Is there a way to determine who sent you an email?
The last couple of days I have received a rash of email messages containing viruses.

The message titles are a pathetic attempt to be sneaky such as:

"click here for your password"
or
"Here is the info you requested"

The messages all contain attachments.

Now I'm not the sharpest knife in the drawer, but I do know that the odds of me clicking on one of these attachments are "zero"

I don't open attachments from anyone, and I mean absolutely anyone. (Unless it's something I've requested, and I know from where and who it's coming from, but these examples are rare.

I don't open attachments, I don't open the countless stupid jokes I'm sent that contain attachments, I open nothing!

I've slowly been teaching my wife to sharpen up and stop being such a snapper head when it comes to email. Her and her girlfriends are constantly getting viruses because they have a past-time of cc-ing every stupid joke and file to each other, and then they wonder why their computers won't work.

Blah, ok, I'm getting carried away...
Is there a way to find out where these virus attempts are coming from? As in who is the person sending them to me?

Nothing would give me greater pleasure than tracking this person down and beating them senseless.

I've noticed these virus attempts go in cycles, I won't get anything for 6 months, and then "bam", I'll get 20 in 2 or 3 days.

 

The people you are getting the mail from probably didn't know they sent it. More than likely it will be someone who has your name in their address book and they have a virus that sends these emails out. You may be able to trace it thru the header info.

 

You need to get yourself and wife a copy of Norton antivirus software. It will keep itself updated and will remove the viruses from the emails before you open them.

The best combo is Norton Internet Security (firewall software) and it comes with the Antivirus software. That way, your PC will be proctected.

If you don't have either now, your PC is already filled with virus's and spysoftware.

 

I agree with the Norton Internet Security as I have been a customer of Norton for 4 years now. It ain't free but it's a quality all-inclusive program. No need to go find this freebie and that freebie and then try to remember which one to run when. The only thing I run in addition to Norton is Ad-Aware www.lavasoft.com which can find and clear spyware and tracking cookies.

 

I have found Norton to have a name everyone trusts but the protection is second to "Trend Micro's PCcillan" . I had problems with Norton but none with PCcillan. Check them out at the trend micro web site. I am not affiliated with them in any way. They also get rid of spy ware.

 

Trend Micro is awesome...

And, by the way, don't trace the emails.... I know they're not coming from Kentucky...

 

YUCK! Nortons, McAfee, Trend YUCK!


http://www.antivir.de/en/index.html

Download Antivir,
It's free, it works very well,
updates are free.


The above companies program are just TOO BIG and have too much crap.



(take it from one who paid for undergrad by doing y2k programming)

 

Thanks for the yips fellas.
I've been using Norton Internet Security Pro' since it came out.
I agree, a very good all inxlusive product.

I still don't take the chance opening things tho.

Regards

 

I've used mail washer pro. (trial version). As I figure, it allows you to preview the email on the server, before downloading it to your computer. If you deem it spam, virus or otherwise, you can erase it off the server before downloading it to your computer

 

Nice thing about MailWasher is you can also bounce it, so it looks to be a non existant email addess. It sends a hard bounce back. Lots of nice featues in the pay for version ( domain spam source tagging, etc ), I got it as a package deal with Zone Alarm.

 

Back to your question: Can you trace the emails? Some sources of emails are who they say they are and the return address is a valid source. These folks are the ones who never send viruses or spam unless their PCs get hijacked. The ones you (and me, too, by the way) want to trace are virtually impossible to find. There may be some government agency that knows how, but I even doubt that. There are too many ways for devious people to hide their computer's IP Address (its unique identity) and create false identities (addresses).

I did hear that a US based spammer got a humongous fine recently, and that's a credit to our country's focus on the issue. Other countries, where a lot of the malicious software comes from, remain fairly uninterested in stopping the problem. As you're probably aware, enemies of western culture are also interested in using the internet as a weapon...

Dave...

 

Can it be traced ?

You will know from the RFC 822 header where it came from. Does that mean that, the smtp server did not have relay shut off, or if a host in that domain was owned, and it looked to be valid outbound mail ? No, it could be either of the above.

If you trace it back to the smtp server that sent it, the network admin would have to find out who sent the email, which could be an owned host on the network. After that, if a host was owned, then the IDP system that is installed there is not worth a damn

If it was relay was not shut off, the admin could find out the address where it came from, which could be another host that is owned.

Depending on how many hosts the spammmer went through prior to sending the email, it might be rather difficult to complete.

Beyond tracking back host by host, where it came from, it is kind of hard to do. This includes the playback of traffic that has been sent to / from a host from the ISP, if it was being tracked at the time it happened.