|
October 11, 2004, 02:42 AM
|
Moderator BC Editorial Team
|
|
Join Date: August 23, 2003
Posts: 3,494
|
|
Spam
Till now, we used to get spam and virus through the email address in the Profile and About page. Now it looks like spammers are sending mails as if they come from the addresses in the profile.
I usually delete them but checked the headers of one as it carried the hotmail address of bourny :
----
X-Spam-Status:
Yes, score=6.3 required=5.0 tests=BAYES_99, FORGED_HOTMAIL_RCVD2,MISSING_MIMEOLE,NO_REAL_NAME, PRIORITY_NO_NAME, RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL autolearn=no version=3.0.0
X-Spam-Report:
* 0.0 NO_REAL_NAME From: does not include a real name * 1.2 FORGED_HOTMAIL_RCVD2 hotmail.com 'From' address, but no 'Received:' * 1.9 BAYES_99 BODY: Bayesian spam probability is 99 to 100% * [score: 0.9969] * 0.1 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP * [80.218.244.158 listed in combined.njabl.org] * 2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address * [80.218.244.158 listed in dnsbl.sorbs.net] * 1.1 PRIORITY_NO_NAME Message has priority, but no X-Mailer/User-Agent * 0.0 MISSING_MIMEOLE Message has X-MSMail-Priority, but no X-MimeOLE
X-Spam-Flag:
YES
X-Spam-Checker-Version:
SpamAssassin 3.0.0 (2004-09-13) on cpanel.easywebbuilders.com
X-Spam-Level:
******
Message-Id:
----
Return-path:
Envelope-to:
tintin@banglacricket.com
Delivery-date:
Fri, 08 Oct 2004 04:24:40 -0500
Received:
from banglacr by cpanel.easywebbuilders.com with local-bsmtp (Exim 4.42) id 1CFqzN-0007KM-5g for tintin@banglacricket.com; Fri, 08 Oct 2004 04:24:40 -0500
Received:
from [80.218.244.158] (helo=banglacricket.com) by cpanel.easywebbuilders.com with esmtp (Exim 4.42) id 1CFqzM-0007KI-5x for tintin@banglacricket.com; Fri, 08 Oct 2004 04:24:37 -0500
----
What is happening here ? Is cpanel.easywebbuilders.com masquerading as bournie or something else ?
|
October 11, 2004, 05:48 AM
|
Cricket Legend
|
|
Join Date: August 4, 2004
Location: Adelaide, Australia
Posts: 3,199
|
|
what me? I dont understand what is all of that. I didnt send you any mail either. What is it.
|
October 11, 2004, 05:52 AM
|
Cricket Legend
|
|
Join Date: August 4, 2004
Location: Adelaide, Australia
Posts: 3,199
|
|
I cant see my name in there anywhere. Would it have come from my computer. Because the computer had viruses on it ages ago would it have gone through that. Im sorry for what ever that is. What does Spam mean.
|
October 11, 2004, 07:51 AM
|
Moderator BC Editorial Team
|
|
Join Date: August 23, 2003
Posts: 3,494
|
|
I am not at all accusing you bourny, you are completely innocent. The header clearly shows that it was forged by someone else. I can only assume he got it from your profile.
I am waiting for nasif or someone to comment on this.
It is the usual virus attachment. The complete headers look like this :
=======
Received:
from mail.banglacricket.com by web20822.mail.yahoo.com with YMEXTPOP; Mon, 11 Oct 2004 00:25:03 PDT
Return-path:
Envelope-to:
tintin@banglacricket.com
Delivery-date:
Fri, 08 Oct 2004 04:24:40 -0500
Received:
from banglacr by cpanel.easywebbuilders.com with local-bsmtp (Exim 4.42) id 1CFqzN-0007KM-5g for tintin@banglacricket.com; Fri, 08 Oct 2004 04:24:40 -0500
Received:
from [80.218.244.158] (helo=banglacricket.com) by cpanel.easywebbuilders.com with esmtp (Exim 4.42) id 1CFqzM-0007KI-5x for tintin@banglacricket.com; Fri, 08 Oct 2004 04:24:37 -0500
From:
bournie3@hotmail.com Add to Address Book
To:
tintin@banglacricket.com
Subject:
Important
Date:
Fri, 8 Oct 2004 11:25:02 +0200
MIME-Version:
1.0
Content-Type:
multipart/mixed; boundary="----=_NextPart_000_0011_00000849.000067B9"
X-Priority:
1
X-MSMail-Priority:
High
X-Spam-Status:
Yes, score=6.3 required=5.0 tests=BAYES_99, FORGED_HOTMAIL_RCVD2,MISSING_MIMEOLE,NO_REAL_NAME, PRIORITY_NO_NAME, RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL autolearn=no version=3.0.0
X-Spam-Report:
* 0.0 NO_REAL_NAME From: does not include a real name * 1.2 FORGED_HOTMAIL_RCVD2 hotmail.com 'From' address, but no 'Received:' * 1.9 BAYES_99 BODY: Bayesian spam probability is 99 to 100% * [score: 0.9969] * 0.1 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP * [80.218.244.158 listed in combined.njabl.org] * 2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address * [80.218.244.158 listed in dnsbl.sorbs.net] * 1.1 PRIORITY_NO_NAME Message has priority, but no X-Mailer/User-Agent * 0.0 MISSING_MIMEOLE Message has X-MSMail-Priority, but no X-MimeOLE
X-Spam-Flag:
YES
X-Spam-Checker-Version:
SpamAssassin 3.0.0 (2004-09-13) on cpanel.easywebbuilders.com
X-Spam-Level:
******
Message-Id:
Content-Length:
21589
Important notice!
|
October 11, 2004, 08:47 AM
|
Cricket Legend
|
|
Join Date: August 4, 2004
Location: Adelaide, Australia
Posts: 3,199
|
|
Oh ok sorry. should i take my email out from my profile
|
October 11, 2004, 08:51 AM
|
Retired BC Admin
|
|
Join Date: August 14, 2003
Location: pc near u
Posts: 8,021
|
|
One best way to fight spam, from my personal experience, is to forward all spams to uce@ftc.gov. Instead of forwarding, you can also SEND the headers giving a subject name Spam Reporting or something similar.
If you continue to do that for 2/3 weeks, you'll start seeing the lasting benefit.
For outlook express users, turn off that preview pane. It slows down the opening of an email a bit but definitely worth the wait.
Mail washer and Checkmail are two programs that allow you to preview and delete the email without downloading them from the server. You don't need these programs if you turn off the preview pane in outlook express.
|
October 11, 2004, 08:56 AM
|
Retired BC Admin
|
|
Join Date: August 14, 2003
Location: pc near u
Posts: 8,021
|
|
Quote:
Originally posted by bourny3
Oh ok sorry. should i take my email out from my profile
|
You could try tweaking a little. Instead of username@hotmail.com, use, username at hotmail dot com or something similar. Just make it harder for the spying bots.
I think Dr. Z once posted a more innovative way to publish emails. Forgot how to
|
October 12, 2004, 03:50 AM
|
Cricket Legend
|
|
Join Date: August 4, 2004
Location: Adelaide, Australia
Posts: 3,199
|
|
Yes i just took my email out of my profile. That is the best way to go i think
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is On
|
|
|
All times are GMT -5. The time now is 08:43 AM.
|
|