After ordering a computer from Alvio, I got an email virus that looks like it came from them. Herein lies documentation of my attempts to communicate with them about it.
After ordering a computer from Alvio, I got an email virus that looks like it came from them. Herein lies documentation of my attempts to communicate with them about it.
This is a pretty well known virus that has been doing the rounds.
ReplyDeleteWhat the guy from Alvio has totally failed to get is that the way the virus works is that it selects *pairs* of email addresses from the victim's address book. It uses one as the "To:" address, but uses the other to form a spoofed "From:" address. The fact that this was completely and obviously what happened, given that Craig used a one-time-email-address here is undeniable, but there's more.
Craig was kind enough to send me the original SMTP headers for this email. They started:
Received: from 208.40.58.250 ([208.40.58.250]) for <alvio@candera.sytes.net> with MailEnable Catch-All Filter; Mon, 07 Jul 2003 12:39:47 -0400
Received: from NICK ([208.40.58.250]) by candera.sytes.net with MailEnable ESMTP; Mon, 07 Jul 2003 12:39:46 -0400
From: <vendors@pricescan.com>
To: <alvio@candera.sytes.net> Subject: Re: Application Date: Mon, 7 Jul 2003 0:25:02 --0400 Importance: Normal
To: Subject: Re: Application
As Igor says, the email appears to be from vendors@pricescan.com. However, note that it was delivered from a machine whose IP address is 208.40.58.250.
If we look up Alvio's MX records in DNS, we find this:
alvio.com MX preference = 0, mail exchanger = mail.alvio.com
mail.alvio.com internet address = 208.40.58.250
Lo and behold, if the email wasn't sent from Alvio's mail server...
So Igor's looking pretty foolish right now.
Schneier had an interesting take (from the other side) of unique email addresses and spammers. Seems like it'd be better to use very long, random names for unique email addys:
ReplyDeletehttp://www.counterpane.com/crypto-gram-0305.html
Yep, I read that. I can't say that in this case the benefit outweighs the cost.
ReplyDelete