From owner-freebsd-questions@FreeBSD.ORG Wed Apr 13 20:52:07 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 22EEF16A4CE for ; Wed, 13 Apr 2005 20:52:06 +0000 (GMT) Received: from smtp1.suscom.net (smtp1.suscom.net [64.78.119.248]) by mx1.FreeBSD.org (Postfix) with ESMTP id 668DA43D49 for ; Wed, 13 Apr 2005 20:52:06 +0000 (GMT) (envelope-from gerard-seibert@suscom.net) Received: from localhost (smtp1 [127.0.0.1]) by smtp1.suscom.net (Postfix) with ESMTP id 2E0ECD9105; Wed, 13 Apr 2005 16:52:03 -0400 (EDT) Received: from smtp1.suscom.net ([127.0.0.1]) by localhost (smtp1 [127.0.0.1]) (amavisd-new, port 10024) with SMTP id 06589-01; Wed, 13 Apr 2005 16:52:01 -0400 (EDT) Received: from [192.168.0.2] (ip47.232.susc.suscom.net [216.45.232.47]) by smtp1.suscom.net (Postfix) with SMTP id E79D2D8B46; Wed, 13 Apr 2005 16:52:00 -0400 (EDT) Date: Wed, 13 Apr 2005 16:52:05 -0400 From: Gerard Seibert To: freebsd-questions@freebsd.org Sender: Gerard@smtp1.suscom.net, Seibert@smtp1.suscom.net In-Reply-To: <20050413120111.B17B816A4CE@hub.freebsd.org> References: <20050413120111.B17B816A4CE@hub.freebsd.org> Message-Id: <20050413163926.DC7E.GERARD-SEIBERT@suscom.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Becky! ver. 2.20.07 [en] X-Virus-Scanned: by amavisd-new .250 at suscom.net cc: Robert Subject: Re: spam alert X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: gerard-seibert@suscom.net List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Apr 2005 20:52:07 -0000 On Wed, 13 Apr 2005 03:29:03 -0400 "Robert" wrote: ||>got a message from my ISP saying that my email address was sending out ||>spam, possibly from a trojan on my pc that was allowing a remote program ||>to access my SMTP server and send email without my knowledge. I was ||>shocked since I'm running ZoneAlarm and don't remember getting any ||>alerts about a program accessing my email. I ran Norton's and it didn't ||>find anything. BUT it was blocking a heap of outgoing emails with ||>"sexually explicit content" after I disabled ZoneAlarm. So ZoneAlarm ||>must be blocking them when it is on, but periodically I turn it off ||>because some web pages don't load correctly when I use ZoneAlarm. Well I ||>disabled ZoneAlarm tonight and right away I got popups from Nortons ||>alerting me that there were sexually explicit emails trying to be sent ||>using my mail account, at a rate of about 20 per minute! I turned ||>ZoneAlarm back on and immediately it told me that IP address ||>204.152.184.73 was trying to send emails and make a connection with my ||>mail server, which of course I blocked. 204.152.184.73 resolves to ||>freebsd.isc.org. what gives ********** Reply Separator ********** Wednesday, April 13, 2005 4:39:26 PM I use Zone Alarm on all of my Windows based PC's. Assuming that you are not using the free; i.e., basically useless version, there is no reason to have to disable it for any reason. I would seriously suggest that you look into how you have it configured. Zone Alarm has an excellent forum where you can post questions. Their online support is not too bad, but it is not the quickest in the world when it comes to getting a speedy reply. As always, YMMV. -- Gerard Seibert gerard-seibert@suscom.net "Isn't having a smoking section in a restaurant like having a peeing section in a swimming pool?