Computer Security & Viruses/repetitive spam

Advertisement


Question
I am having the same problem as addressed here: http://en.allexperts.com/q/Computer-Security-Viruses-1737/2012/12/unknown-e-mail

A copy of the one I'm receiving is pasted below. I receive several of these every day and have been getting them for a couple of months.

Any suggestions on how to STOP these?

thanks.
mev

-------- Original Message --------
From:    - Tue Jan 15 22:04:00 2013
X-Account-Key:    account2
X-UIDL:    31861.Oku6UYs0VJYX1Rbag,7V+7vua6k=
X-Mozilla-Status:    0001
X-Mozilla-Status2:    00000000
X-Mozilla-Keys:    
Return-Path:    
Received:    from mx01.cincibell.synacor.com (LHLO mx.fuse.net) (10.10.22.40) by md05.cincibell.synacor.com with LMTP; Tue, 15 Jan 2013 20:39:27 -0500 (EST)
Return-Path:    <>
X-BINDING:    md05.cincibell.synacor.com
X_CMAE_Category:    0,0 Undefined,Undefined
X-CNFS-Analysis:    v=2.0 cv=GvzACzJC c=1 sm=0 a=Z7GY-qdg-vYA:10 a=SdDKUxoxAAAA:8 a=iryB2iodMQl4oYC3yEUA:9 a=8n8gB33NDtcA:10 a=NWVoK91CQyQA:10 a=gCII6dnyiV+gIm6fKFr4hw==:117
X-CM-Score:    0
X-Scanned-by:    Cloudmark Authority Engine
Authentication-Results:    mx01.cincibell.synacor.com smtp.mail=; spf=neutral; sender-id=neutral
Authentication-Results:    mx01.cincibell.synacor.com header.from=; sender-id=neutral
Received-SPF:    neutral (mx01.cincibell.synacor.com: 96.9.160.143 is neither permitted nor denied by domain of mx.profenforhead.com)
Received:    from [96.9.160.143] ([96.9.160.143:37562] helo=mx.profenforhead.com) by mx.fuse.net (envelope-from <>) (ecelerity 2.2.3.47 r(39787)) with ESMTP id C6/8A-27132-FC406F05; Tue, 15 Jan 2013 20:39:27 -0500
content-Type:    text/html;
content-Transfer-Encoding:    7bit;
X-159:    fmBtZWFpaHB8SWF9YGYmYWp4
Message-Id:    <b3Vrd3FSMCA4ODY9TDI5PzY8P1A2JDp9YW1xdGhhenB1TmJwfmQ9ZmxzOSMwdA==@9951.profenforhead.com.macaddict.com>
From:    <>
To:    <>
Subject:    ''
Mime-Version:    1.0
Date:    Tue, 15 Jan 2013 21:31:36 -0500

To Removeyour self pleasewrite to,
63 Est 11400 Sth ##255# Sandy.UT.84070
or visit here

Answer
I've don't have a way to test what I tell you because I'm not receiving them.  The simplest thing I suggest is blocking what comes from IPs and domains in the header.  I'm usually able to rely on Return-Path but it appears to be forged in these messages.

If the IP returned by doing s DNS lookup doesn't match the domain returned by RDNS, it may be forged.

Hopefully, your mail provider validates who the sender is.  If so, the real sender address should be somewhere in the header.


Please let me know how it goes for you if you dig deeper.

Computer Security & Viruses

All Answers


Answers by Expert:


Ask Experts

Volunteer


John Crout

Expertise

Linux, Windows, Open/Free BSD, OSX. Embedded MMU-less (firmware) devt.

Experience

Securing systems since 1982. Tip: Switching from a system that is (statistically) more prevalent to one that is less prevalent will help.

Organizations
Information Systems Security Association (ISSA) United States Coast Guard Auxiliary (USCG Auxiliary), ACM

Publications
Student Doctor Magazine EE Times Network World blog Navy CIO blog RTCA/DO-178B, "Software Considerations in Airborne Systems and Equipment Certification", (member of SC-167), RTCA/DO-160C, "Environmental Conditions and Test Procedures for Airborne Equipment", (member of SC-135)

Education/Credentials
Master of Public Health (Epidemiology and Biostatistics) Bachelor of Science in Electrical Engineering (Computer Engineering Option) Digital Forensics Basics, Texas Engineering Extension Secure Software, Texas Engineering Extension Network Security, Texas Engineering Extension Infosec Basics, Texas Engineering Extension Information Assurance Awareness, Department of Defense Information Systems Security, United States Coast Guard Online safety for parents and children, Fort Collins Police Department Spear Phishing, Defense Information Security Agency, DISA Spear Phishing, United States Coast Guard, USCG Meeting the Media, Testifying, Presentations, Arch Lustberg FEMA (ICS-100, -200, -210, -700, 800) United States Coast Guard Defense Information Systems Agency United States Coast Guard Auxiliary Crosby Quality Workgroup Facilitator Trainer Crosby Quality Education System Wisconsin University

©2016 About.com. All rights reserved.