Results 1 to 6 of 6
  1. #1
    Join Date
    Aug 2001
    Location
    McGraw,NY,USA
    Posts
    582

    Default Computer question- IP addy-Whois-Apnic?

    In my email I got an email "spam" from MY mail account. Does that suggest that I have a worm in my email account ? The email also contains an attachment but dont know what that is. I checked the properties and got an IP address 126.112.89.226 from Arin I found that it came from a server in Queensland,AU and was referred to Apnic which told me that it came from Japan Nation-wide Network of Softbank BB Corp. Along with contact information, ie phone number and address. I realize that Arin and Apnic are only for the registration of IP address and block numbers. Monday I will contact my support staff fro my server to see what advice . I would welcome any advice that others might consider appropriate ...Thanks Rick

  2. #2
    Join Date
    Nov 2004
    Location
    Kirkland, WA, USA
    Posts
    1,021

    Default

    Joe jobs are cheap and easy to perform - it makes it look like "your" account sent it. The root of the problem (in my ridiculously email centric view) is that RFC 821/822 don't give enough information to prevent this crap. If the submitting IP is in a different country and the received from path shows servers that are NOT yours, odds of you having a worm are pretty poor.

    Spam wise the non profit I advise blocks all incoming connections from servers outside the US. All of them. We ran a survey on their inbound mail and in six months couldn't find a valid piece from elsewhere. That's not an option everywhere.

    You are unlikely to have a worm from what I read.
    http://www.voiceofthehive.com - Tales of Beekeeping and Honeybees

  3. #3
    Join Date
    Jan 2006
    Location
    Loganville, GA
    Posts
    2,174

    Default

    And, check into your email account from your ISP. They may likely have a filter running at the server that tags the suspected spam messages with [SPAM] in the subject line. That allows you to set rules in your client to move the message to whatever folder you wish. Such as DELETE.
    "Success is not final, failure is not fatal: it is the courage to continue that counts." Winston Churchill

  4. #4
    Join Date
    May 2005
    Location
    Whitefield, Maine USA
    Posts
    6,625

    Default

    Forging email is a trivial pursuit. It's so easy, a caveman could do it

    If you take the time to learn how to interpret the mail headers present in every email message, a lot of the mystery- but not necessarily the confusion- goes away. EVERY system a message passes through on it's way from the original sender to the final recipient prepends (adds to the top) a timestamped line to the message header section describing the action taken by that system. This is so that the message's progress through the mail system can be tracked, routing problems identified, etc. Mail programs typically only show you the relevant headers when reading an email i.e., the From, To, Subject, and Date headers. If you poke around your menus you'll invariably find a way to show ALL the headers.

    Most of these headers are informational only- they're not used in actually routing the email. As such, emails can be specially crafted with bogus headers so as to obscure the message path, originating system, sender's identity, etc. Forging the FROM: header is easy. It is also all too easy, if you know how, to add headers before the message is even sent to disguise where the message originated from and what servers it has passed through.

    Spammers ought to be shot.
    Dulcius ex asperis

  5. #5
    Join Date
    Jan 2006
    Location
    Loganville, GA
    Posts
    2,174

    Default

    I know it's not very popular these days but TORTURE first would be better!!
    "Success is not final, failure is not fatal: it is the courage to continue that counts." Winston Churchill

  6. #6
    Join Date
    May 2005
    Location
    Whitefield, Maine USA
    Posts
    6,625

    Default

    Alright, I won't quibble- first torture, then we shoot them!
    Dulcius ex asperis

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Ads