Pesky virus

Joel Jaeggli joelja at darkwing.uoregon.edu
Fri Jul 23 16:36:28 UTC 2004 

On Fri, 23 Jul 2004, James Marcinek wrote:

> 
> I'm no expert at this but I did some reading and was under the impression
> that people will use your mail server to send emails and that there's not
> a lot that can be done about it. I would definitely like to be proven
> wrong with this. The simply script something to telnet into your mail
> port and send emails... These emails are generated from your server so
> even setting your email to send only from your domain does not protect
> you. Is anyone listening that could shed some more light on this?

Only if you run an open relay... normally your mail servers only accepts 
mail for local delivery and accepts mail locally for remote delivery, 
sometiem you relay for a whole domain or block of address space... It's 
maybe 7-8 years since running an open relay was considered a reasonable 
practice.

In the modern era of blacklists running an open relay for any significant 
length of time will get you blocked from large numbers of mailservers in a 
hurry.

joelja

> Thanks,
> 
> James
> 
> For users of Fedora Core releases <fedora-list at redhat.com> wrote:
> > I had one of these said it was checked by norton. even put
> > www.norton.de in the footer. 2 problems with it 1. I don't use Windows
> > muchless norton 2. I'm in the US not Germany. Just to be on the safe
> > side and to see if it did affect me. I ran clamav that day and I was
> > clean.
> >
> >
> > On Fri, 2004-07-23 at 08:14, Michael Sullivan wrote:
> > > I've got a small problem. Last week I received in my
> > > non-espersunited.com email account an email from someone I don't know
> > > with an .exe file as an attachment. Naturally I assumed that this was
> a
> > > virus, and wrote back to the email address it was from informing them
> > > that they had a virus. I've received several similar emails on
> through
> > > the week, most were unique but all followed the same format: One line
> > > of text and then the attachment link, usually a .exe or a .zip file.
> I
> > > haven't opened any of them, but in the past couple of days I've begun
> > > seeing them in my espersunited.com email accounts. I wasn't too
> worried
> > > about it until this morning, when I received a message from another
> SMTP
> > > server saying that my mail was undeliverable to some person's email
> > > account. I looked at the message sent and it was indeed from me, but
> > > the message body held the same one line and thesame EXE/ZIP file
> > > attachment as the ones I'd received from multiple sources. I use
> > > evolution as my email client. Could I be infected with this virus? I
> > > didn't think Linux was susceptible to virii - only hostile shell
> > > scripts. Is there a way I can test if I am infected, and if I am, is
> > > there a way to find the virus so that I can destroy it?
> > >
> >
> >
> > --
> 
> 
>

-- 
-------------------------------------------------------------------------- 
Joel Jaeggli  	       Unix Consulting 	       joelja at darkwing.uoregon.edu 
GPG Key Fingerprint:     5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2

More information about the fedora-list mailing list