From owner-freebsd-questions@FreeBSD.ORG Sun Mar 20 20:08:52 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B369016A4CE for ; Sun, 20 Mar 2005 20:08:52 +0000 (GMT) Received: from vms040pub.verizon.net (vms040pub.verizon.net [206.46.252.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8556743D31 for ; Sun, 20 Mar 2005 20:08:52 +0000 (GMT) (envelope-from ringworm01@gmail.com) Received: from ringworm.mechee.com ([4.27.46.32])0.04 <0IDO005FR2MQLE40@vms040.mailsrvcs.net> for freebsd-questions@freebsd.org; Sun, 20 Mar 2005 14:08:51 -0600 (CST) Received: by ringworm.mechee.com (Postfix, from userid 1001) id 659272CE749; Sun, 20 Mar 2005 12:08:50 -0800 (PST) Date: Sun, 20 Mar 2005 12:08:49 -0800 From: "Michael C. Shultz" In-reply-to: <423DD4A1.1020509@adelphia.net> To: freebsd-questions@freebsd.org Message-id: <200503201208.50120.ringworm01@gmail.com> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7bit Content-disposition: inline References: <20050320172230.4141B16A4F2@hub.freebsd.org> <423DD4A1.1020509@adelphia.net> User-Agent: KMail/1.7.2 Subject: Re: Ebay Phishing X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Mar 2005 20:08:52 -0000 On Sunday 20 March 2005 11:53 am, Bob Ababurko wrote: > Gerard Seibert wrote: > >On Sun, 20 Mar 2005 10:22:23 -0600 Chris wrote: > >||>Robert Slade wrote: > >||>> Hi all, > >||>> > >||>> Is it just me, but I've had 2 Ebay Phishing e-mails to this > >||>> e-mail address that I only use for this mail list. Both mails > >||>> where from Comcast users !! > >||>> > >||>> Rob > >||> > >||>Sounds like someone from Comcast is on this list AND using a > >||> Windows box AND is infected. > >||> > >||>Shame on you > >||> > >||>-- > >||>Best regards, > >||>Chris > >||> > >||>If you have always done it that way, it is probably wrong. > > > >********** Reply Separator ********** > >Sunday, March 20, 2005 1:35:28 PM > > > >1) Did you actually confirm that the email originated from Comcast > >2) Did you report the email to Comcast as well as spoof@ebay.com > >3) Why does it have to be a Windows box? Anyone can access this > > forum and harvest email addresses. > > > >-- > >Gerard Seibert > >gerard-seibert@suscom.net > > > >They say that a dog is man's best friend. I do not believe that. How > >many of your friends have you had neutered? > > It is most likely it is a windows box that has been copromised due to > one of the slew of M$ vulnerabilities. Some crafty programmer has > turned this box into a zombie and installed a mailing package or a > proxy server and is sending mail from it in concert with thousands of > others just like it...al behind one keyboard. > > -Bob Just to be fair towards the OS used by common folk, a few months ago I set up a gateway machine with FreeBSD 4.11 and made the mistake of running it on my DSL line without first setting up a firewall, shutting off sendmail and unused ports. (due to lazyness impatience on my part) It took only a few hours for someone to find the open relay and use it! I didn't even know until Verizon sent me an email saying I was a bad boy and they were shutting off my email access for 24 hours, which they did! Bottom line is it can happen to anyone. -Mike