D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Email security

 

Simon Waters wrote:
> NW wrote:
>> Because she doesn't use TB. She uses XP and outlook express.
> 
> Ah finally a fact we can work with.
> 
> Outlook Express utilised the same HTML rendering component as IE, which
> makes it one of if not the most compromised piece of software in history.
> 
> I'd strongly suggest not using Outlook Express.
> 
> Heck even I've discovered gapping security holes in Outlook Express.
> 
> Not more facts please. Is the email address easily guessable?
> 
It is her name at our web site address. So no, not easy to guess.


> Were there attempts to send to it before she started using it?
> 
No. And I have the same address with my name before the at sign. I don't
get much spam. Of course I use Linux and Thunderbird.

> Do you have logs from when the switch was made, as that might point a
> compromised PC belonging to a recipient.
> 
I don't know. Where would they be? If on windows I wouldn't know where
to look.

> Look at the headers on the spam (and or post it here), make sure it came
> the way you think it did. She didn't for example set up a forward from
> the old address to the new.
> 
I will check the headers.

> What MTA, what spam precautions in use?
> 
I run spamassassin on the web site.

> My config has moved on a little since I wrote this, but not much.
> http://www.debian-administration.org/articles/168
> 

Thanks, I must try to get her to change to TB or better still go to Linux.


Neil

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html