[Serusers] posting from nonmembeers

Jim Burwell jimb at jsbc.cc
Wed Jan 28 21:26:24 CET 2004 

It's a good idea in general to prohibit outside posts.  But this won't 
stop the bogus worm-containing messages being sent out with fake "From: 
" addresses which are addressed as coming from the list, you, or even 
me.  These worms gather email addresses from received emails, inboxes, 
etc, etc, and use valid "From: " addresses to masquerade as anyone they 
want. 

This is a flaw in RFC822 which should be fixed, and also why I 
automaticaly sign every message I send w/ a digital signature to provide 
evidence of authenticity (except to mailing lists which mangle the 
message, thereby invalidating the signature...sigh).  How this flaw can 
be fixed is another issue (no simple way I can think of offhand).

Worms like Novarg arn't really the fault of Outlook, since in this case 
they require the user to actually run the virus as far as I know, in 
some cases requiring the user to unbundle the virus program from a zip 
file!  The problem's cause here is what I call a UIE (User Ignorance 
Error) :-).  That, and the fact that many users still don't run AV 
software :-|.

- Jim


Jan Janak wrote:

>Hello,
>
>I prohibited posting from non-members to the list again (such mails are
>held for review) due to large number of bogus messages received during
>last couple of hours. It will be enabled again later.
>
>I would like to encourage people who are using MS Outlook or similar
>bullshit from microsoft to try a different mail client. Outlook is evil
>and microsoft is doing nothing about that.
>
>During the last couple of hours I received 400 reports that my emails or
>emails from the mailing lists contain a virus or are undeliverable.
>
>Please stop this madness and stop using outlook.
>
>   Jan.
>
>PS: It's curious that Bill Gates gave a speech yesterday in Prague
>    regarding network security and how seriously are they taking it...
>
>_______________________________________________
>Serusers mailing list
>serusers at lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
>  
>

-- 
+---------------------------------------------------------------------------+
|         Jim Burwell - Sr. Systems/Network/Security Engineer, JSBC         |
+---------------------------------------------------------------------------+
| "I never let my schooling get in the way of my education." - Mark Twain   |
| "UNIX was never designed to keep people from doing stupid things, because |
|  that policy would also keep them from doing clever things." - Doug Gwyn  |
| "Cool is only three letters away from Fool" - Mike Muir, Suicyco          |
| "..Government in its best state is but a necessary evil; in its worst     |
|  state an intolerable one.." - Thomas Paine, "Common Sense" (1776)        |
+---------------------------------------------------------------------------+
|   Email:  jimb at jsbc.cc                              ICQ UIN:  1695089     |
+---------------------------------------------------------------------------+
|  Reply problems ?  Turn off the "sign" function in email prog.  Blame MS. |
+---------------------------------------------------------------------------+

More information about the sr-users mailing list