In article et,
on Sun, 28 Mar 2004 21:32:13 GMT,
Dudley Henriques attempted to say .....


"Michael Wise" wrote in message
...
In article et,
"Dudley Henriques" wrote:

...
I was well over 100 spams a day, due to having multiple email
addresses,
posting to the news groups a lot, and having a web site with hundreds
of
individual pages, each with my email on it.

Changing the email addresses would have inconvenienced my
contributors/customers/suppliers/relatives/friends.

However, after some work and about $20 in expense, all but about 50 to
100
spams a day are flushed away and I never see them.

Of the ones I still get, the funniest are the ones supposedly from the
people who manage the email services for my domain. Since "I" am the
only
one who manages my domain, I tend to be a bit suspicious!


After the Swen virus hit, I was getting over a hundred a day. I finally
got
Mailwasher and bounced them all. The robots pick up continious bounces
apparently...

Not really. The way most of these sorts of viruses operate these days is
by turning the infected person's computer into a mail relay without
their knowledge. The term for this sort of thing is "owning" a machine.
They then scan the Outlook and Outlook Express data files as well as web
cache and mine out all email addresses. The infected machine's new
stealth mail relay mechanism is then used to send copies of the virus to
every mined address...and it uses a return address of any one of the
mined addresses. Any of the targeted addresses which actually result in
another infection are in turn going to do the same process. This is why
these viruses spread so rapidly.


Why should virus writers want to turn peoples' home and business
computers into stealth mail relays? Easy, they are paid to do so by
professional spam gangs who will then turn around and use all these new
mail relays to spew out their spam. Some 80% is relayed through "owned"
MS Windows PC's on home cable and dsl networks (some 10,000 "owned
machines)...and some 90% spamvertises Western sites hosted in China.

It never ceases to amaze me how many people using Microsoft operating
systems either don't care or are just to damn ignorant to secure their
machines (with anti-virus software they keep current).

That said, there's a lot ISP's and companies could be doing to stop or
majorly contain such quick and penetrating viral outbreaks. Blocking
this sort of stuff at the mail server or network border are not that
difficult to implement....and should be required of every ISP and it
should be free. I have such protection on all my clients' email servers,
and it has caught and blocked 100% of attempted virus relays before they
can make into my customers' mail boxes.


It's only so many sysadmins at large ISP's are too lazy and/or
incompetent, that consumers are left thinking Mailwasher and products
like it are necessary. They are only necessary to make up for their
provider's incompetence.


So what happens when you're using a product like Mailwasher and it tags
and rejects a virus-infected email? Not much, these sorts of emails have
forged return addresses 99.9% of the time...and will either go to
somebody who scratches their head wondering why they're being accused of
sending a virus...or to a bogus address. The same goes for spam. The
only way to tell the real source (well at least the last hop) of spam is
by looking at the IP which relayed it to your smtp server (either by
looking at your message headers or your mail server's logs).


With that IP address, you have enough info to root out who is
responsible for abuse from that net block and make complaints
accordingly. The user-level anti-spam software is largely worthless in
actually having an effect on stopping that spam from spamming you again
or rejecting to the right people. It is reasonably effective of keeping
the garbage out of your mail box...which I guess is as much as most
end-users care about. The fact remains, if the provider did its job at
the server level, you wouldn't need such programs. I know that's a big
"if", but there are plenty of IPS's (as well as email hosters) to choose
from who actually know a thing or two about blocking spam and viruses.


Of course, you could always get a Mac and never have to worry about
these sorts of viruses. ; )

--Mike

First of all, my computer is protected by a very good anti virus program. In
fact, the virus was never an issue for me. What WAS an issue were the 100 or
so emails, (infected or not infected) that were sitting on the Earthlink
server just waiting for me to hit the download button so I could sit here
for two hours waiting for the crap to get downloaded so I could delete it.
The problem for me, as it was for many others, was the unacceptable download
time taken to get these bogus emails down to where they could be deleted
without opening them. I think we all know that the answer to this is for the
ISP to have adequate programs installed on their servers to eliminate these
problems, but the simple truth is that most do not.
My antivirus program (Computer Associates) is completely up to date and will
catch any virus' infected messages after downloading, but who the hell wants
to sit on their ass for two hours and wait while all the mess is coming in
at 56kbs; I sure don't! :-)
After complaining along with a million other people to the ISP's to install
software that catches all this crap, I, along with a million other people
out here installed Mailwasher so that we can see what the hell was sitting
on the server and get rid of the crap BEFORE downloading it.
Bottom line is that until the ISP's start nailing this stuff on their
servers, the general public is left to programs like Mailwasher to help them
delete these messes from the server, or else get a Mac! I don't want a Mac!
Mailwasher works just fine for me. In fact, the spam level is practically
non existent at this point and Mailwasher isn't really necessary at
all.....until next time that is!! :-)


You may want to log into your Earthlink webmail account and change a setting
or two.

I did a few weeks ago and found that the settings I had left in the past had
caught a couple of hundred infected mails that earthlink quarenteened on the
server. I would never have seen them if I had not by chance logged in to
check something else.
They just sit there for xx number of days and then are deleted.



--
When dealing with propaganda terminology one sometimes always speaks in
variable absolutes. This is not to be mistaken for an unbiased slant.