Spam question.
dragonV8
not here much New
Every so often i check the details of the sender of spam in MailWasher. Yesterday i came across one which had something like this "ACDLKMYTGFQ" in front of a genuine Aussie email addy.
I copied the email addy without the rubbish, pasted into the Google searchbar and came across one link to an entry in a guest book.
The email account is from the same ISP as we use (in Aus). I believe him to be in his fifties from his email name (johnw50) and the entry in the guest book.
Would it be worth my time/effort to try and contact the person to explain he may be infected and not know it?
Just curious what you guys/girls think.
Should i be successful to redirect him to say, the security discussion area in S-M, i feel i might be doing my bit to eliminate part of the spam problem.
I realise it is only a tiny drop in a great big ocean, but it all helps.
It is not my intention to become some sort of "Masked Avenger" against spammers. Just would like to help some poor soul who may not have the knowledge about infections, spyware etc, like everyone here.
Jon A.
I copied the email addy without the rubbish, pasted into the Google searchbar and came across one link to an entry in a guest book.
The email account is from the same ISP as we use (in Aus). I believe him to be in his fifties from his email name (johnw50) and the entry in the guest book.
Would it be worth my time/effort to try and contact the person to explain he may be infected and not know it?
Just curious what you guys/girls think.
Should i be successful to redirect him to say, the security discussion area in S-M, i feel i might be doing my bit to eliminate part of the spam problem.
I realise it is only a tiny drop in a great big ocean, but it all helps.
It is not my intention to become some sort of "Masked Avenger" against spammers. Just would like to help some poor soul who may not have the knowledge about infections, spyware etc, like everyone here.
Jon A.
0
Comments
Enough spam is sent by trojans that anyone who has that address in his\her computers email address records could be really sending the spam. Unless you find out what virus exactly, and know that that virus sent the email, and know thta that virus does not have trojan component, odds are that the from is spoofed because many many viruses spoof and those that do not are older-- ie the from is probably false.
If I get a lot of emails from one address, I forward them to an ISP address designed to accept virused email, or send just the headers, but to my ISP. Then my ISP filters them. IF you know the person as a friend, might be worth simply making sure he\she has updated the virus defs and AV software on his\her computer and has a scan happening daily. If they ask why, tell them it is a good thing to do so thier box does not co-opted and be used by viruses to email themselves to thier firends or acquaintances and mention you got an email that appears to have come from them. If you do not know them, and see lots of email from one person as to account, tell your ISP and in this case that would be telling this person's ISP also. The ISP can read headers and trace email back, and knows its customer's IP addresses also-- and if a large volume really is coming from one box, they will tell the owner themeslves to get it cleaned up.
Unfortunately, if a server that serves a forum gets compromised, the email addresses on it can get harvested and sent to a spammer by the trojan or other thing that compromizes it.... Good thing this forum's server is very secured, right???? But, odds of an infected box sending email address of box owner is so low that based on one email I no longer would tell owner his\her box is virused. Instead, my ISP decides how to handle for me, though I do report with ehader of email submission. In your case, find out from your ISP how they would like a report filed, and what info they want from the spam message.
Worst case, the virus will not get removed from the box that is really sending the virus, but the ISP will start filtering email if they are not or improve filtering possibly with info from what they ask you to send(thus protecting many customers of that ISP), and since this is from sender and receiver in same ISP on surface, they should look into it themselves.
They can figure out if in fact it came totally through thier system(they have the tools and network info to do this), or if it REALLY came from outside by the server routing and IPs in trace info in header of email, quite quickly. If it then did come from that customer, the customer sending it will probably get a support level or courtesy call initiated by the ISP. AND the box will get cleaned if things did get sent from that person's box.
I do not bother bouncing email, just forward "common thing" reports derived from analyzing headers with examplary (true examples\samples of what is there and in common) headers from a few messages, to my ISP. If the ISP then filters them nationwide, up to 100 million people no longer get that particular junk anymore. I think THAT thing is neat-- let the ISP help you figure it out, so no possibly false statements get made that could make for anger and lack of action. Simply say to your ISP, I got this, it was ID'd as thus and so a virus by thus and so an AV software, and here are the headers on my screen, where do you want them sent and show me how to get them to you, PLEASE.
Dexter...
Hehehe..........been thinking about that too, prior to posting the thread.
How i would approach him so he would at least give it a read.
I'm not going to do it as Sally told me pretty much the same as Straight_Man, for which i thank you for replying.
It was really just thinking out loud. As they say.....If you don't ask, you won't know.
Jon
KIDDING!!!! Don't do that!
Bad Security Moderator, Bad....
Dexter...
OK.......................................JUST KIDDING.