Tarry for the Nonce

October 9, 2006

A Plea for Help

Filed under: Science — lmwalker @ 1:08 pm

With spam being a constant annoyance, I don’t always have time to figure out how and where and why a new attack is occurring, so I’ll ask . . .

Does anyone reading this blog know how someone would be sending spam (ostensibly) from my email address, so that I am bombarded with “Mail Delivery Failure” notifications from firewalls? Is it really easy to spoof? Is there anything I can do to stop it?

Advertisements

4 Comments

  1. These aren’t likely coming from you or your computer, rather its a spam trick. I’ve seen some of my own recently as well, so it must be ‘going around.’ If you are getting a lot of these, you may want to ask your ISP what the deal is, and, specifically, what mail server they are using (assuming you don’t run your own). If they respond w/ Microsoft, then you know you’re screwed.

    Seriously, tho, if they keep their systems patched w/ the latest security levels, specifically for sendmail/postfix/qmail, then I would think you’re ok.

    The way to know if this is really a trojan or worm is to check the addresses in the headers or attached headers. I’d bet my bottom dollar (whatever that means) that you do not have any of the people in the headers in any of your email lists.

    Comment by Andrew P. — October 9, 2006 @ 8:21 pm

  2. Check this out… I think this is what you might be seeing (albeit, its a bit more advanced these days…)…

    http://virusbusters.itcs.umich.edu/forged_spam.html

    The easy way out is to change/get rid of your alias/email address. I’ll even send a fake email to you to show you how easy it is… its about as simple as leeching telnet/ftp passwords…hence why the industry really doesn’t use that (or SSH1 for that matter) anymore.

    Good luck!

    Comment by Andrew P. — October 9, 2006 @ 8:27 pm

  3. An email address is trivial to spoof. Preventing someone from sending email “from” you is the same as preventing them from sending email to you: don’t reveal your address. Once it’s out, there’s nothing you can do.

    Comment by Toly — October 12, 2006 @ 9:11 am

  4. Perhaps IPV6 will solve our spam woes…if only the guy who was working on it hadn’t died….

    Comment by Andrew P. — October 16, 2006 @ 2:40 pm


RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Create a free website or blog at WordPress.com.

%d bloggers like this: