Re: Unusual email recieved
From: Ned Flanders (nedfla@hotmail.com)
Date: 11/26/02
- Next message: Ned Flanders: "Re: Message"
- Previous message: Rene de Veer: "Cannot download after MS02-047 security patch for IE"
- In reply to: Moi?: "Re: Unusual email recieved"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Ned Flanders" <nedfla@hotmail.com> Date: Tue, 26 Nov 2002 09:55:28 -0600
Or it's simply a virus/worm, as Bill mentioned.
Never attribute to malice that which can be explained by stupidity.
IOW Don't say "They did it because they're evil" if the word "evil" can be
replaced by "an airhead".
Moi? <dasubscribe@marble.net.au> said (and I quote):
> The true idiot is the person with the open mail relay.
>
> Try the following on a server
>
> telnet (server IP) 25
> helo yahoo.com
> mail from: (sourceaddress)
> rcpt to: (destinationaddress)
> data
> This is an open relay test
> .
> rset
> quit
>
> This opens a mail session to a server
> authenticates as a real domain name
> mail from: This is just a text field, requiring the @ symbol in it.
> Some actually check for domain names, but these are few and far
> between rcpt to: This is the email address that is being sent to.
> At this stage, the mail server should reply Cannot relay for (address)
> Message body
> . (The full-stop ends data input when preceeded and proceeded by
> character returns
> rset (Resets transaction. Implies connection ending)
> quit (duh)
>
> When the SMTP server doesn't error with can't relay for..., you can
> put in any address you feel like, including george.w.busch@us.gov
> You can view the properties of the mail, but it will only show the IP
> of the open relay, not the person that sent it. The chances of the
> SMTP server having logs of the IP that sent the message are
> exceptionally small. Even if you do, you then need to track down the
> ISP that owns the IP address, and ask them to find out who had this
> IP at the time. The chances of this happening, and them cooperating
> are smaller again. There is always the small chance that this was a
> good, experienced hacker, who could hide their IP address. This is
> fortunately, unlikely, but not impossible.
>
> All in all, it is too much trouble. You could, with a lot of effort,
> probably find out the answer, but how much is your time worth?
>
>
> "Clayton Jackson" <cjacksonii@mail2mypc.com> wrote in message
> news:152c501c29498$b1f0e6d0$8df82ecf@TK2MSFTNGXA02...
>> Greetings. I was checking my email, and found an email
>> from a person calling himself "user" with my email address
>> being used as the from field. In the message itself was a
>> Windows 98 Product ID and Product Key. My first thought is
>> that it was a virus sending it out to people, masking the
>> email address as their own. [I only use web based email,
>> so that nothing can go out via Outlook Express that's
>> viral in nature, nor can I recieve an email virus.]
>>
>> I know for a fact that I did not send this out, and would
>> like to find out who to contact to report this occuring,
>> so that if this idiot[to use a nice word] has sent this
>> same email to other people using my email address, that I
>> won't be caught in the crossfire.
>>
>> The message looked like this, taking out the Product ID
>> and Key, just in case it's a valid ID and Key, of another
>> person who uses Windows 98:
>>
>> ---- Message follows -----
>> Hello,
>>
>> Product Name: Microsoft Windows 98
>> Product Id: xxxxx-OEM-xxxxxxx-xxxxx
>> Product Key: xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
>>
>> Process List:
>> _Oscar_SoundMonitor
>> PG Monitor
>>
>> Thank you.
>> ---- End of copied message ----
>>
>> Any assistance on what this is, who might have sent it, or
>> where to contact about this, would be greatly appreciated.
>>
>> Thanks in advance
>> Clayton Jackson
- Next message: Ned Flanders: "Re: Message"
- Previous message: Rene de Veer: "Cannot download after MS02-047 security patch for IE"
- In reply to: Moi?: "Re: Unusual email recieved"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
