<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

[anti-spam-wg@localhost] Doom etc

  • To: RIPE anti-spam WG < >
  • From: Anthony Mellor < >
  • Date: Tue, 3 Feb 2004 17:25:59 +0100

Dear All,

I am a user (despite some remarks I make below) who usually silently watches/lurks this list with interest, looking for hints I can use. However, I keep receiving warnings and after the remark about Guiseppe's Corner Shop wonder if someone might offer a little guidance.

Copy below of a warning message, offers no means of response so I usually ignore them (take that as guidance, not a request for advice please, you'll see why I ignore below.)

I never sent such a message - presumably I was spoofed....
I do not know the addressee - who now thinks I stink.
I never send zip files
I use a mac (my network is firewalled with Zywall (yes it's enabled)
I do not use Outlook (even for the mac)

also:

I am being bombarded with messages from .ru sites all of which contain executables (for pc) and I delete every one on sight; they seem to be trying to tempt me to click on an executable by hiding it in pifs exes and all sorts, inside folders and so on. As I identify targetted "users" I block the user names (because there is only one user on the suffering domain, me). I don't want to switch the "catch all" off. Said domain was used recently by spoofing to attack aol, but I had a long chat with them and their systems are clever enough to catch the underlying sending ip address.

I receive many brightmail messages saying this and that has been vaped, but I do not recognise anything they mention as having been sent by me.

I have spent ages on the phone to (one of) my main service provider and they assure me all my sending domains are secure (pop before send and now authenticated SMTP).

If someone has the time and generosity to engage with me on these matters I would be grateful, if not having spent a month learning (basics, site wide, 23 domains) and setting up spamassassin last year, I understand everyone has their own problems.

I observe that while notifications like these are necessary, they do not offer the user anything but the frustration of knowing we are being used and we can't stop it and are left largely helpless.

grr.. there should be no defence anywhere on the planet for these people; this is my livelihood's chargeable earning time being lost daily.

So in the hope of understanding.

Regards,

Anthony

at mellor.com and various other multifarious addresses.

Anthony Mellor FCA.
Mellor & Co
Chartered Accountants and unwilling unix boffins - not


Here's the copy mentioned above:

This is a mail anti-virus program at host AILE
The mail system received a message from you (anthony@localhost)
destined to
ailer@localhost
that contains either infected or suspicious file(s)
and it has not reached the above destination(s).

Antivirus message(s):
archive: Mail
archive: ZIP
infected: I-Worm.Mydoom.a


Please clean up your machine using antivirus software before trying
to send any new mail, and resend the message if you need. Or or ask
your system administrator for help.

Please, do not respond to *this* message you're reading now --
your response will be lost. I, the antivirus program, will be unable
to read your response, sorry... :)
Reporting-MTA: dns; AILE

Final-Recipient: rfc822; ailer@localhost
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Avcheck; service unavailable. archive: Mail
archive: ZIP
infected: I-Worm.Mydoom.a




  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>