Watch this critical update from the M$

[Triffid]

Jim Davis wrote:

> On Wed, 24 Sep 2003 00:39:57 -0400, Triffid <triffid@nebula.net>
> wrote/replied to:
>
>

>>My solution - redirect all mail to a webmail account that has 'delete
>>message' as a filter option. Configure the filters to delete any message
>>which has 'run attached file' or 'undelivered' or 'undeliverable' in the
>>body. Problem solved - filters have dropped about 2100 swen mails in the
>>last 24 hours, all other mail (big dick/blue pill spam included,
>>unfortunately) is received as usual.

>
>
> I don't get it. If you have everything redirected to another webmail
> account, don't you have to go online and retreive that mail for the
> delete filters to work? I have filters, but they only work on my
> retreiving the mail and don't help with my box filling up.

No, the service I'm using applies the filtering rules to mail as it
arrives at their server, so the Swen crud never makes it into my mailbox.

Of course, this does waste more bandwidth as I'm shipping the crud half
way around the planet, from my ISP to the webmail provider, just so it
can be deleted on arrival.

>
> I hope the ISPs do something about this quick, this is really a denial
> of service at it's very worst. This is the first time I can ever
> remember something so terrible happening on the net. This really
> sucks.
>
>
> Jim Davis
> Nature Photography
> [url]http://www.kjsl.com/~jbdavis/[/url]

[JAD]

amazing........ maybe because i get double filtering ...cable company and earthlink


"Michael W Ryder" <mwryder@_earthlink_.net> wrote in message news:X6ncb.2016$NX3.1495@newsread3.news.pas.earthl ink.net...

> JAD wrote:
>

> > The ONLY way to end the spam effect of this worm is for ISP's to scan at the
> >

> >>POP3 level and DISCARD infected e-mail WITHOUT sending notifcation to the
> >>receiver (which still clogs the mailbox)

> >
> >
> >
> >
> > as earthlink has done perfectly.....never got a SINGLE one
> >

>
> It wasn't Earthlink! I get about 100 of these a day beyond those
> stopped by Spaminator. Because of this I will probably switch to
> Worldnet as they advertise that they scan all e-mail for viruses.
>
>

> > "Phil Weldon" <pweldon@mindspring.com> wrote in message news:2Y7cb.3876$ai7.1002@newsread1.news.atl.earthl ink.net...
> >

> >>OR the supposed sender e-mail
> >>addresses (which are either bogus or harvested from 'address books' on
> >>infected machines and networks.)
> >>
> >>Changing e-mail addresses is NOT AN ACCEPTABLE SOLUTION. It would cripple
> >>the future of the internet as a communication network. Individual solutions
> >>won't work, only a collective solution will. Failing an adequate response
> >>by ISP's, I'll go with the first e-mail provider that institutes scan and
> >>discard, be that hotmail or whatever. I'll even pay for such premium
> >>service, and look with favor on any ISP that unbundles packaged services so
> >>I can choose the services that meet my requirements. I'll also look with
> >>favor on any class actions filled on the basis of an ISP failing to provide
> >>implicitly contracted services (i.e., reliable mail service.)
> >>
> >>My current situation:
> >>
> >>My machines are NOT infected, and have NEVER been infected.
> >>I keep my security up-to-date.
> >>I don't send infected e-mail.
> >>
> >>My ISP is loading over 1500 infected e-mail messages into my mailbox each
> >>day.
> >>
> >>
> >>"Jim Davis" <spammenot@someip.jp> wrote in message
> >>news:ndp1nvkmlon2gfjhbevtgmdan1fqjmi8f3@nwall.od n.ne.jp...
> >>
> >>>On Sat, 20 Sep 2003 12:57:46 GMT, "Phil Weldon"
> >>><pweldon@mindspring.com> wrote/replied to:
> >>>
> >>>
> >>>>This post is from the worm. Worm.Automat.AGH has an SMPT engine and is
> >>>>going after usenet newsgroups. This is a bad one. It only takes about
> >>
> >>90
> >>
> >>>>of these infected e-mails to fill up a 10 MByte mailbox... if you start
> >>>>getting these infected e-mails you'll have to empty your mailbox hourly
> >>
> >>or
> >>
> >>>>even more often just to keep legitimate e-mail from bouncing.
> >>>
> >>>I don't know the answer to ending this attack, but I also get enough
> >>>of these emails to choke my mailbox in a couple hours. I just hope it
> >>>doesn't get any worse. It looks like I will have to change my email
> >>>address, because this continues with no end in sight.
> >>>
> >>>Some friends are NOT getting these so bad, I'm not sure what the
> >>>difference is, but if an address has been in use for a long time, like
> >>>mine, 3 years, then I think more of these emails would show up.
> >>>
> >>>Maybe the answer is to change your address every few months, or when
> >>>the spam builds to too high a lever. Filtering this stuff is not the
> >>>answer. I tried but got tired of it and anyway your mail box will
> >>>still be full.
> >>>
> >>>
> >>>Jim Davis
> >>>Nature Photography
> >>>[url]http://www.kjsl.com/~jbdavis/[/url]
> >>
> >>

> >
> >

>

[Ed Medlin]

"Michael W Ryder" <mwryder@_earthlink_.net> wrote in message
news:X6ncb.2016$NX3.1495@newsread3.news.pas.earthl ink.net...

> JAD wrote:
>

> > The ONLY way to end the spam effect of this worm is for ISP's to scan at

the

> >

> >>POP3 level and DISCARD infected e-mail WITHOUT sending notifcation to

the

> >>receiver (which still clogs the mailbox)

> >
> >
> >
> >
> > as earthlink has done perfectly.....never got a SINGLE one
> >

>
> It wasn't Earthlink! I get about 100 of these a day beyond those
> stopped by Spaminator. Because of this I will probably switch to
> Worldnet as they advertise that they scan all e-mail for viruses.
>
>

That isn't always a catch-all either. My main ISP has "server-side virus
scanning" but I still get the messages with the virus stripped out. What
they need to do is to delete the messages entirely to stop the bandwidth
hogging of this thing. I am getting upwards of 40-50 an hour as of this
morning. That includes the 'Update" with the worm itself and all of the
other undeliverable message notifications and the text from the ones that my
ISP has stripped the worm out of. Something needs to be done at the POP/SMTP
side to stop this altogether. Just stripping the infectious code does
nothing to help keep our mailboxes from filling up every couple of hours.

Ed

[Michael W Ryder]

Ed Medlin wrote:

> "Michael W Ryder" <mwryder@_earthlink_.net> wrote in message
> news:X6ncb.2016$NX3.1495@newsread3.news.pas.earthl ink.net...
>

>>JAD wrote:
>>
>>

>>>The ONLY way to end the spam effect of this worm is for ISP's to scan at

>
> the
>

>>>>POP3 level and DISCARD infected e-mail WITHOUT sending notifcation to

>
> the
>

>>>>receiver (which still clogs the mailbox)
>>>
>>>
>>>
>>>
>>>as earthlink has done perfectly.....never got a SINGLE one
>>>

>>
>>It wasn't Earthlink! I get about 100 of these a day beyond those
>>stopped by Spaminator. Because of this I will probably switch to
>>Worldnet as they advertise that they scan all e-mail for viruses.
>>
>>

>
> That isn't always a catch-all either. My main ISP has "server-side virus
> scanning" but I still get the messages with the virus stripped out. What
> they need to do is to delete the messages entirely to stop the bandwidth
> hogging of this thing. I am getting upwards of 40-50 an hour as of this
> morning. That includes the 'Update" with the worm itself and all of the
> other undeliverable message notifications and the text from the ones that my
> ISP has stripped the worm out of. Something needs to be done at the POP/SMTP
> side to stop this altogether. Just stripping the infectious code does
> nothing to help keep our mailboxes from filling up every couple of hours.
>
> Ed
>
>

But it will kill the virus in short order and keep it from infecting new
people for months and sending out new storms.

[Jim Davis]

On Thu, 25 Sep 2003 06:43:57 -0500, "Ed Medlin" <ed@edmedlin.com>
wrote/replied to:

> That isn't always a catch-all either. My main ISP has "server-side virus
>scanning" but I still get the messages with the virus stripped out. What
>they need to do is to delete the messages entirely to stop the bandwidth
>hogging of this thing. I am getting upwards of 40-50 an hour as of this
>morning. That includes the 'Update" with the worm itself and all of the
>other undeliverable message notifications and the text from the ones that my
>ISP has stripped the worm out of. Something needs to be done at the POP/SMTP
>side to stop this altogether. Just stripping the infectious code does
>nothing to help keep our mailboxes from filling up every couple of hours.

Well, I've changed my email address. Old one will expire in 30 days.
It should be interesting at that point to see just what spam arrives,
and whether this worm continues to plague me. My cousin, a computer
newbie had to take his machine in for service 4 times to get rid of
this worm. After his computer went offline, the worm messages to me
dropped by at least 50 percent. I have sent warning and a plea for
help to all my friends and contacts. Many of them are disturbed that I
would suspect them. Many of these people are old time computer
experts. But they just don't realize the extent of this problem yet.
Some say they aren't getting this amount of mail.

But apparently not only can this worm get around AV programs
everyone's being so smug about protecting them, but the person with
the worm actually doesn't always see the worm message coming in, the
worm cleans up that crap. I don't know if all that I've read about
these worms is true, and which worm is which, but the Microsoft
Security upgrade worm is the most blatant one that's causing me so
much grief.

I know it's died down slightly now for me, because now some Spam is
actually able to creep in during the lulls. Somebody I know has this
worm, but they're not fixing it and so on and on the worm goes.

I am hoping those people in charge, ISPs, and the internet in general
will figure out some way around this sort of thing.

What they need is a way for people to configure their email for
attachments to accept and just reject all the others. For example I
would choose to accept JPG files only. I have absolutely no need of an
email service that accepts anything anyone wants to send to it, and
I'd bet most people have no need for this either.

It seems Microsoft and all the other Web designers have thrown out at
us users dozens of ways to get eye candy but forgotten about any kind
of real security and left doors all wide open. I just don't get it.

The idea started with things like Java that allow external processes
and programs to run on your computer. people no longer had to
download, install and actually know anything about all the files and
crap they were getting. It was made totally transparent to the user.

A perfect example of a program from a Top Level company that is
actually a type of virus, that seems totally legal and inflicted on
almost all users of the net, with no one complaining, is QUICKTIME.
Simply clicking on a quicktime link loads and installs a resident
program that a user can't get rid of without some fiddling and
knowledge of computers in general at the very least.

This is unacceptable to me but just an example of what a big company
can sneak into our computers. Microsoft Update is another example of
Gate's shoehorning his big brother right into our computers in ways we
don't know about and never would believe he could. Sorry to go on
about this, it's all just too damned much.


Jim Davis
Nature Photography
[url]http://www.kjsl.com/~jbdavis/[/url]
reply in plain text only please

[Tony Hwang]

Jim Davis wrote:

> On Thu, 25 Sep 2003 06:43:57 -0500, "Ed Medlin" <ed@edmedlin.com>
> wrote/replied to:
>
>

>> That isn't always a catch-all either. My main ISP has "server-side virus
>>scanning" but I still get the messages with the virus stripped out. What
>>they need to do is to delete the messages entirely to stop the bandwidth
>>hogging of this thing. I am getting upwards of 40-50 an hour as of this
>>morning. That includes the 'Update" with the worm itself and all of the
>>other undeliverable message notifications and the text from the ones that my
>>ISP has stripped the worm out of. Something needs to be done at the POP/SMTP
>>side to stop this altogether. Just stripping the infectious code does
>>nothing to help keep our mailboxes from filling up every couple of hours.

>
>
>
> Well, I've changed my email address. Old one will expire in 30 days.
> It should be interesting at that point to see just what spam arrives,
> and whether this worm continues to plague me. My cousin, a computer
> newbie had to take his machine in for service 4 times to get rid of
> this worm. After his computer went offline, the worm messages to me
> dropped by at least 50 percent. I have sent warning and a plea for
> help to all my friends and contacts. Many of them are disturbed that I
> would suspect them. Many of these people are old time computer
> experts. But they just don't realize the extent of this problem yet.
> Some say they aren't getting this amount of mail.
>
> But apparently not only can this worm get around AV programs
> everyone's being so smug about protecting them, but the person with
> the worm actually doesn't always see the worm message coming in, the
> worm cleans up that crap. I don't know if all that I've read about
> these worms is true, and which worm is which, but the Microsoft
> Security upgrade worm is the most blatant one that's causing me so
> much grief.
>
> I know it's died down slightly now for me, because now some Spam is
> actually able to creep in during the lulls. Somebody I know has this
> worm, but they're not fixing it and so on and on the worm goes.
>
> I am hoping those people in charge, ISPs, and the internet in general
> will figure out some way around this sort of thing.
>
> What they need is a way for people to configure their email for
> attachments to accept and just reject all the others. For example I
> would choose to accept JPG files only. I have absolutely no need of an
> email service that accepts anything anyone wants to send to it, and
> I'd bet most people have no need for this either.
>
> It seems Microsoft and all the other Web designers have thrown out at
> us users dozens of ways to get eye candy but forgotten about any kind
> of real security and left doors all wide open. I just don't get it.
>
> The idea started with things like Java that allow external processes
> and programs to run on your computer. people no longer had to
> download, install and actually know anything about all the files and
> crap they were getting. It was made totally transparent to the user.
>
> A perfect example of a program from a Top Level company that is
> actually a type of virus, that seems totally legal and inflicted on
> almost all users of the net, with no one complaining, is QUICKTIME.
> Simply clicking on a quicktime link loads and installs a resident
> program that a user can't get rid of without some fiddling and
> knowledge of computers in general at the very least.
>
> This is unacceptable to me but just an example of what a big company
> can sneak into our computers. Microsoft Update is another example of
> Gate's shoehorning his big brother right into our computers in ways we
> don't know about and never would believe he could. Sorry to go on
> about this, it's all just too damned much.
> Hi,

Ultimately you're responsible for the security of your system.
Tony

>
> Jim Davis
> Nature Photography
> [url]http://www.kjsl.com/~jbdavis/[/url]
> reply in plain text only please

[Alessandro Selli]

Il giorno Fri, 10 Oct 2003, Jim Davis così ha scritto:

Newsgroups: alt.comp.lang.php,alt.comp.mail.postfix,alt.comp.m ail.qmail,
alt.comp.malaysia,alt.comp.periphs.cdr,alt.comp.pe riphs.mainboard.abit,
alt.comp.periphs.mainboard.asus,alt.comp.periphs.m ainboard.gigabyte,
alt.comp.periphs.videocards.ati

Do you really think most people in ALL of these newsgroups are interestedin
what you have to say about your IE problems?



Sandro


--
Bellum se ipsum alet
La guerra nutre se stessa

Livio, Ab urbe condita, XXXIV,9

[FatBlokeOnBikepins@pinsjohnstone-wheelers.co.uk]

..
Ignoring our Italian friend...

Could not HMG be persuaded to set aside an office and half-a-dozen
top-flight people to write and update anti-virus software as part of a
NATIONAL security effort? Why is it left to the individual to struggle
themselves and/or pay fees to anti-virus companies?

We are continually told of the time being wasted by business in dealing with
spam and such. Were that to happen in other areas of public life,
Westminster would soon find itself under unbearable pressure to do something
about it. Already the UK has the Telephone Preference Service and I believe
we will shortly be getting the "send unsolicited mail only if I opt IN"
sort'v thing. Somehow, the aspect that it's to do with computers puts the
wasted time and effort into a different class, one that can be ignored.

Were [big] business to get its muscle together, would not MPs tender about
their sponsorship and about the continuance of contributions to party funds
do *something* PDQ in the legislative field, *and* bring pressure to bear
upon countries where reside the writers of these things?
International co-operation in these things is always imperfect but with the
suspected use of worms and of DOS attacks by terrorist groups, Governments
have a pretty good excuse to send in the heavies.

I expect there are all sorts of reasons this *cannot* be done - it's always
much easier to carp and to do nothing; I'd like to read reasons why it *can*
be done.

Yoooors,

Iain.

This post did not necessarily reflect my opinions. So there.

Sent from within Forte's Agent.
Pull the pins out to reply direct.