J. Craig Woods wrote: > Damian G wrote: > >> >> but my point is, probably you can't track it down to a single person, >> virtually >> everyone who has you on their adress book can be sending them.. >> >> HTH > > > SHEESH! > > Why in hell would I worry about a virus written for a windoze machine > running outlook? I don't do windoze. You do, however, Damian, make the > point I was trying to get across. If you are getting one on these > infected emails sent to you, and the mail service is advising you that > you are the originator of the email but you are clearly not the > originator. Then it is my contention that the infected machine must > have your address. It is a no-brainer! How in hell would the code in > the virus "know" to use your email address as the sender: YOU ARE IN > THE ADDRESS BOOK ON THAT INFECTED MACHINE. > > Pierre, send me your email address offline, and I will send you the > headers you have requested .... > Craig Woods > aka Dr John > The Night Tripper > > <chuckles>
My response to spammers who would not quit was a little mailbox crush routine, like a few hundred copies of /proc/kmem sent to his address with his own spoofed origin address and reply-to address. Naturally once his mailbox filled up, his mailserver would continue to send him bounce messages (mailbox-full) probably faster than he could make space. What we have here is a mail virus on the infected machine either choosing randomly among the address books on that machine and happening to fill out the origin field with your address or perhaps deliberately doing so. In other words, if the To: field has your address, so can the From: and the Reply-To:. It is all just text. What most folk don't know is that you can send email with telnet and a connection to the right port on a relaying machine or the receiving machine, and the whole header is _just_ text which you can type freehand(but you better not make a typo, cause you cannot backspace). Relaying servers add their own text to the headers but do not disturb the original fields. I no longer crush mailboxes. I decided that just hitting the delete key was enough to deal with SPAM and anything else is considerably worse than the disease itself, but I do remember the technique (And you can bet my mailserver has some sensible defaults for multiple bounces, since it is mine.) As far as your ISP claiming you are the origin of your own virus or spam... Well I would give serious thought to looking for a more knowledgeable ISP (usually costs more, but it is worth it.). My ISP gives me access and DNS and everything else I do myself. Civileme
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
