Re: Fake Microsoft Security Emails
From: N. Miller (koko_at_soko.invalid)
Date: 10/13/03
- Next message: N. Miller: "Re: swen and direct nntp-harvesting"
- Previous message: Anon: "Re: Is Yahoo doing all it can to prevent the spread of viruses?"
- In reply to: Veronica Loell: "Re: Fake Microsoft Security Emails"
- Next in thread: Alun Jones [MS MVP]: "Re: Fake Microsoft Security Emails"
- Reply: Alun Jones [MS MVP]: "Re: Fake Microsoft Security Emails"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 13 Oct 2003 00:23:04 -0700
In article <#zj4Fv8jDHA.2416@TK2MSFTNGP10.phx.gbl>, lista-nospam@nakawe.se
says...
> I have been reporting SWEN-virus-emails as have others with some
> success.
I have never gotten so much as an "auto-ignore" when reporting viral
infections, nor any sign that the reports reached the infected party. At
last I get an occasional "auto-ignore" to my spam complaints; and once a
spammer wrote to whine, even!
> What you do is not try to get the ISP to give you the identity
> of an IP-adress, that would be a serious infringment on privacy no?
I don't know of an ISP that would give me that information.
> You report the infected email to the ISPs abuse-department...
Which promptly forwards the report to Mr. David Null. I no longer waste my
time trying.
> that will give them a chance to help their client get rid of the infection. I've only
> sent out about 120 reports and recieved maybe 50 responses, but it's
> better than nothing.
I have had zero responses, so I just don't bother.
> The fact of the matter is, a swen-infected computer
> is a problem for the ISP since it overloads their SMTP-server and of
> course people recieve infected emails originating from their servers.
Hmmm. I could check my logs, but I am sure that the majority of the attempts
to deliver Swen to me are direct from the connected computer, and not
through the SMTP server. Oh, and they aren't coming through my ISP's SMTP
server, either; rather, they are coming direct to my SMTP server, which
promptly rejects them without going to the DATA phase of the SMTP
transaction! ;)
> Also the client is who pays the bills, and a serious ISP will realise this.
It seems that my ISP is more concerned about other things...
> Bottom line. Report the virus-infected-emails.
Bottome line: I don't waste my time. I just reject the stuff.
> T 20031013 001442 3f88fa22 Connection from 202.205.136.33
> T 20031013 001443 3f88fa22 EHLO mail.neea.edu.cn
> T 20031013 001444 3f88fa22 MAIL From:<gaos@mail.neea.edu.cn>
> T 20031013 001449 3f88fa22 RCPT To:<2003ms09@aosake.net>
> E 20031013 001449 3f88fa22 RCPT from 202.205.136.33 - user <2003ms09@aosake.net> not known.
{My server sent "550 Address <2003ms09@aosake.net> not known." to the SMTP
server...}
> T 20031013 001449 3f88fa22 RSET
> T 20031013 001458 3f88fa22 QUIT
{This one looks like a real SMTP server sending it. No doubt they will just
bounce it to <gaos@mail.neea.edu.cn>, who may, or may not have been the
original sender. Their ISP needs to fix several problems on their end, if
they do. That ISP should have dumped the viral infection instead of sending
it on.}
> T 20031013 001458 3f88fa22 Connection closed with 202.205.136.33, 16 sec. elapsed.
Incidentally, to give you an idea of the scope of the problem, my ISP, SBC
Global (SBC Yahoo! DSL Service) has more customers across the SBC telco
regions of the U.S.A. than Sweden has people. And SBC is *not* the largest
provider of Internet service in the U.S.A.
-- Norman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint
- Next message: N. Miller: "Re: swen and direct nntp-harvesting"
- Previous message: Anon: "Re: Is Yahoo doing all it can to prevent the spread of viruses?"
- In reply to: Veronica Loell: "Re: Fake Microsoft Security Emails"
- Next in thread: Alun Jones [MS MVP]: "Re: Fake Microsoft Security Emails"
- Reply: Alun Jones [MS MVP]: "Re: Fake Microsoft Security Emails"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
