At 00:26 -0400 6/22/12, Dan wrote: >At 4:12 PM -0700 6/21/2012, glen wrote: >>I get my share of spam -- most of it goes into the spam folder where it >>belongs. > >Which spam folder - the one in your local mail client or the one on Yahoo's >service? > >If the former then your Yahoo service isn't doing its job. > >>During the past months I found a few spams disguised with the name and email >>address of former business clients and today the name and email address of a >>close friend in my inbox. >[snip] >>are any of my Mac's responsible for this? > >Doubtful. While there are a few trojans around that will harvest address >books and such, they're rather rare. And your anti-virus would have caught >them. > >>Or, are spammers hacking into my friend and clients email devices to cause >>this disturbing disruption? > >More likely, especially if they're using Android or Windows. > >>Or what else could be causing this? Is it something I should be concerned >>with? > >Most likely - you or your friend's email account on the mail service (Yahoo in >your case) was broken into and harvested. Services such as Yahoo's are under >attack 24/7. Change your passwords. > >OTGH, it's possible your conclusions as to the origins of the emails are >incorrect. Them spammers is getting awfully good at forging things these >days. Can't tell without seeing 'em tho, including complete headers. > >HTH, >- Dan.
Dan's comment on needing full headers is important. You can look at the headers yourself. Email clients regularly suppress headers that they think are not important but, though the button may be hidden pretty well, they can all be asked to show you the whole thing. My email host adds headers that are derived from SpamAssassin, software used by them on all mail, which can often have something to say about irregularities in the message. But headers can also be faked. The ones fully trustworthy are added last while the message is enroute. The last Received: header is most likely correct. The From: header is generated entirely by the sender and can easily be a lie. It is also possible that your friends' machines have been infected with malware that turns them into a robot which regularly calls a bad machine on the net and receives messages that it will copy out to perhaps hundreds of recipients. That is best fixed by removing the bad stuff from your friend's machine which, as Dan says, is unlikely to be a Mac or other UNIX-based machine. Try looking at the full headers in suspected messages. They're pretty much readable text. You might even discover something in common that you can use as a filter. But then you might discover that Yahoo itself deliberately makes that difficult. They do have some strange ideas that have bothered me. Reading mail over an HTTP link with a browser does limit your options. List-ID: Spam-Tools Discussion List <spam-tools.cartel.listmoms.net> To: Spam-Tools Discussion List <[email protected]> is a mailing list that has not been too active recently. It's a bit geeky but has taught me a lot. I don't know if they have an archive. Last message was from Jim Carr about a new antispam scheme introduced by Yahoo on June 6 2012. quoting from that: At 02:09 -0700 6/7/12, Jim Carr wrote: >The second technology, SPF, or Sender Policy Framework, allows email >senders to indicate which hosts are authorized to send their email, >allowing receiving organizations to discard messages coming from >spoofed "from" addresses. -- --> From the U S of A, the only socialist country that refuses to admit it. <-- -- You received this message because you are a member of G-Group, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/g3-5-list
