I am a user (despite some remarks I make below) who usually silently
watches/lurks this list with interest, looking for hints I can use.
However, I keep receiving warnings and after the remark about
Guiseppe's Corner Shop wonder if someone might offer a little guidance.
Copy below of a warning message, offers no means of response so I
usually ignore them (take that as guidance, not a request for advice
please, you'll see why I ignore below.)
I never sent such a message - presumably I was spoofed....
I do not know the addressee - who now thinks I stink.
I never send zip files
I use a mac (my network is firewalled with Zywall (yes it's enabled)
I do not use Outlook (even for the mac)
also:
I am being bombarded with messages from .ru sites all of which contain
executables (for pc) and I delete every one on sight; they seem to be
trying to tempt me to click on an executable by hiding it in pifs exes
and all sorts, inside folders and so on. As I identify targetted
"users" I block the user names (because there is only one user on the
suffering domain, me). I don't want to switch the "catch all" off. Said
domain was used recently by spoofing to attack aol, but I had a long
chat with them and their systems are clever enough to catch the
underlying sending ip address.
I receive many brightmail messages saying this and that has been vaped,
but I do not recognise anything they mention as having been sent by me.
I have spent ages on the phone to (one of) my main service provider and
they assure me all my sending domains are secure (pop before send and
now authenticated SMTP).
If someone has the time and generosity to engage with me on these
matters I would be grateful, if not having spent a month learning
(basics, site wide, 23 domains) and setting up spamassassin last year,
I understand everyone has their own problems.
I observe that while notifications like these are necessary, they do
not offer the user anything but the frustration of knowing we are being
used and we can't stop it and are left largely helpless.
grr.. there should be no defence anywhere on the planet for these
people; this is my livelihood's chargeable earning time being lost
daily.
So in the hope of understanding.
Regards,
Anthony
at mellor.com and various other multifarious addresses.
Anthony Mellor FCA.
Mellor & Co
Chartered Accountants and unwilling unix boffins - not
Here's the copy mentioned above:
This is a mail anti-virus program at host AILE
The mail system received a message from you (anthony@localhost)
destined to
ailer@localhost
that contains either infected or suspicious file(s)
and it has not reached the above destination(s).
Antivirus message(s):
archive: Mail
archive: ZIP
infected: I-Worm.Mydoom.a
Please clean up your machine using antivirus software before trying
to send any new mail, and resend the message if you need. Or or ask
your system administrator for help.
Please, do not respond to *this* message you're reading now --
your response will be lost. I, the antivirus program, will be unable
to read your response, sorry... :)
Reporting-MTA: dns; AILE
Final-Recipient: rfc822; ailer@localhost
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Avcheck; service unavailable. archive: Mail
archive: ZIP
infected: I-Worm.Mydoom.a