Results 1 to 7 of 7

Thread: strange email

  1. #1
    Junior Member
    Join Date
    Apr 2004
    Posts
    2

    Question strange email

    Hi all:
    I am new to this site and what i have seen so far it looks to be a great place to get answers. My question is:
    I have been getting strange email messages where the from line is just a bunch of nonsence letters with no subject line. The from line changes every time so sending it to junk mail does not work. I have just been deleting them but the other day I decided to look at it a little more closely to see what it was and where it was comming from. It is a Viagra message, real plain, I think in plain text form. No pictures just black and white. When I looked at the header it has a couple of different sender addresses. Tried to send to the sender addresses and it was undeliverable. Also notice a line in the header that says XOriginated and the address of one of our users on our network. I know she is not sending me the messages. What is going on here and what do I do to fix it.

    Another question not related, just curious.
    What is the purpose of installing your server OS on a seperate drive than the data. Does this add some kind of protection from viruses and operating system failures or minimixe problems?

  2. #2
    AO Guinness Monster MURACU's Avatar
    Join Date
    Jan 2004
    Location
    paris
    Posts
    1,003
    Ill try to answer your second question. The reason that you install your Os on one partion and set up a second partion for data is security. In my experiance the partion that has the most chance to become unreadable is the system partition or drive in the case of your question. While it is a pain in the b*** to have to reinstall your OS and all your programmes it is worst to loose your data. There is also a bit of a throw back to the age of computing when hard drives just were not that large. With the OS installed and the programmes there just wasnt much room for your data on the disk.
    I answered a bit quickly as i am about to leave the office but hope that helps a bit.
    \"America is the only country that went from barbarism to decadence without civilization in between.\"
    \"The reason we are so pleased to find other people\'s secrets is that it distracts public attention from our own.\"
    Oscar Wilde(1854-1900)

  3. #3
    It looks like it's spoofing adresses, pretending to come from sources it's not. I don't know much on that, but check out the recent tutorial written by The Duck at:

    http://www.antionline.com/showthread...hreadid=256977

    Stopping spam is an ongoing battle for which there is no easy solution. But a good place to start is by downloading some spam filtering tools such as SpamAssassin.

  4. #4
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    I have been getting strange email messages where the from line is just a bunch of nonsence letters with no subject line. The from line changes every time so sending it to junk mail does not work.
    Its spam, and if you can find a way to get rid of it.....than market it and make a million. They put junk in the from field and no subject in the subject field to get past spam filters. They also at times add umlauts and or special characters to also get past the spam filters.
    Also notice a line in the header that says XOriginated and the address of one of our users on our network. I know she is not sending me the messages. What is going on here and what do I do to fix it.
    That could be a spoofed address, probably mined by spyware on her machine, that captured your email address, so they could spam you (thats a guess by the way)
    What is the purpose of installing your server OS on a seperate drive than the data. Does this add some kind of protection from viruses and operating system failures or minimixe problems?
    As MURACU said, It is a way of attempting to protect data, but it doesn't really matter where your data is as long as you maintain and keep current backups of your data. As he also said that is a carry over from the days of very small hard drives.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  5. #5
    Junior Member
    Join Date
    Apr 2004
    Posts
    2

    Cool Thanks

    Thanks for all the responses. I did scan the users computer for spyware and removed all that was found. Hope that stops the spoofing at least.
    As for the seperate drives; you say security. Does that include viruses or just protection from system drive corruption?

  6. #6
    AFLAAACKKK!!
    Join Date
    Apr 2004
    Posts
    1,066
    Read my tut that angelic suggested. It's not the best tut written but follow the info and it will do you well. Even with a spoofed address, you will be able to find the culprit, unless they spoofed their IP address which is hard to do.
    I am the uber duck!!1
    Proxy Tools

  7. #7
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401

    Re: Thanks

    Originally posted here by mcsparky
    As for the seperate drives; you say security. Does that include viruses or just protection from system drive corruption?
    Just drive corruption. Remember that once a virus has infected your machine it has free reign on your machine so it can touch anything.

    A 'typical' setup on a corperate machine you would use a big machine that has a hardware raid scsi controller. You set it up using 2 disks as a mirror. Install the OS on that mirror. If one of your drives dies you can use the other one to quickly boot up the system. For your data you would use (at least) 3 disks in a raid 5 configuration. If one of the drives dies the system could still operate. It will run a bit slower but it still works and all your data is still intact. Continuity is also part of your network security!

    It also has some other security related pros. If you use IIS I can recommend disabling the default website and create a new website on the D: drive (provided you've installed windows on C: ). That way you can never get caught by any of the ../ tricks that end up in your windows directory (like Nimda did). In a way this does prevent infection.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •