LinkBack URL
About LinkBacksGetting hit with email virus attachments of 75K, how can I block this?
Getting hit with email virus attachments of 75K, how can I block this?
Getting hit with email virus attachments of 75K, how can I block this?
Other than having your default address set to fail, you can't do much. Between my many different POP accounts I've gotten around 100 of them today. I've even gotten a couple of bounce messages from ones I supposedly sent.
Some idiot out there is having fun seeing how many people will launch his attachments. They contain W32.Sober.X@mm.
The most obvious solution is to install a server-side email virus scanner - I never get any viruses into my mailbox.
Jonathan Michaelson
Need your cPanel servers secured and tuned?
cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
http://www.configserver.com
Chirpy, which Server-side eMail Virus scanner worked best for you?
Helping people Host, Create, and Maintain their Web Site
Also providing Server Admin Services - setup / troubleshooting
http://potentproducts.com/
Well, ClamAV works fine for me as a freely available scanner. Others like fprot and nod32. TBH, I find that the additional file type and file name filters in MailScanner block nearly everything anyway regardless of virus scanning.
Jonathan Michaelson
Need your cPanel servers secured and tuned?
cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
http://www.configserver.com
One thing about these emails that has me puzzled.
I have several email addresses I use that are set as forwarders to one POP account and the default is set to fail, but somehow I'm getting these emails to all different variations. The most recent one is x_mail-list@premierwebsitesolutions.com but I can't even send email to that. I view the raw file and there are no other addresses in the headers. How can they send emails to something that should fail and get it to me? Chirpy???
Even I'm having the same problem, lotsa domains on which default account is set to fail are still receving mails on addresses like XFreeMail@domain.com while these kinda email doesn't exist at all.Originally Posted by PWSowner
One thing about these emails that has me puzzled.
How can they send emails to something that should fail and get it to me? Chirpy???
There's a subtle difference in the way emails are routed by the SMTP protocol that you do have to be careful about. Exim does its account checking on the email address using the SMTP protocol exchange at the beginning of delivery using the results from the "RCPT TO: address@domain.com" command. That email address does not have to be the same as what appears in the email header for the To: (or other recipient) fields. I would suspect that that's where the confusion/problem is.
Jonathan Michaelson
Need your cPanel servers secured and tuned?
cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
http://www.configserver.com
Thanks for the explanation.
It's a good thing some people out there have nothing better to do with life or the rest of us might get bored.
Reply With Quote