Re: Need antispam software - mysterious spam encountered

From: Jeff G (JeffG_at_Nospam.net)
Date: 12/26/04 

Date: Sun, 26 Dec 2004 08:13:12 GMT

Moe Trin wrote:
> In article <jhhvd.753191$8_6.686917@attbi_s04>, Jeff wrote:
>
>
>>In particular, is anyone familiar with a program that returns an email with
>>appropriate headers, messages, etc. to make it look like the address is
>>nonexistant?
>
>
> Doesn't work that way. See RFC2821
>
> 1. A properly configured mail server should know all of the valid addressees
> that it should accept mail for, and reject mail to other addressees at the
> SMTP stage.
>
> 2. While RFC2821 Section 2.4 does say that [quote] Delivery SMTP systems MAY
> reject ("bounce") such messages rather than deliver them. [en-quote], most
> mail administrators agree that such bounces are nearly always useless,
> especially with respect to spam that ALWAYS has fake headers.
>
>
>>Its for personal use. I bought printer ink on EBay several days ago, but
>>never did I use my ISP provided email address in any portion of
>>communication or transaction or payment for the ink. But this morning I
>>received a piece of spam asking if I want to save on printer ink and
>>supplies.
>
>
> Has your ISP address ever been seen on the Internet ANYWHERE? Is your
> address guessable (common name, or combination)? Nearly all spam is
> sprayed at any conceivable address - without caring if it's real or not.
>
> You may want to send mail to yourself in the same way you normally
> send mail(send it from yahoo to comcast, or vice versa), and then
> examine the RAW mail (including the raw headers) to see what hints
> your mail tool may be including in your outgoing mail. You may be
> unpleasantly surprised.
>
>
>>I suppose I'll have to install an antispam filter in my email client (or use
>>its own filter) to delete anything with keywords ink and printer in it.
>
>
> Oh, so you don't mind the spam that's flogging various pills, p*n*s
> enhancers, mortgage referrals, and so on? Get a filter that deletes
> the spam on the ISPs POP server - there are plenty of them, including
> those that can run on your windoze box.
>
>
>>How could this address possibly have been mined??? (With reference to
>>mining, I did sweeps of my entire HDs with at least four different
>>up-to-date antispyware/adware/malware scanners in the past seven days.
>
>
> Do you use this address at all? It could be someone who has your address
> in their buddy list or address book as well. I've never used the official
> username for this ISP, and they allow up to 4 other addresses that I can
> replace monthly. As a result, three of my family now only know a temporary
> address for me, which indeed changes monthly for some magic reason.
>
>
>>And I empty my cookie files almost daily.)
>
>
> But does your computer (nevermind the browser that you are apparently
> using as a news reader, and probably a mail tool as well) know that
> real address? You're using Outhouse Express under windoze - which isn't
> exactly noted as being a secure thing.
>
> Old guy

Well, I finally installed Thunderbird and made it my default email
client. I use either MyIE2 or Mozilla as my browser, so the only time I
have to use IE is to check for Windows Updates. I could use one of my
other browsers to do so, but the shortcut placed in my start menu
launches IE to check for updates, and it doesn't seem important enough
to change. Hopefully Microsoft is not so careless as to allow hackers
to redirect users trying to connect to the Windows Update website.

And that ink-toner spam item was an isolated event. Its just a really
bizarre coincidence that I happened to order ink cartridges using one of
my internet accounts just a couple days before that piece of spam arrived.

Relevant Pages

  • Re: Need antispam software - mysterious spam encountered
    ... especially with respect to spam that ALWAYS has fake headers. ... >communication or transaction or payment for the ink. ... Has your ISP address ever been seen on the Internet ANYWHERE? ...
    (alt.computer.security)
  • Re: Cant copy "Message Source" area ?
    ... It didn't bring up the message source. ... > into the spam for the ISP to block them? ... The people designing the filters want to see the full headers ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Cant copy "Message Source" area ?
    ... Forwarding the full message to ISP ... analyze the contents of Spam email, ... Microsoft Online Partner Support ... The people designing the filters want to see the full headers ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Cant copy "Message Source" area ?
    ... You were saying that you knew that that is what you should be able to do to capture headers but were unable to for some reason. ... into the spam for the ISP to block them? ... BTW have you misunderstood Sean Wu's second tip about using ... If your ISP would accept that it would be ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Junk Email - Obvious SPAM being overlooked
    ... The RFCs do not define what constitutes SPAM. ... The actual routing of the email is indeed included in the message headers. ... Now, while it is true that I am a single recipient of the email, I own my ... filter them out, and certainly *not* harmful. ...
    (microsoft.public.outlook)