Re: Pesky virus
From: Mike Ramirez (mike_at_thexxxhost.com)
Date: 07/23/04
- Previous message: Joel Jaeggli: "Re: Pesky virus"
- In reply to: James Marcinek: "Re: Pesky virus"
- Next in thread: Scot L. Harris: "Re: Pesky virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: James Marcinek <jmarc1@jemconsult.biz>, For users of Fedora Core releases <fedora-list@redhat.com> Date: Fri, 23 Jul 2004 09:49:21 -0700
If its open relay they can; you can configure your email server to have
your users authenticate before connecting to the smtp server then its
safer. But if someone still hacks in then you can block that IP with
the Firewall and setup a mail proxy.
Then with that IP find out who owns it and contact them and explain the
situation and you might be asked to provide the headers to the spoofed
emails for verification. That should get you closer to the culprit or to
the culprit if they didn't use a proxie themselves.
Exim which I use on all my servers isn't open relay and has users
authenticate through the pop server first before letting them use the
smtp server.
On Fri, 2004-07-23 at 09:23, James Marcinek wrote:
> I'm no expert at this but I did some reading and was under the
> impression that people will use your mail server to send emails and
> that there's not a lot that can be done about it. I would definitely
> like to be proven wrong with this. The simply script something to
> telnet into your mail port and send emails... These emails are
> generated from your server so even setting your email to send only
> from your domain does not protect you. Is anyone listening that could
> shed some more light on this?
>
> Thanks,
>
> James
>
> For users of Fedora Core releases <fedora-list@redhat.com> wrote:
> > I had one of these said it was checked by norton. even put
> > www.norton.de in the footer. 2 problems with it 1. I don't use
> Windows
> > muchless norton 2. I'm in the US not Germany. Just to be on the safe
> > side and to see if it did affect me. I ran clamav that day and I was
> > clean.
> >
> >
> > On Fri, 2004-07-23 at 08:14, Michael Sullivan wrote:
> > > I've got a small problem. Last week I received in my
> > > non-espersunited.com email account an email from someone I don't
> know
> > > with an .exe file as an attachment. Naturally I assumed that this
> was a
> > > virus, and wrote back to the email address it was from informing
> them
> > > that they had a virus. I've received several similar emails on
> through
> > > the week, most were unique but all followed the same format: One
> line
> > > of text and then the attachment link, usually a .exe or a .zip
> file. I
> > > haven't opened any of them, but in the past couple of days I've
> begun
> > > seeing them in my espersunited.com email accounts. I wasn't too
> worried
> > > about it until this morning, when I received a message from
> another SMTP
> > > server saying that my mail was undeliverable to some person's
> email
> > > account. I looked at the message sent and it was indeed from me,
> but
> > > the message body held the same one line and thesame EXE/ZIP file
> > > attachment as the ones I'd received from multiple sources. I use
> > > evolution as my email client. Could I be infected with this virus?
> I
> > > didn't think Linux was susceptible to virii - only hostile shell
> > > scripts. Is there a way I can test if I am infected, and if I am,
> is
> > > there a way to find the virus so that I can destroy it?
> > >
> >
> >
> > --
>
>
>
>
> ______________________________________________________________________
> --
> fedora-list mailing list
> fedora-list@redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Joel Jaeggli: "Re: Pesky virus"
- In reply to: James Marcinek: "Re: Pesky virus"
- Next in thread: Scot L. Harris: "Re: Pesky virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
