helpmeplease Posted April 29, 2002 Share Posted April 29, 2002 wow, i had an email in my hotmail inbox. It was 127k large, and was apparently blank. So i forwarded to my other email address and found it contained the klez virus!! Its very ironic that it came from MS (inet@microsoft.com), to MS Hotmail, And i forwarded it to MS Outlook Express. More worryingly, how did they get my email address?? Link to comment Share on other sites More sharing options...
Prof. Frink Posted April 29, 2002 Share Posted April 29, 2002 :roll: its very easy to spoof an email address...and all it takes is posting your email address on one website for a spammer to get a hold of it. Next thing you know you've got 120 new emails a day. Link to comment Share on other sites More sharing options...
Jon Posted April 29, 2002 Share Posted April 29, 2002 SMTP has no 'sender' address verification. I could send you a mail from bgates@microsoft.com in 30seconds, as could most people with a remote amount of technical knowledge. Rest assured, this is nothing to do with microsoft. Klez would have grabbed your mail address from another persons machine, either in the internet cache, or the windows address book. Clean the virus, and you'll be fine. Link to comment Share on other sites More sharing options...
john smith 1924 Veteran Posted April 29, 2002 Veteran Share Posted April 29, 2002 sorry dude.... get nax to scan the system. Link to comment Share on other sites More sharing options...
The Burning Rom Posted April 29, 2002 Share Posted April 29, 2002 It may not have come from microsoft. If I'm not mistaken, the Klez virus infects a computer, and then looks in a number of different places for email addresses in which to send emails to. It also changes the sender name that is displayed to either an address that it found, or one that it is pre-programmed with. But if you check the return path for the email, you will see who it really came from. For more info, click on this link Symantec And IMHO, sending it to Outlook Express is the worst thing that you can do with an infected email, except maybe sending it to Outlook....LMFAO....:D Link to comment Share on other sites More sharing options...
ToastGodSupreme Posted April 29, 2002 Share Posted April 29, 2002 Think about this: How many times has Microsoft emailed you patches? None. Will they ever? No. Why? Too many godamn people to email. Too much effort, time, man power, etc, for too little results. Link to comment Share on other sites More sharing options...
john smith 1924 Veteran Posted April 29, 2002 Veteran Share Posted April 29, 2002 yeah spoofing. Link to comment Share on other sites More sharing options...
CustardFD Posted April 29, 2002 Share Posted April 29, 2002 I had an interesting one the other day: it was a virus that was spoofed as a returned mail from my SMTP server... They are getting worryingly clever :paranoid: Link to comment Share on other sites More sharing options...
mortensen Posted April 29, 2002 Share Posted April 29, 2002 Its very ironic that it came from MS (inet@microsoft.com), to MS Hotmail, And i forwarded it to MS Outlook Express. Spoofing.... don't tell me about that. My brother loves to wind up his 'friends' by sending stupid messages and pretending they come from someone else the person knows. I really WISH they would FORCE enforcement of email addresses so you can return mail to every email and so that you can't 'pretend' to be someone else. I hate getting spam and not being able to reply back tell them to shove their heads up their own asses. They just fake an email address and spam you... I don't mind spam but I atleast want to reply back telling them how much I hate them! Link to comment Share on other sites More sharing options...
helpmeplease Posted April 29, 2002 Author Share Posted April 29, 2002 oh well, i had three of them anyway, another was from a site i know off, the other i had no idea where it cae from - but i looked deliberate as this one had text and said something like "A good tool..." lol, reading all og that its pretty funny Link to comment Share on other sites More sharing options...
nXP_151 Veteran Posted April 30, 2002 Veteran Share Posted April 30, 2002 Hmmmm Microsoft was hacked again :ponder: :s Link to comment Share on other sites More sharing options...
Jon Posted April 30, 2002 Share Posted April 30, 2002 er no it wasn't, if your refering to this thread specifically! Link to comment Share on other sites More sharing options...
nXP_151 Veteran Posted April 30, 2002 Veteran Share Posted April 30, 2002 Hmmmm....then :ponder: ? Link to comment Share on other sites More sharing options...
underscorebios Posted April 30, 2002 Share Posted April 30, 2002 It's fairly easy to do that, you just telnet to a mail server and send an email as anyone you whant, i'd post a tutorial but i think most would use it for bad porpuses, so if you whant it bad enough search for it ;). Link to comment Share on other sites More sharing options...
Chiefie Posted April 30, 2002 Share Posted April 30, 2002 My ISP's SMTP server does check for the destination domain name to see if it is valid or not, and it checks the sender's domain name to see if it is reply-able or not. And if all checked out well, it will proceed with sending the email. Or course the baseline-rule still exist, i.e. check if it is from the same domain-network as the SMTP (to cut down non-authenticated users/networks to send through the ISP's SMTP). Personally, I think the ISP smtp servers (or any smtp servers) should: 1) Check if the mail is sent from the trusted-network (or the network from where it is authorised to send from). 2) Check the sender's email address if it is reply-able or not. 3) Check if the receipent's email address is send-able or not. 4) Check for any ambiguous subject/known subject tag-line used by spammer/UCE. 5) Implement a fuzzy-scanning technology to check for morphing spammer (i.e. the repetitive use of certain characters in TO: or CC: which is known to a crafted auto-generated email addresses -- regardless if it is true email address or not). By when if the above points been covered, spamming is still a thing in digital-world to fight against with, everyday... Link to comment Share on other sites More sharing options...
h71y6 Posted April 30, 2002 Share Posted April 30, 2002 That is why we have secret keys and public keys for authentication. Every email will have a mark of the real sender = no spoofing. Link to comment Share on other sites More sharing options...
Spectre Posted April 30, 2002 Share Posted April 30, 2002 Originally posted by nathan_151 Hmmmm....then :ponder: ? how about reading through some posts in this thread? lol Link to comment Share on other sites More sharing options...
Recommended Posts