Re: problem with email...

• Previous message: Charles Swiger: "Re: Pentium and GUI"
• In reply to: kdonathan_at_charter.net: "problem with email..."
• Next in thread: Charles Swiger: "Re: problem with email..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Wed, 31 Aug 2005 12:05:18 -0500
To: freebsd-questions@freebsd.org

On Wed, Aug 31, 2005 at 12:40:18PM -0400, kdonathan@charter.net wrote:

> Over the summer, I recently began getting "fake" email messages
> from mail@gwhs...., admin@gwhs.....,
> security@gwhs....,register@gwhs...., etc. etc. etc. The subject
> line is always something like "YOUR ACCOUNT IS SUSPENDED....",
> "You have successfully updated your password....", etc. Each of
> these contain an attachment, so I know that a virus is trying to
> get into our server. I need some suggestions on what to do to
> make this stop.

A virus isn't necessarily 'trying to get into your server'. If you
look at the headers of those emails, it's quite likely that they
originate somewhere else. If they come from someone else's server
but purport to be from your own, it's likely that you are the victim
of a 'spear phishing' attack.

As far as stopping those mails, treat them like any other spam. If
they have viral payloads, you should be using virus detection
somewhere in the chain (preferably near the mail server) to weed
them out anyway.

-- 
o--------------------------{ Will Maier }--------------------------o
| jabber:..wcmaier@jabber.ccc.de | email:..........wcmaier@ml1.net |
| \.........wcmaier@cae.wisc.edu | \..........wcmaier@cae.wisc.edu |
*------------------[ BSD Unix: Live Free or Die ]------------------*
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

• Previous message: Charles Swiger: "Re: Pentium and GUI"
• In reply to: kdonathan_at_charter.net: "problem with email..."
• Next in thread: Charles Swiger: "Re: problem with email..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: Is VMS losing the Financial Sector, also? ... On Behalf Of Bill Gunshannon ... Is VMS losing the Financial Sector, ... One of their Customers was running Windows Server and was down for 2 ... (comp.os.vms) Re: Information Store taking all available memory. ... There are cases where the virus software is scanning things it should not ... The aforementioned should be excluded in the virus software. ... Do Not Back Up or Scan Exchange 2000 Drive M ... Understanding Virus Scanning API 2.0 in Exchange 2000 Server ... (microsoft.public.exchange2000.information.store) Re: Frustrated with Trend CSM! ... You must exclude them from Officescan, ... Click on your SBS computer icon, and set the client priveliges to your ... settings for the server versus the clients. ... > "Virus successfully detected, but infected file can neither be cleaned nor ... (microsoft.public.windows.server.sbs) Re: Swen and Earthlink ... virus problem like Swen. ... infecting my system at all. ... every time I went to the server to download my ... Contrary to what others are saying, message rules to delete ... (microsoft.public.security.virus) Re: SOPHOS Antivirus ... > This one feature can eliminate 99% of the virus infected inbound email ... By definition a firewall has no mail filtering function. ... > updates for every 4 hours on the server and have the server push the ... > updates to the desktops. ... (alt.computer.security)