facebook Twitter RSS Feed YouTube StumbleUpon

Home | Forum | Chat | Tours | Articles | Pictures | News | Tools | History | Tourism | Search

 
 


Go Back   BanglaCricket Forum > Miscellaneous > Support

Support Help & Support

Reply
 
Thread Tools Display Modes
  #1  
Old October 11, 2004, 02:42 AM
Tintin Tintin is offline
Moderator
BC Editorial Team
 
Join Date: August 23, 2003
Posts: 3,490
Default Spam

Till now, we used to get spam and virus through the email address in the Profile and About page. Now it looks like spammers are sending mails as if they come from the addresses in the profile.

I usually delete them but checked the headers of one as it carried the hotmail address of bourny :

----

X-Spam-Status:
Yes, score=6.3 required=5.0 tests=BAYES_99, FORGED_HOTMAIL_RCVD2,MISSING_MIMEOLE,NO_REAL_NAME, PRIORITY_NO_NAME, RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL autolearn=no version=3.0.0
X-Spam-Report:
* 0.0 NO_REAL_NAME From: does not include a real name * 1.2 FORGED_HOTMAIL_RCVD2 hotmail.com 'From' address, but no 'Received:' * 1.9 BAYES_99 BODY: Bayesian spam probability is 99 to 100% * [score: 0.9969] * 0.1 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP * [80.218.244.158 listed in combined.njabl.org] * 2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address * [80.218.244.158 listed in dnsbl.sorbs.net] * 1.1 PRIORITY_NO_NAME Message has priority, but no X-Mailer/User-Agent * 0.0 MISSING_MIMEOLE Message has X-MSMail-Priority, but no X-MimeOLE

X-Spam-Flag:
YES
X-Spam-Checker-Version:
SpamAssassin 3.0.0 (2004-09-13) on cpanel.easywebbuilders.com
X-Spam-Level:
******
Message-Id:

----
Return-path:

Envelope-to:
tintin@banglacricket.com
Delivery-date:
Fri, 08 Oct 2004 04:24:40 -0500

Received:
from banglacr by cpanel.easywebbuilders.com with local-bsmtp (Exim 4.42) id 1CFqzN-0007KM-5g for tintin@banglacricket.com; Fri, 08 Oct 2004 04:24:40 -0500
Received:
from [80.218.244.158] (helo=banglacricket.com) by cpanel.easywebbuilders.com with esmtp (Exim 4.42) id 1CFqzM-0007KI-5x for tintin@banglacricket.com; Fri, 08 Oct 2004 04:24:37 -0500


----


What is happening here ? Is cpanel.easywebbuilders.com masquerading as bournie or something else ?
Reply With Quote
  #2  
Old October 11, 2004, 05:48 AM
bourny3 bourny3 is offline
Cricket Legend
 
Join Date: August 4, 2004
Location: Adelaide, Australia
Posts: 3,199

what me? I dont understand what is all of that. I didnt send you any mail either. What is it.
Reply With Quote
  #3  
Old October 11, 2004, 05:52 AM
bourny3 bourny3 is offline
Cricket Legend
 
Join Date: August 4, 2004
Location: Adelaide, Australia
Posts: 3,199

I cant see my name in there anywhere. Would it have come from my computer. Because the computer had viruses on it ages ago would it have gone through that. Im sorry for what ever that is. What does Spam mean.
Reply With Quote
  #4  
Old October 11, 2004, 07:51 AM
Tintin Tintin is offline
Moderator
BC Editorial Team
 
Join Date: August 23, 2003
Posts: 3,490

I am not at all accusing you bourny, you are completely innocent. The header clearly shows that it was forged by someone else. I can only assume he got it from your profile.

I am waiting for nasif or someone to comment on this.

It is the usual virus attachment. The complete headers look like this :

=======

Received:
from mail.banglacricket.com by web20822.mail.yahoo.com with YMEXTPOP; Mon, 11 Oct 2004 00:25:03 PDT
Return-path:

Envelope-to:
tintin@banglacricket.com
Delivery-date:
Fri, 08 Oct 2004 04:24:40 -0500
Received:
from banglacr by cpanel.easywebbuilders.com with local-bsmtp (Exim 4.42) id 1CFqzN-0007KM-5g for tintin@banglacricket.com; Fri, 08 Oct 2004 04:24:40 -0500
Received:
from [80.218.244.158] (helo=banglacricket.com) by cpanel.easywebbuilders.com with esmtp (Exim 4.42) id 1CFqzM-0007KI-5x for tintin@banglacricket.com; Fri, 08 Oct 2004 04:24:37 -0500
From:
bournie3@hotmail.com Add to Address Book
To:
tintin@banglacricket.com
Subject:
Important
Date:
Fri, 8 Oct 2004 11:25:02 +0200
MIME-Version:
1.0
Content-Type:
multipart/mixed; boundary="----=_NextPart_000_0011_00000849.000067B9"
X-Priority:
1
X-MSMail-Priority:
High
X-Spam-Status:
Yes, score=6.3 required=5.0 tests=BAYES_99, FORGED_HOTMAIL_RCVD2,MISSING_MIMEOLE,NO_REAL_NAME, PRIORITY_NO_NAME, RCVD_IN_NJABL_DUL,RCVD_IN_SORBS_DUL autolearn=no version=3.0.0
X-Spam-Report:
* 0.0 NO_REAL_NAME From: does not include a real name * 1.2 FORGED_HOTMAIL_RCVD2 hotmail.com 'From' address, but no 'Received:' * 1.9 BAYES_99 BODY: Bayesian spam probability is 99 to 100% * [score: 0.9969] * 0.1 RCVD_IN_NJABL_DUL RBL: NJABL: dialup sender did non-local SMTP * [80.218.244.158 listed in combined.njabl.org] * 2.0 RCVD_IN_SORBS_DUL RBL: SORBS: sent directly from dynamic IP address * [80.218.244.158 listed in dnsbl.sorbs.net] * 1.1 PRIORITY_NO_NAME Message has priority, but no X-Mailer/User-Agent * 0.0 MISSING_MIMEOLE Message has X-MSMail-Priority, but no X-MimeOLE
X-Spam-Flag:
YES
X-Spam-Checker-Version:
SpamAssassin 3.0.0 (2004-09-13) on cpanel.easywebbuilders.com
X-Spam-Level:
******
Message-Id:

Content-Length:
21589

Important notice!
Reply With Quote
  #5  
Old October 11, 2004, 08:47 AM
bourny3 bourny3 is offline
Cricket Legend
 
Join Date: August 4, 2004
Location: Adelaide, Australia
Posts: 3,199

Oh ok sorry. should i take my email out from my profile
Reply With Quote
  #6  
Old October 11, 2004, 08:51 AM
chinaman chinaman is offline
Retired BC Admin
 
Join Date: August 14, 2003
Location: pc near u
Posts: 8,021

One best way to fight spam, from my personal experience, is to forward all spams to uce@ftc.gov. Instead of forwarding, you can also SEND the headers giving a subject name Spam Reporting or something similar.

If you continue to do that for 2/3 weeks, you'll start seeing the lasting benefit.

For outlook express users, turn off that preview pane. It slows down the opening of an email a bit but definitely worth the wait.

Mail washer and Checkmail are two programs that allow you to preview and delete the email without downloading them from the server. You don't need these programs if you turn off the preview pane in outlook express.
Reply With Quote
  #7  
Old October 11, 2004, 08:56 AM
chinaman chinaman is offline
Retired BC Admin
 
Join Date: August 14, 2003
Location: pc near u
Posts: 8,021

Quote:
Originally posted by bourny3
Oh ok sorry. should i take my email out from my profile
You could try tweaking a little. Instead of username@hotmail.com, use, username at hotmail dot com or something similar. Just make it harder for the spying bots.

I think Dr. Z once posted a more innovative way to publish emails. Forgot how to
Reply With Quote
  #8  
Old October 12, 2004, 03:50 AM
bourny3 bourny3 is offline
Cricket Legend
 
Join Date: August 4, 2004
Location: Adelaide, Australia
Posts: 3,199

Yes i just took my email out of my profile. That is the best way to go i think
Reply With Quote
Reply

Bookmarks


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On



All times are GMT -5. The time now is 04:36 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.
BanglaCricket.com
 

About Us | Contact Us | Privacy Policy | Partner Sites | Useful Links | Banners |

© BanglaCricket