On Fri, 2004-07-16 at 04:03, Parameshwara Bhat wrote: > Hello list, > > This week I have been receiving numerous mails from ***@[***]redhat.com > all 174 or 173 KB and with chinese looking junk characters in the body and > either a zip or pif attachment. I haven't clicked on the attachemnt though > I presume these cannot run on my Fedora box. > > I also receive similar mails from various other sites as well all similar > in body and attachment. Where could this be coming from ? > You would need to examine the headers of the mail messages to see where they came from. However, a lot of the information in the header can be falsified in order to obscure the sender. Most likely the messages came from a windows box that has been taken over and is now a zombie running mass mailings of spam. The from information is almost guaranteed to be bogus. Ultimately it really does not matter where the messages came from. The best thing to do is use a tool to filter them out. > Does anybody know of a mail-client which can be taught not to download > suspicious looking mails ? > > Parameshwara Bhat I think firefox and the newer mozilla (for windows at least) has built in spam filtering. Not sure if that is built in to the Linux version or not. You can implement spamassassin on your linux box to filter spam. On my home account I get about 150 or 200 spam messages a week. Only 3 or 4 a week end up in my inbox. Depending on the client you use and how you get your email you can configure spamassassin a couple of different ways. The easiest, and the one I used at home, was to configure a filter in my email client to call spamassassin on messages I download. The filter then looks at the results and if it is marked as spam it gets dumped in a holding folder. This gives you a chance to review the spam messages for any false positives. What is neat with spamassassin is that you can setup a bayesian database which will learn what you call spam and ham. So over time it gets better and better at sorting things out for your particular email. Check out their web site and the documentation that comes with spamassassin. Highly recommended. If you are running a full blown mta then I recommend implementing greylisting as well as spamassassin. -- Scot L. Harris webid@xxxxxxxxxx Writing software is more fun than working.
