randygrein at comcast.net
Thu Apr 9 11:37:50 PDT 2009
I hadn't bothered to look at the header, but of course you are
correct. I was referring to a number of VERY annoying worms that
infected PCs and used their Outlook address list to forward spam, and
in some cases impersonate a user on the list.
Getting everyone to require authentication would be a good first step,
wouldn't it? I was reading yesterday that 95% of all email sent now is
spam. I suppose it keeps Postini and Erado in business....
Randy Grein, WMRRA #41
Micapeak SV list admin
On Apr 9, 2009, at 11:25 AM, Aaron Turner wrote:
> On Thu, Apr 9, 2009 at 9:30 AM, Randy Grein <randygrein at comcast.net>
>> Maybe. Sometimes these come from associates who have address lists in
>> common, other times from the listserv itself being infected. The
>> latter is
>> not likely, but still possible. Micapeak does a good job of
>> security, but
>> it's important to remember that many mainline companies - including
>> Microsoft - have been hacked in the past, and will continue to be
>> in the
>> I have seen mail coming from 'my account' based on well-known worms
>> I can't
>> possibly have, as the worms require Outlook to run. Not an option
>> on a mac;
>> the messages were forged by an infected computer belonging to
>> someone else.
>> Returning you to your regularly scheduled SV list,
> It's actually quite trivial to spoof email addresses from anywhere.
> This is quite typical because it helps their spam bypass filters and
> makes it look more legit. No Outlook or "hacking" required. This
> particular spam was sent from a computer in mainland china
> (18.104.22.168) via Microsoft's Hotmail servers because they're too
> lame to require proper SMTP authentication.
> Aaron Turner
> http://tcpreplay.synfin.net/ - Pcap editing and replay tools for
> Unix & Windows
> Those who would give up essential Liberty, to purchase a little
> temporary Safety,
> deserve neither Liberty nor Safety.
> -- Benjamin Franklin
More information about the SV650