL. One of the unpleasant > | potentialities of dealing with Klez... So, Dana, you probably never had the > | virus in the first place and AOL sucks for sending back the entire message, > | virus attachment and all.. Their mail gateway should delete the entier > | message and send a digest of the transaction back to the "purported" sender. > | > | Jeff > | > | ----- Original Message ----- > | From: "William Wheatley" <[EMAIL PROTECTED]> > | To: "CF-Community" <[EMAIL PROTECTED]> > | Sent: Thursday, June 26, 2003 10:18 AM > | Subject: Re: how stupid > | > | > | No i wasn't patronizing you but that error message by itself when you read > | it shows that it was rejecting a message you sent. Of course without all the > | facts thats the only conclusion one could come to. > | > | Does the virus send fake emails proporting to be from the ISP? Its easy to > | spoof mail and such that might be a fun virus to have to deal with fake > | Daemon messages that actually have viruses. > | > | > | ----- Original Message ----- > | From: "Dana Tierney" <[EMAIL PROTECTED]> > | To: "CF-Community" <[EMAIL PROTECTED]> > | Sent: Thursday, June 26, 2003 12:27 PM > | Subject: Re: how stupid > | > | > | > Ahem. AOL emailed me the sobig.e virus according to my Norton antivirus. > | > The email has an attachment labeled your_details.zip, which is per the > | > specs for this virus. Naturally I did not open it. But the email is not > | > from [EMAIL PROTECTED]; the email is *from* AOL saying my email to her was not > | > delivered because it has a virus. Which they helpfully included for > | > reference. Now, from the top, this virus claims to be from people who are > | > also in the address book of the original sender. I do not know ruthj and > | > she is not in my address book, and I don't have this virus because norton > | > caught it in this email that AOL sent me. > | > > | > God I hate it when you patronize me, especially when you usually don't > | have > | > a good grasp of what is going on when you do it. > | > > | > Dana > | > > | > On Thu, 26 Jun 2003 12:18:19 -0400, William Wheatley <[EMAIL PROTECTED]> > | > wrote: > | > > | > > That doesn't say aol sent you a virus that says whoever mailed that ruth > | > > person has a virus that was in their email and they had better fix it. > | > > > | > > But either way aol is evil. > | > > > | > > > | > > ----- Original Message ----- From: "Dana Tierney" <[EMAIL PROTECTED]> > | > > To: "CF-Community" <[EMAIL PROTECTED]> > | > > Sent: Thursday, June 26, 2003 12:12 PM > | > > Subject: Re: how stupid > | > > > | > > > | > >> the AOL user didnt send me the virus. AOL did. I got the following, > | with > | > >> the virus as an attachment. > | > >> > | > >> The original message was received at Thu, 26 Jun 2003 06:09:09 -0400 > | > >> (EDT) > | > >> from [66.72.7.21] > | > >> > | > >> *** ATTENTION *** > | > >> Your e-mail is being returned to you because there was a problem with > | > >> its > | > >> delivery. The address which was undeliverable is listed in the section > | > >> labeled: "----- The following addresses had permanent fatal > | errors ----- > | > >> ". > | > >> The reason your mail is being returned to you is listed in the section > | > >> labeled: "----- Transcript of Session Follows -----". > | > >> The line beginning with "<<<" describes the specific reason your e-mail > | > >> could > | > >> not be delivered. The next line contains a second error message which > | > >> is > | > > a > | > >> general translation for other e-mail servers. > | > >> Please direct further questions regarding this message to your e-mail > | > >> administrator. > | > >> --AOL Postmaster > | > >> > | > >> > | > >> ----- The following addresses had permanent fatal errors ----- > | > >> <[EMAIL PROTECTED]> > | > >> ----- Transcript of session follows ----- > | > >> ... while talking to air-xm03.mail.aol.com.: > | > >> >>> DATA > | > >> <<< 554 TRANSACTION FAILED - Unrepairable Virus Detected. Your mail has > | > > not > | > >> been sent. > | > >> 554 <[EMAIL PROTECTED]>... Service unavailable > | > >> > | > >> On Thu, 26 Jun 2003 10:59:06 -0500, Matt Blatchley ~ Bridgeleaf Studios > | > >> <[EMAIL PROTECTED]> wrote: > | > >> > | > >> > Dana, > | > >> > > | > >> > I run into similar issues with AOL users. I have a few clients who > | > >> > refuse > | > >> > to use the email addresses I setup for them and they send me virus's > | > >> too > | > >> > stating I sent it to them. Big pain in the ass because I've > | requested > | > >> a > | > >> > response from the folks at AOL, but like you said, the level of > | > >> response > | > >> > is > | > >> > by someone part time and doesn't give two shiznitz about anyone other > | > >> > than > | > >> > their own customers, and that's only if they bitch consistently. I'd > | > >> > love > | > >> > to rant about them two, but I'll spare the rest of the list my > | opinion > | > > on > | > >> > that issue seeing as how they can all assume my feelings on that one > | > >> > anyway. > | > >> > I feel for ya! > | > >> > > | > >> > Matt > | > >> > > | > >> > > | > >> > -----Original Message----- > | > >> > From: Dana Tierney [mailto:[EMAIL PROTECTED] > | > >> > Sent: Thursday, June 26, 2003 10:34 AM > | > >> > To: CF-Community > | > >> > Subject: how stupid > | > >> > > | > >> > > | > >> > (rant) > | > >> > I was complaining yesterday about getting a little notice scolding me > | > > for > | > >> > allegedly sending a virus to somebody I don't know in Finland. The > | > >> virus > | > >> > in > | > >> > question puts names from the true sender's address book in the "from" > | > >> > field, but apparently the system in question is not set up to check > | ip > | > >> > addresses. > | > >> > > | > >> > I ran an extra virus scan last night to be sure, and no, I don't have > | > >> > this > | > >> > virus. I would not expect to as my virus software scans incoming > | mail. > | > >> > > | > >> > This scan works, as demonstrated by the fact that this morning it > | > >> warned > | > >> > me > | > >> > that someone emailed me a virus. Come to find out it is AOL, > | > >> complaining > | > >> > that I sent this virus to [EMAIL PROTECTED], whom I do not know. > | > >> > > | > >> > The truly astounding thing is that *they mailed the virus to me* -- > | is > | > >> > that > | > >> > supposed to prove something? What if I did not in fact have up to > | date > | > >> > software? I used to work at AOL so I am well past expecting > | > >> intelligence > | > >> > from them, but geez, this practice is a threat to the health of the > | > >> > internet. Too bad it doesn't have a WHO. > | > >> > > | > >> > (end rant) > | > >> > Dana > | > >> > > | > >> > > | > >> > -- > | > >> > Mr Jones and me > | > >> > We're stumbling through the barrio.... > | > >> > > | > >> > > | > >> > > | > >> > | > > > | > > | > | > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/cf_lists/index.cfm?forumid=5 Subscription: http://www.houseoffusion.com/cf_lists/index.cfm?method=subscribe&forumid=5 Host with the leader in ColdFusion hosting. Voted #1 ColdFusion host by CF Developers. Offering shared and dedicated hosting options. www.cfxhosting.com/default.cfm?redirect=10481 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5
