Note: The Rootsweb Mailing Lists will be shut down on April 6, 2023. (More info)
RootsWeb.com Mailing Lists
Home

Results for list 'eudora-mail'

Total: 1/1
    1. [EUDORA] Re: [VIRUS] Kak worm
    2. George W. Durman

    3. At 02:25 PM 05/17/2000, Murree Pindi wrote: *************START OF ORIGINAL MESSAGE TEXT************* "George W. Durman" wrote: > > At 07:52 AM 05/16/2000, Carol Trainor wrote: > *************START OF ORIGINAL MESSAGE TEXT************* > Hi Everybody, > While going thru my e-mail yesterday morning (249 pieces) a box popped > p on my screen telling me that a certain file had the kak.worm in it. SNIP > Even tho its a royal pain sometimes with connecting to their web (and I > have no patience any more) I am certainly glad it worked this time. > > Carol > **************END OF ORIGINAL MESSAGE TEXT************** > > Carol, I've received very few emails containing viruses/worms/trojans, but > McAfee, as did yours, always found them and gave me the same choices of > deleting, moving, or ignoring. When I chose DELETE, only the virus- > conntaining email piece was deleted; never had McAfee delete ALL unread > mail. Of course, I use Eudora (not Netscape) as my email program, and > use the standard on-my-own-computer McAfee, not Clinic. I am subscribed > to Clinic, but just don't like the way it operates, too many associated > problems. > > One suggestion: If you want to see from whom the infected email was sent, > deleting won't let you do this. I've learned to have McAfee MOVE the > infected file(s) to the default directory of C:\INFECTED. Then, I can use > a text reader and look at the inside of the email without opening it, AND > see who sent it. > > I like to know who sent a virus, so I can take the appropriate actions if the > sender is a subscriber to any of my Mailing Lists. Of course, with some of > these dastardly things, such as Melissa or ILoveYou, one cannot find out who > actually sent them, since the viruses fakes a From: address on the mail they > send; however, with some of the older ones, I can tell who sent them. > > Just my 2ยข worth, > SgtGeorge > ............................................................ How do you "use a text reader and look at the inside of the email without opening it, and see who sent it", George? Step by step, please! :o) -- Yours Aye - Murree. Scotland. **************END OF ORIGINAL MESSAGE TEXT************** When I receive an email containing a virus and McAfee "catches" it, a box pops up asking me what I want to do with the email. I choose "move", which puts it in the default C:\Infected directory/folder. I can't remember what exact name McAfee gives it (it's been a long time since I received one), but looking in that directory/folder will show only two files: 1) Infected.log, 2) The "moved" email. Using NotePad, I just open that file and look at it. It looks very similar to viewing an email in an email program, except you see all the "ugly" stuff. You can look at the From:, X-Sender:, Reply-To:, and Received: headers and try to figure out who sent it. As I mentioned originally, if it concerns Melissa, ILoveYou, or other virus/trojan that "fakes" a From: address, there is NO way to find out the exact sender. You can narrow it down to which server was used by looking at the Received: header. It will contain a line like one of the following: 1) Received: from imo19.mx.aol.com (imo19.mx.aol.com [152.163.225.9]) 2) Received: by imo19.mx.aol.com (mail_out_v26.7.) id j.29.5374054 (3965) We can't tell from this who sent the email, but the folks at AOL, IF they would, could identify the person from the above. So, it really doesn't help us that much; however, once in a while you might get lucky and find a domain identified in those lines that gives you a clue to who might have your email address in his/her address book. SgtGeorge

    05/17/2000 03:41:35