spam from my own account - Page 2

**removed** · June 16th, 2005, 2:56 AM

Quote:

Originally Posted by Haugland

Excuse me, but how is recieving spam from their own account making them hacked? Their most likely spoofed and coming from an external server, outside of Surpass.

Is this for real or some type of stunt to try to damage Surpass's reputation?

I think it's just ignorance.. and I don't mean that in a bad way.

It's probably this: http://securityresponse.symantec.com...ober.o@mm.html

schupp · June 21st, 2005, 10:46 AM

I'm not sure if this helps but the messages I've seen were sent to random addresses at my domain (dictionary attack). If you have a Default Address set in your domain's mail setting you'll get these messages. Remove that setting and you'll only get the ones matching real accounts.

Looking at the headers I can see that the virus originated from the user's local machine/firewall and then sent to a Surpass server (the same one that manages the targeted domain). So it isn't a hacked web site but an infected user. The virus uses it's own SMTP engine to send the mail.

I'll guess that all the other hosting sites are dealing with the same issue.

"friends don't let friends use windoze"

**Kickersny.com** · June 21st, 2005, 11:56 AM

Yeah, I send all email that doesn't match a specified email address into the almighty ::blackhole::

**DewKnight** · June 21st, 2005, 3:30 PM

some day that black hole is going to spit out all of the stuff that you people put into it. You'll all see then!

June 21st, 2005, 10:46 AM	#11 (permalink)
schupp Registered User Comfy Contributor Joined in Oct 2004 Lives in Reykjavík/Toronto Hosted on Pass16/18 168 posts Gave thanks: 0 Thanked 0 times	I'm not sure if this helps but the messages I've seen were sent to random addresses at my domain (dictionary attack). If you have a Default Address set in your domain's mail setting you'll get these messages. Remove that setting and you'll only get the ones matching real accounts. Looking at the headers I can see that the virus originated from the user's local machine/firewall and then sent to a Surpass server (the same one that manages the targeted domain). So it isn't a hacked web site but an infected user. The virus uses it's own SMTP engine to send the mail. I'll guess that all the other hosting sites are dealing with the same issue. "friends don't let friends use windoze" __________________ Pass16 Pass39

June 21st, 2005, 11:56 AM	#12 (permalink)
Kickersny.com Surpass Fan Super #1 Joined in Aug 2004 Hosted on SH58 1,688 posts Gave thanks: 6 Thanked 7 times	Yeah, I send all email that doesn't match a specified email address into the almighty ::blackhole:: __________________ - Evan Charlton \| [site] \| Server - SH58

June 21st, 2005, 3:30 PM	#13 (permalink)
DewKnight Skittles Super #1 Joined in Aug 2004 Lives in a space ship Hosted on dedi 6,815 posts Gave thanks: 101 Thanked 199 times	some day that black hole is going to spit out all of the stuff that you people put into it. You'll all see then! __________________ Mountain Dew Knight People should not be afraid of their governments. Governments should be afraid of their people.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)