To Eli and y'all well, I got my answer from www.sarc.com It turns out that when it infects someone's computer, it goes over the address book and Randomly choose an email address as the from field. This new technique is Highly disturbing, since it represents more than loss of hours! it mess up your business public relations. hmm...., add it to the things we can't solve on the internet without fixing every faulting server.
On the other hand, the only viable solution I can think of from a practical POV: You could add a 1 click .cab/installed link to your signature, that urges your contacts to click on it. This .cab file is an authentication mechanism of a 3rd party, or, created by you(its very simple to do). p.s: please note that pgp sig may not be adequate because you need more operations than 1 click to install a 3rd party(because u defined most users to be dummies ;), or that it is too public to trust it to perform like you want it, which is to convince your customers that this email was received from you and you only. Plus, they also get a kind of certificate that they received it from you, and you get a copy of that certificate. Think of it like the Secureclick.com service for visa cards. every time you will send an email a (auto number like) unique certificate will be issued that can't be faked since you are the only one who will confirm/deny certificates. A scenario that comes to my mind is as follow: 1)A new contact receives an email from you, then reads at the bottom that you urge him to click on a certain link, lets say "http://www.yoursite.com/verificationplugin_quick_install"; and after about 30 sec you are secured from email spoofing for this particular user. 2) your not so new now contact, receives another email from you to his outlook mailbox the plugin quickly checks the header of the message and reads the serial number (hiddenly) attached to your from address, contacts your webserver xml/php whatever web application and verify the message to your address and confirms or denies the signature. All is well in contact land :) TO: Eli Marmor ok, now to get back to the real world ;)! I am not certain you have the will and the knowlege to create (although its not so difficult) this kind of plugin. I would suggest another alternative. 1) create a web page using php that generates a signature which includes an http address with the included details: http://www.yoursite.com/verify_this_message.html?emailaddress=xxx&message_serial number&one time hash password=xxxhashxxx (u can do that using perl, for example when unix creates passwords it give you the hash and not the real password. for your case store the random password and give the generated hash from the passwords to users). 2) using outlook, whatever, create your email as you regularly would, and copy/paste the new signature to your email. 3) when the user will get your email, he will click on the veryification address which will contact your site .php/whatever page which will very him. That should protect you from most forms of email spoofing. Please note though that this method is vulnerable to web redirection, though i am doubtful that someone will generate a virus just to hurt your organization + its your only choice if your users will not install some kind of verification mechanism. also, note that this method is platform free so it can run on any user client. and last, its free :)! Tell me if it helps. * - * - * Tzahi Fadida [EMAIL PROTECTED] Fax (+1 Outside the US) 240-597-3213 * - * - * - * - * - * - * - * - * - * WARNING TO SPAMMERS: see at http://members.lycos.co.uk/my2nis/spamwarning.html > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf > Of Oleg Goldshmidt > Sent: Wednesday, April 24, 2002 9:19 AM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Re: OT: The Heaviest Wave of Viruses > > > Tzahi Fadida <[EMAIL PROTECTED]> writes: > > > Just for the sake of curiosity, this virus that everybody talks > > about that impersonate someone without even infecting that someone. > > How exactly does it get your email address? > > A couple of ideas: a) web harvesting; b) grabbing it from someone's > Outlook contact list. Inserting it into the from field when sending > itself to someone else from your friend's contact list is, I assume, > rather trivial. > > -- > Oleg Goldshmidt | [EMAIL PROTECTED] > [Lisp] is the only computer language that is beautiful. > - Neal Stephenson > > ================================================================= > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > > > > > ================================================================To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
