| ECS Home Automation and Security Archives |
| Subject: From: Date: | RE: [ecs] A more clever example of a spoof email (IMPORTANT) Mark Gilmore Thu, 20 May 2004 18:33:50 -0700 |
Hi Martin, You would have no such concerns with Eudora (the quality freeware email pgm), as it is *much* more secure than OutLook. I've used it for many years now, and have never been infected by reading an email. It also maintains its in/out/trash boxes as TEXT files (a capital offence to an MS programmer :-)). Later... At 06:24 PM 5/20/2004 -0700, you wrote: >While we are at it, there's an eBay fake that runs around as "question >to seller". > >This one is clever: all you have to do is open it, or have it appear in >a preview pane, and you have been infected with two or three Trojans. >That's right, all you have to do is look and you could be nailed. > > >A good thing to do is go to the Trend Micro, Symantec, or Adaware >websites and run their free virus scanners. > >-----Original Message----- >From: Neil Cherry [mailto:ncherry@comcast.net] >Sent: Thursday, May 20, 2004 5:26 PM >To: ecs@netbloc.com >Subject: Re: [ecs] A more clever example of a spoof email (IMPORTANT) > >One of the things I normally do with any suspicious email is to >"look at it's source" (CTRL-U on Mozilla, Thunderbird). Here is an >example of the top part of your message (the headers): > > >======================================================================== >===== > > From - Thu May 20 20:16:06 2004 >X-UIDL: 20040521001728s1500g0aune000nam >X-Mozilla-Status: 0001 >X-Mozilla-Status2: 10000000 >Received: from pork.netbloc.com ([24.85.240.246]) > by sccrmxc15.comcast.net (sccrmxc15) with SMTP > id <20040521001726s1500istc2e>; Fri, 21 May 2004 00:17:27 >+0000 >X-Originating-IP: [24.85.240.246] >Received: (qmail 11523 invoked by uid 515); 21 May 2004 00:17:01 -0000 >Mailing-List: terms of use <http://netbloc.com/info/use/> >Precedence: bulk >X-No-Archive: yes >Reply-To: ecs@netbloc.com >List-Info: <http://netbloc.com/ecs/> >Delivered-To: mailing list ecs@netbloc.com >Received: (qmail 11498 invoked by uid 523); 21 May 2004 00:17:01 -0000 >X-Spam-Status: No, hits=1.3 required=4.0 >X-Spam-Level: + >Message-Id: <5.2.1.1.0.20040520171613.0360e1b0@mail.markgilmore.net> >X-Sender: mark1@markgilmore.net@mail.markgilmore.net >X-Mailer: QUALCOMM Windows Eudora Version 5.2.1 >Date: Thu, 20 May 2004 17:16:39 -0700 >To: ecsl@netbloc.com,ecs@netbloc.com >From: Mark Gilmore <mark@OmnipotenceSoftware.com> >Mime-Version: 1.0 >Content-Type: multipart/mixed; x-avg-checked=avg-ok-AC8169F; >boundary="=======68464FC9=======" >X-Qmail-Scanner-Message-ID: <108509862067211478@pork.netbloc.com> >Subject: [ecs] A more clever example of a spoof email (IMPORTANT) > > >======================================================================== >===== > >Usually the received is the most important part but sometime I look >further. >BTW, it is possible for the end portions of the received to contain >junk. You >really need to figure out how to read them. Since I've been doing this >since >the UUCP days (njc!diane.uucp!rutgers.edu) I've gotten used to reading >the >headers. :-) > >BTW, it's interesting how your X-Sender has 2 @'s in it. Your system >sends >through 2 'systems' which maybe 2 software sub-systems on the same >computer. > > > >-- >Linux Home Automation Neil Cherry ncherry@comcast.net >http://home.comcast.net/~ncherry/ (Text only) >http://linuxha.sourceforge.net/ (SourceForge) >http://hcs.sourceforge.net/ (HCS II) > > > > >--- >Incoming mail is certified Virus Free. >Checked by AVG anti-virus system (http://www.grisoft.com). >Version: 6.0.687 / Virus Database: 448 - Release Date: 5/16/2004 Mark Gilmore http://OmnipotenceSoftware.com
--- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.687 / Virus Database: 448 - Release Date: 5/16/2004