Inhabitant of Zion wrote:
So zap them before they even hit your machine:
Just found out how to set my server to return to sender all mails to
unknown users.
Not ideal but at least I am getting a bit of peace and quite again!
:-)
I'm not sure if you want to do that. If it's anything like
]
To: [EMAIL PROTECTED]
Sent: Saturday, December 18, 2004 6:48 AM
Subject: Re: [newbie] Virus laden e-mail
According to the 'Received:' trace, the message originated at:
[220.244.219.186]
linux-mandrake.com (220-244-219-186-qld.tpgi.com.au
[220.244.219.186])
I have gotten 3-4 from the same IP
Glad I proved helpful once I had time to write an extended reply.
{^_-}
- Original Message -
From: Inhabitant of Zion [EMAIL PROTECTED]
Hi
OK I've read with interest some of your replies. It would seem that
what I have actually been doing is rejecting any emails sent to me
whereby
On Thursday 16 December 2004 23:27, jdow wrote:
Humble (moi! humble?) request, please be careful with terminology, even
if AOL and Microsoft are sloppy as hell. Bounce sends a message back to
the purported sender, [EMAIL PROTECTED] Rejects simply reject it from the
server forwarding the email
JoeHill wrote:
Actually, I've found several times that AVG catches malware that Norton doesn't,
and it's free, and got a *way* smaller footprint than Norton's bloatware.
I use Avast! antivirus for Windoze. seems to be quicker than AVG,
and it's free!
They also offer a version for Linux
JoeHill wrote
Takes more time, but in the long run,
if everyone did this, well, it would totally destroy the cost/benefit ratio for
spammers.
I do this religiously, using SpamCop...
Trouble is, virtually all the pharmacy/porn sites are either on Brazilian or
Chinese servers. they have abuse
From: J [EMAIL PROTECTED]
JoeHill wrote
I have resorted to doing a WHOIS on the domain name, and if any info is
found to be false, taking it up with the registrar... at least the site gets
pulled, if only to pop up elsewhere a day or so later.
Hey, Dude, where's your sense of fun? Every once
a Chinese ISP, I get sorry, mailbox over quota
Humph.
JRH
- Original Message -
From: jdow [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, December 17, 2004 9:34 PM
Subject: Re: [newbie] Virus laden e-mail
From: J [EMAIL PROTECTED]
JoeHill wrote
I have resorted to doing a WHOIS
On Wednesday 15 December 2004 11:35 pm, Todd Slater wrote:
On Wed, Dec 15, 2004 at 07:32:54PM -0500, Greg Meyer wrote:
Is anybody else on this list getting bombarded with virus laden e-mail
from a particular ip address in Australia?
Whoever it is is sending to the address that I use for
I figure the damage is already done by the time it gets to that mailbox
over quota message. The Chinese government probably raises heck with the
ISP Word is that they snoop EVERYTHING.
{^_-}
- Original Message -
From: J [EMAIL PROTECTED]
Hey, Dude, where's your sense of fun? Every
JoeHill wrote:
On Thu, 16 Dec 2004 16:32:49 +
Inhabitant of Zion disseminated the following:
I have set up so they all go straight to the trash but it sure is a
pain in the neck as I am having to remove from the trash about 1800
every hour.
So zap them before they even hit your machine:
According to the 'Received:' trace, the message originated at:
[220.244.219.186]
linux-mandrake.com (220-244-219-186-qld.tpgi.com.au
[220.244.219.186])
I have gotten 3-4 from the same IP range, all tpgi.com.au. I
usually warn users but no one ever pay attention so I figured I
has anyone heard of 'xunil live'?
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
I do not get any that are not picked up by either my filters or
clamav.
They get picked up but I get an annoying message sent to me by Clamav
saying a message with a virus was sent and has been quarantined.
So I get a mail to me to delete and a .msg and a .log file to get rid
of from the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 16 Dec 2004 00:32, Greg Meyer wrote:
Is anybody else on this list getting bombarded with virus laden e-mail from
a particular ip address in Australia?
Whoever it is is sending to the address that I use for the Mandrake lists,
so I am
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 16 Dec 2004 07:29, Charles A Edwards wrote:
On Thu, 16 Dec 2004 07:27:02 +
Inhabitant of Zion wrote:
I have been getting a load from Germany and also a shed load yesterday
from DHTMLcentral.
I feel neglected and under
On Thursday 16 December 2004 00:14, Hugh Dixon wrote:
What's the IP address?
I fit the profile, and as our windows admin is not around, I cannot
check the status of our antivirus software...
According to the 'Received:' trace, the message originated at:
[220.244.219.186]
On Thu, 16 Dec 2004 02:29:41 -0500
Charles A Edwards disseminated the following:
I have been getting a load from Germany and also a shed load yesterday
from DHTMLcentral.
I feel neglected and under privileged.
I do not get any that are not picked up by either my filters or clamav.
On Thursday 16 Dec 2004 14:37, JoeHill wrote:
On Thu, 16 Dec 2004 02:29:41 -0500
Charles A Edwards disseminated the following:
I have been getting a load from Germany and also a shed load yesterday
from DHTMLcentral.
I feel neglected and under privileged.
I do not get any that are
On Thu, 16 Dec 2004 16:32:49 +
Inhabitant of Zion disseminated the following:
I have set up so they all go straight to the trash but it sure is a
pain in the neck as I am having to remove from the trash about 1800
every hour.
So zap them before they even hit your machine:
So zap them before they even hit your machine:
Just found out how to set my server to return to sender all mails to
unknown users.
Not ideal but at least I am getting a bit of peace and quite again!
:-)
--
John Willby Registered Linux user number 321644
ICQ: 92791912 MSN: [EMAIL
On Thursday 16 December 2004 10:55, John Bowden wrote:
Ok you have got me worried now !Is it a win virus or one writen for Linux?
How do I check that clam is working and configure it. I have a smoothwall
firewall so I don't worry too much about the worms and it's logs tell me if
a trojan has
On Thu, 16 Dec 2004 15:55:22 +
John Bowden disseminated the following:
Ok you have got me worried now !Is it a win virus or one writen for Linux?
Guaranteed it's someone's Windows box has been zombied with a worm and is
spewing this crap.
As far as I know, there are *no* Linux viruses in
On Thursday 16 December 2004 05:46 am, Bryan Phinney wrote:
On Thursday 16 December 2004 00:14, Hugh Dixon wrote:
What's the IP address?
I fit the profile, and as our windows admin is not around, I cannot
check the status of our antivirus software...
According to the 'Received:' trace,
On Thu, 2004-12-16 at 11:32, Greg Meyer wrote:
Is anybody else on this list getting bombarded with virus laden e-mail from a
particular ip address in Australia?
Whoever it is is sending to the address that I use for the Mandrake lists, so
I am thinking it may be one of our newbie windows
On Thu, 2004-12-16 at 15:35, Todd Slater wrote:
On Wed, Dec 15, 2004 at 07:32:54PM -0500, Greg Meyer wrote:
Is anybody else on this list getting bombarded with virus laden e-mail from
a
particular ip address in Australia?
Whoever it is is sending to the address that I use for the
On Fri, 2004-12-17 at 02:55, John Bowden wrote:
On Thursday 16 Dec 2004 14:37, JoeHill wrote:
On Thu, 16 Dec 2004 02:29:41 -0500
Charles A Edwards disseminated the following:
I have been getting a load from Germany and also a shed load yesterday
from DHTMLcentral.
I feel
On Thu, 2004-12-16 at 21:46, Bryan Phinney wrote:
On Thursday 16 December 2004 00:14, Hugh Dixon wrote:
What's the IP address?
I fit the profile, and as our windows admin is not around, I cannot
check the status of our antivirus software...
According to the 'Received:' trace, the
Yes, your MSN monicker is indeed correct. You are a sillydilly.
Well OK then rather that telling me how stupid I am why not
make some sort of constructive suggestion.
I did a who-is search on host14-206.pool8172.interbusiness.it and got
bugger all.
Found out the IP to be 81.72.206.14
I
On Thu, 16 Dec 2004 15:07:02 -0800
jdow disseminated the following:
When I find some idiot doing this
Okay, that was a little much...and I'm an expert on such things, ask anyone
here! :-D
--
JoeHill / RLU #282046 / www.freeyourmachine.org
19:19:16 up 25 days, 10:30, 4 users, load average:
From: Inhabitant of Zion [EMAIL PROTECTED]
Yes, your MSN monicker is indeed correct. You are a sillydilly.
Well OK then rather that telling me how stupid I am why not
make some sort of constructive suggestion.
In a word: SpamAssassin
{^_^}
On Fri, 17 Dec 2004 00:14:56 +
Inhabitant of Zion disseminated the following:
I did a who-is search on host14-206.pool8172.interbusiness.it and got
bugger all.
Found out the IP to be 81.72.206.14
Do a whois on the IP :-)
I tried -
ipchains -A INPUT -s 81.72.206.14 -j DROP
Yes, your MSN monicker is indeed correct. You are a sillydilly.
Well OK then rather that telling me how stupid I am why not
make some sort of constructive suggestion.
I did a who-is search on host14-206.pool8172.interbusiness.it and got
bugger all.
Found out the IP to be 81.72.206.14
On Thursday 16 December 2004 20:09, JoeHill wrote:
Ideally what I want to do is to get my server to just say Bog off
when the delivery attempt is made.
Well, AFAIK, the only way to do that is with a bounce, and there's the rub.
Actually, not necessarily. In Postfix, if you setup to reject
From: JoeHill [EMAIL PROTECTED]
Ideally what I want to do is to get my server to just say Bog off
when the delivery attempt is made.
Well, AFAIK, the only way to do that is with a bounce, and there's the
rub. When
you bounce, you just doubled the 'damage' that the spam mail caused, and
as
From: Bryan Phinney [EMAIL PROTECTED]
On Thursday 16 December 2004 20:09, JoeHill wrote:
Ideally what I want to do is to get my server to just say Bog off
when the delivery attempt is made.
Well, AFAIK, the only way to do that is with a bounce, and there's the
rub.
Actually, not
Hi
OK I've read with interest some of your replies. It would seem that
what I have actually been doing is rejecting any emails sent to me
whereby the user is not registered on my server.
It would seem that the option in my server manager panel that handles
postfix and that I thought was
Hi
Its a windows virus -
Zafi.D
It seems it gets your address from somewhere and then starts sending
you an email every 2 seconds.
I have set up so they all go straight to the trash but it sure is a
pain in the neck as I am having to remove from the trash about 1800
every hour.
Glad I've got
On Thursday 16 Dec 2004 16:32, Inhabitant of Zion wrote:
Hi
Its a windows virus -
Zafi.D
It seems it gets your address from somewhere and then starts sending
you an email every 2 seconds.
I have set up so they all go straight to the trash but it sure is a
pain in the neck as I am having
On Thu, 16 Dec 2004 17:25:38 +
Inhabitant of Zion disseminated the following:
So zap them before they even hit your machine:
Just found out how to set my server to return to sender all mails to
unknown users.
Not ideal but at least I am getting a bit of peace and quite again!
To: [EMAIL PROTECTED]
So zap them before they even hit your machine:
Just found out how to set my server to return to sender all mails to
unknown users.
Not ideal but at least I am getting a bit of peace and quite again!
:-)
--
John Willby Registered Linux user number
On Wednesday 15 December 2004 07:32 pm, Greg Meyer wrote:
Is anybody else on this list getting bombarded with virus laden
e-mail from a particular ip address in Australia?
I got one a few hours ago, but so far just one and i thought it was
addressed to the list. I did what I always do with
From: Greg Meyer [EMAIL PROTECTED]
Is anybody else on this list getting bombarded with virus laden e-mail
from a
particular ip address in Australia?
Whoever it is is sending to the address that I use for the Mandrake lists,
so
I am thinking it may be one of our newbie windows users.
If you
On Wednesday 15 December 2004 11:28 pm, Dan Gordon wrote:
Oh yeah there is this new worm out was made just for Christmas.
Sick bast**s
Here is the link.
http://edition.cnn.com/2004/TECH/internet/12/15/holiday.worm/index.html
Regards,
Dan Gordon
--
Wed Dec 15 23:32:08 EST 2004
23:32:08 up
On Wed, Dec 15, 2004 at 07:32:54PM -0500, Greg Meyer wrote:
Is anybody else on this list getting bombarded with virus laden e-mail from a
particular ip address in Australia?
Whoever it is is sending to the address that I use for the Mandrake lists, so
I am thinking it may be one of our
] Virus laden e-mail
Is anybody else on this list getting bombarded with virus laden e-mail
from a
particular ip address in Australia?
Whoever it is is sending to the address that I use for the Mandrake
lists, so
I am thinking it may be one of our newbie windows users.
If you use windows
Hi
I have been getting a load from Germany and also a shed load yesterday
from DHTMLcentral.
Nice...
--
John Willby Registered Linux user number 321644
ICQ: 92791912 MSN: [EMAIL PROTECTED]
Linux is like a wigwam - No Gates, no Windows, Apache inside.
07:27:01 up 3 days, 22:35, 1 user,
On Thu, 16 Dec 2004 07:27:02 +
Inhabitant of Zion wrote:
I have been getting a load from Germany and also a shed load yesterday
from DHTMLcentral.
I feel neglected and under privileged.
I do not get any that are not picked up by either my filters or clamav.
Charles
--
Talking
Is anybody else on this list getting bombarded with virus laden e-mail from a
particular ip address in Australia?
Whoever it is is sending to the address that I use for the Mandrake lists, so
I am thinking it may be one of our newbie windows users.
If you use windows and are in Australia,
49 matches
Mail list logo
