problem with email...
Will Maier
willmaier at ml1.net
Wed Aug 31 17:05:18 GMT 2005
On Wed, Aug 31, 2005 at 12:40:18PM -0400, kdonathan at charter.net wrote:
> Over the summer, I recently began getting "fake" email messages
> from mail at gwhs...., admin at gwhs.....,
> security at gwhs....,register at gwhs...., etc. etc. etc. The subject
> line is always something like "YOUR ACCOUNT IS SUSPENDED....",
> "You have successfully updated your password....", etc. Each of
> these contain an attachment, so I know that a virus is trying to
> get into our server. I need some suggestions on what to do to
> make this stop.
A virus isn't necessarily 'trying to get into your server'. If you
look at the headers of those emails, it's quite likely that they
originate somewhere else. If they come from someone else's server
but purport to be from your own, it's likely that you are the victim
of a 'spear phishing' attack.
As far as stopping those mails, treat them like any other spam. If
they have viral payloads, you should be using virus detection
somewhere in the chain (preferably near the mail server) to weed
them out anyway.
--
o--------------------------{ Will Maier }--------------------------o
| jabber:..wcmaier at jabber.ccc.de | email:..........wcmaier at ml1.net |
| \.........wcmaier at cae.wisc.edu | \..........wcmaier at cae.wisc.edu |
*------------------[ BSD Unix: Live Free or Die ]------------------*
More information about the freebsd-questions
mailing list