[CQ-Contest] Virus Attachments from Contesters

Jim Reisert AD1C jjreisert at alum.mit.edu
Mon May 10 15:11:29 EDT 2004

--- Doug Smith W9WI <w9wi at earthlink.net> wrote:

> The only way to prevent your address from being forged to virii is to
> ensure nobody you've ever sent an email to gets infected.  

Doug, it's not that simple.

Let's say that Doug sends a message to the contest reflector.  My spam catcher
detects his mail as spam for whatever reason.  So I add his E-mail address to
my Outlook address book, which tells my spam catcher that his address is not
spam.    I find this "whitelisting" very effective because now I don't have to
train the spam filter on content from these particular sources.

So far, Doug has never sent a personal message to me.  Now I accidentally open
an infected message, and the virus causes Outlook to send infected messages by
spoofing the From: field, using addresses in my Outlook address book.  Voila! 
Doug's address has been forged, but he never sent me mail.

My personal feeling is that much of the spam today does not originate from us. 
It originates from spammers who use their list of "good" addresses to rewrite
both the To: and From: fields of the message before sending it out.

73 - Jim AD1C

p.s. I don't use Outlook.

Jim Reisert AD1C, 7 Charlemont Court, North Chelmsford, MA 01863
USA +978-251-9933, <jjreisert at alum.mit.edu>, http://www.ad1c.com
PGP Fingerprint: D8E2 3D78 339F A7F1 8C13  1193 B5D1 4FB6 79D1 70DC

More information about the CQ-Contest mailing list