hi

[Randy Grein]

I hadn't bothered to look at the header, but of course you are  
correct. I was referring to a number of VERY annoying worms that  
infected PCs and used their Outlook address list to forward spam, and  
in some cases impersonate a user on the list.

Getting everyone to require authentication would be a good first step,  
wouldn't it? I was reading yesterday that 95% of all email sent now is  
spam. I suppose it keeps Postini and Erado in business....

Randy Grein, WMRRA #41
Micapeak SV list admin

On Apr 9, 2009, at 11:25 AM, Aaron Turner wrote:

> On Thu, Apr 9, 2009 at 9:30 AM, Randy Grein <randygrein at comcast.net>  
> wrote:
>> Maybe. Sometimes these come from associates who have address lists in
>> common, other times from the listserv itself being infected. The  
>> latter is
>> not likely, but still possible. Micapeak does a good job of  
>> security, but
>> it's important to remember that many mainline companies - including
>> Microsoft - have been hacked in the past, and will continue to be  
>> in the
>> future.
>>
>> I have seen mail coming from 'my account' based on well-known worms  
>> I can't
>> possibly have, as the worms require Outlook to run. Not an option  
>> on a mac;
>> the messages were forged by an infected computer belonging to  
>> someone else.
>>
>> Returning you to your regularly scheduled SV list,
>
> It's actually quite trivial to spoof email addresses from anywhere.
> This is quite typical because it helps their spam bypass filters and
> makes it look more legit.  No Outlook or "hacking" required.  This
> particular spam was sent from a computer in mainland china
> (124.135.236.221) via Microsoft's Hotmail servers because they're too
> lame to require proper SMTP authentication.
>
>
> -- 
> Aaron Turner
> http://synfin.net/
> http://tcpreplay.synfin.net/ - Pcap editing and replay tools for  
> Unix & Windows
> Those who would give up essential Liberty, to purchase a little
> temporary Safety,
> deserve neither Liberty nor Safety.
>    -- Benjamin Franklin