Subscribers: Sign in

• Subscribe
• Recent headlines
• Editors

• Current
• Library
• Upgrade
• Ads
• Preferences
• Unsubscribe

• Query
• Plug-ins

• Cameras
• Displays
• Mobile
• PCs
• Peripherals
• Security
• Storage

• By score
• By date
• By author

• Staff
• Refunds
• Press
• Contact
• Privacy policy

LangaList, November 9, 2006

Did You *Really* Send An Infected E-Mail?

Hi Fred - Love the list. I'm writing about item 4 from your 11/1 newsletter ("Message Says, 'You've Sent Infected E-Mail'"
http://langa.com/newsletters/2006/2006-11-02.htm#4 ) which talked about an email that a reader received saying he'd sent infected email. In your response, you mentioned that it might be a phishing type of scheme, and you also gave recommendations about setting up PC-cillin. However, I think you missed the most obvious possibility - the reader's email addressed was probably faked from someone else's infected machine - so when it was "returned", it was sent to the reader, instead of the actual sender. Take care! ---Tony Mayer

Well, yes: There are actually *many* reasons why any e-mail user could receive a notification that he or she sent an infected message. In the interests of brevity, we focused on the one the that seemed most appropriate for that reader's situation. We didn't intend to oversimplify.

But you're right, there are other reasons for the "you're infected" return emails, and they fall into one of two categories: 1) it's true; and 2) it's false.

These "false" e-mails should be treated just like any other spam--- in fact some significant percentage of garden-variety spam involves some form of e-mail spoofing (such as the e-mail with fake header information that Tony refers to). Like any other spam, it's important to avoid the temptation to reply to, or forward, the message. Just delete it, period.

However, the "true" reports--- when e-mail correctly says you sent infected e-mail--- require other actions. Reader James Dix mentioned in his original note that he's running PC-cillin and that he's scanning incoming e-mail, but said nothing about outgoing e-mail. That's why we provided instructions on how to enable that feature.

Our bottom line recommendation is to use good security tools, especially a quality antivirus package; and activate the outgoing e-mail scan feature. Keep the AV package and OS (and all your security tools) up to date. Then, any e-mails you get reporting that you've sent infected mail will most likely be the result of spoofing, spamming or social engineering; and can be ignored.

Help people find this article on the Web (explain):

•  Digg
•  Del.icio.us
•  Reddit
•  StumbleUpon
•  Other
•  Permalink

All articles posted on 2006-11-09:

LangaList	A Very Happy Anniversary
LangaList	Does Your Page/Swap File Deserve Its Own Drive?
LangaList	Did You *Really* Send An Infected E-Mail?
LangaList	Getting "Snippy" With Web Pages
LangaList	Don't Forget Firefox's "Mozilla Archive Format"
LangaList	Powerful (But A Little Geeky) Bulk Renames
LangaList	Outlook Won't Lose Weight After "AutoArchive" Diet
LangaList	They Loaded The Code
LangaList	Choosy Spammers Choose GIF
LangaList Plus	XXCopy Clone Now Supports Windows XP
LangaList Plus	More On "Waaaaay Too Much Background Activity"
LangaList Plus	Temporary Internet Files Not Temporary Enough
LangaList Plus	DVD Disk-Spanning Backup Software
LangaList	Just For Grins