Spam and viruses from EGLUG ! | The Egyptian GNU/Linux User Group

view
diff

Submitted by whirlpool on Mon, 24/10/2005 - 15:15.

I just received the following email.

From: admin@eglug.org
To: mostafa@eglug.org
Subject: Your Account is Suspended
Date: Mon, 24 Oct 2005 06:52:52 +0200

Dear user mostafa,

It has come to our attention that your Eglug User Profile ( x ) records are out of date. For further details see the attached document.

Thank you for using Eglug!
The Eglug Support Team

+++ Attachment: No Virus (Clean)
+++ Eglug Antivirus - www.eglug.org
[important-details.zip  application/octet-stream (68174 bytes)]

Here is the header:

From: admin@eglug.org
To: mostafa@eglug.org
Subject: Your Account is Suspended
Date: Mon, 24 Oct 2005 06:52:52 +0200
MIME-Version: 1.0
Content-Type: multipart/mixed;
	boundary="----=_NextPart_000_0006_2A0D9778.1AC5B50E"
Message-Id: <20051024045226.EBC7236CE6@manalaa.net>



Please fix your mail servers.

well

Submitted by __null on Mon, 24/10/2005 - 15:48.

A simple DNS lookup for eglug.org would have revealed that the source IP [62.114.51.226] is not eglug.org's, which is [69.61.55.58]. was this a valid IP even?

Spoofed mail attacks are as easy as a few commands typed against a relay-enabled SMTP server.

As far as I know.

يا فاضحنا

Submitted by Alaa on Mon, 24/10/2005 - 16:38.

admin ايه ده يا أخواتي اللي مش عارف ياخد بالله أن الheaders مزيفة

cheers,
Alaa

http://www.manalaa.net "i`m feeling for the 2nd time like alice in wonderland reading el wafd"

huh

Submitted by whirlpool on Mon, 24/10/2005 - 17:04.

At least eglug.org mail server can notice that this mail is not comming from admin@eglug.org. I mean if it was yahoo mail that didn't recognize the spoofed address then khalas mesh 2adya. But when eglug.org can't then there is something wrong.

Mostafa Hussein

the DomainKeys technology lol

Submitted by __null on Mon, 24/10/2005 - 17:38.

the DomainKeys technology lol? http://domainkeys.sourceforge.net

because

Submitted by Alaa on Mon, 24/10/2005 - 17:52.

there are way too many b0rked smtp servers out there that don't have proper DNS records, and many GNU/Linux users run their own SMTPs with no DNS records at all.

anyways will reread the docs again to make sure, I think I created several profiles on the postfix server so that each user can choose how strict the server will be when dealing with spam, by default everyone is on welcome spammers mode (since you could just run spam assasin at home), but if you want I can move you to a strict profile.

cheers,
Alaa

http://www.manalaa.net "i`m feeling for the 2nd time like alice in wonderland reading el wafd"

Incompetent admin

Submitted by YoussefAssad on Mon, 24/10/2005 - 16:58.

whirlpool, you are a disgrace to the medical profession... err, wait. What I meant was, you are a disgrace to, no, that doesn't work either.

Give me a second, I'm sure he's disgracing something...

No, but remind me, why do we have a gynecologist in training admining a linux user group website? I mean, that's like giving a linux administrator a chain saw and asking him to remove your appendix.

Mostafa, you're disgracing SOMETHING, alright?

-- Panem et *burp* circenses

احم احم

Submitted by MohammedSameer on Mon, 24/10/2005 - 19:18.

Received: from eglug.org (_unknown_ [62.114.51.226])

$ nslookup  62.114.51.226  
Server:		62.140.73.1
Address:	62.140.73.1#53

** server can't find 226.51.114.62.in-addr.arpa: NXDOMAIN

$ dig eglug.org
................
eglug.org.		1860	IN	A	69.61.55.58

$ dig eglug.org
...................
eglug.org.		1860	IN	A	69.61.55.58

يابنى انا ساعات بيجيلى من admin@foolab.org, support@foolab.org ;-)

WWW: The place for organized randoms!
EGLUG Admin..
Arabeyes Core Member.
Free Software Foundation Associate Member.

حيث تأكل البطاريق الطعمية

Comment viewing options

Navigation

User login

Forum topics

Active forum topics:

New forum topics:

Upcoming events

Latest Articles

Poll

Linux Counter Egypt Statistics

NewsForge

Who's new

Who's online

Online users: