Problem we are running into is that clients are getting listed on RBL's because of them. Couple hundred e-mails get bouced back and suddenly they are listed as the spammer and their legit mail is getting bounced.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pfefferkorn, Pete (pfeffepe) Sent: Monday, April 14, 2008 10:36 AM To: Exchange Discussions Subject: RE: User receiving Spam Bouncebacks.. Seems like we are getting more of these due to the BOT's. Very concise and easy to understand for the common user, so we also added it to our list of generic responses. Thanks. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Van Eck, John Sent: Friday, April 11, 2008 11:59 PM To: Exchange Discussions Subject: Re: User receiving Spam Bouncebacks.. Please, feel free to use as needed. As to why spoofing wasn't in there...I really can't say. I wrote the thing a few years back, with the end user in mind, and I tried to stay away from technospeak. Except for the "virtual virus" which provided an anchor for users to grasp. Might be time for a rewrite, though I am leary of messing with something that has worked quite well. We seldom get calls from users regarding this issue now -- our help desk used to get quite a few calls, many times repeat calls! For the record, we have 32k users in the County system. When a user calls with the issue, our HD just fires off that form letter. And we don't hear from user about that issue again. Very efficient. Use it well, thanks for asking! John Van Eck Core Systems, AD/Exchange Department of Technology Services Montgomery County (240) 773-8005 [EMAIL PROTECTED] "The heart has its reasons that reason knows nothing of." - Blaise Pascal ----- Original Message ----- From: Van Eck, John To: Van Eck, John Sent: Fri Apr 11 23:48:30 2008 Subject: RE: User receiving Spam Bouncebacks.. That is beautiful. Nice, clear, and easy for the user to understand. I, too, wouldn't mind leeching this with your permission. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Van Eck, John Sent: Friday, April 11, 2008 1:01 PM To: Exchange Discussions Subject: RE: User receiving Spam Bouncebacks.. Here's what we send, lots of positive feedback from users, and because it is a form letter it takes no time. Bad guys lose :-). Never hear from user again about this issue. *********Begin trans******** Dear USERNAME, First, thanks for the attention you're paying to your e-mail. Vigilance of users is the first line of good mail security. As you know, we live in a world where viruses can attack us in many ways. Although the County e-mail system is protected 100% from all known and probably all unknown virus attacks, what you are experiencing is what we call a "virtual virus". Essentially, it has effects similar to a real virus in many ways, but you (or your mailbox, or your mail server) are not actually infected. Here is how this happens: 1.There are many viruses in the wild that will infect a machine and read that machines address book. 2.These viruses then create e-mail messages using the addresses it has found as both the sender *and* the recipient. That is, the virus populates both the "to" and the "from" fields with addresses it got from the machine's address book. 3.These viruses then send out these e-mail messages, and the Internet tries its best to deliver the messages to the appropriate e-mail server. 4.If the appropriate e-mail server has virus protection, or good policies blocking certain forms of attachments, the receiving e-mail server will say "Nope, we don't want this message". At this point the message is either deleted *or* sent back to the sender of the message -- and here is where it gets annoying!!!! 5.When you address a letter for the U.S. post office, and put the return address label on, nothing stops you from saying the message was sent from your neighbor's house instead of yours -- if the USPS can't deliver the letter they will return it to YOUR NEIGHBOR'S house instead of yours. The same is true with e-mail -- when the server sends it back, it goes to the person listed in the "FROM" field, which as described above is just some poor soul who had his address in the infected computers address book! As a result, a person whose machine is NOT infected gets a message from a legitimate server saying "The message you sent was infected" or "We block these messages because they are bad" or something like that. This of course causes all sorts of strife with the user and his/her mail administrator, as they try to determine where the infection is. The reality is the person getting the reply message is NOT infected, their address is just in some infected computers address book. It is literally impossible to track these down. So you see, it is truly a virtual virus -- You get all the hassle of messages from servers saying you sent a bad message, in fact you might even get nasty phone calls from people who get infected and blame you, but you yourself are actually NOT infected. How can we guard against this? We can't! :-(. We could block all non-delivery reports so you don't get the messages from servers saying you sent a bad message, but then you will never know if you have problems sending a LEGITIMATE message, or if you are blocked for some other reason. You could never give your e-mail address out to anyone, but then they'll never mail you. You could verify that everyone you ever come into contact with has up to date virus protection and practices safe computing, but the County has not been able to achieve this with a KNOWN population, so your chances are glum here. The only sane course of action that defeats the purpose of the virus is to delete the message if it is not one you sent and get on with your life. This minimizes your stress and also the pleasure the virus maker gets from this sort of activity. Thank you for taking the time to read all of this, and if you have any further questions or concerns, please let helpIT know. Sincerely, John Van Eck Network Administrator Montgomery County Government ********end trans********* John Van Eck Core Systems, AD/Exchange Department John Van Eck Core Systems, AD/Exchange Department of Technology Services Montgomery County (240) 773-8005 [EMAIL PROTECTED] "The heart has its reasons that reason knows nothing of." - Blaise Pascal _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with. _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016 Please include the email address which you have been contacted with.
