![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SpamCop-List] Re: Trouble with Help Page
Flwrite
lostwithout at home.com
Fri Jun 18 16:37:09 EDT 2004
Dear Mike,
You wrote...
> ...it takes a lot more 'talent' and configuration security and 'mindset'
security and
> attitude to /properly/ examine the content of a spam for some purpose
> than it does to report it 'properly' or carefully without 'opening' it -
> per se.
Once upon a time, I tried forwarding a virus email to: SpamCop, uce at ftc.gov,
and junk_mail at adelphia.net. I was still learning what a "virus email" is,
and I didn't know:
a) I shouldn't be sending virus emails to SpamCop
b) my email program has to open the email to forward it
In the original email, the virus was in an attachment. When I tried to
forward the email, my anti-virus software caught it an erased it. It has
given me a sense of security.
Now I recognize virus emails because:
a) they look very much like spam
b) they run a few tens of kilobytes, vs. spam which is only a few kB.
I don't send virus emails to SC anymore. I've learned to delete the
attachment before forwarding the headers and body to the offending ISP.
CAUTION: When you're forwarding a virus email to abuse at ISP.com, your email
software should display the name of the [virus] attachment in the email
you're about to send. You ought to right-click on the virus attachment to
remove it before sending the email. (I'm not aware of any time that a virus
should be emailed.) However, aside from "Delete," the right-click-menu will
also offer "Save" and "Open," so be careful with that mouse! You don't want
to select Open by mistake!
On the other hand, "Saving" the virus attachment is interesting. By putting
it in a separate file in Windoze Explorer, it's an opportunity to run your
anti-virus software on it, to confirm it's a virus, and get a report on the
"name" of the virus. When you're forwarding the other information to
abuse at ISP.com, it can be helpful if you can also name which virus was
attached.
Other problems I'm aware of regarding opening mal-email is the
spyware-graphics. Possibly one-pixel graphics. However, SpyBlocker does a
good job of blocking that spyware from contacting its "home base." And
clicking on any links or browsing to any included URLs would supply your IP
address to the spammer. Since they are really in the business of hacking,
not selling goods or services, sending them your IP address, in any manner,
is a bad idea.
> I would ideally like to see everyone's spam already identified and
> sorted for them so that it is in a Junk folder and not the Inbox before
> they even 'approach' it.
Mozilla learns to recognize spam, and depending on activity, it gets fairly
good at it after a month or two... It learns when the user flags individual
emails as spam. As it learns to recognize spam, it immediately puts them in
the Junk folder with greater accuracy. Mozilla is free, but I sent them $20
anyway, and it was still a good deal. Stable, even on Win98se.
_Almost_ every other email I get is routed to a subfolder by filters I have
set up. Anything that doesn't get filtered or identified as Junk stays in
the InBox, where I scrutinize it as a possible invader.
I've been flagging all mal-ware as Junk - spam, virus emails, bouncebacks,
etc. It's still up to me confirm an email is of the "Spam" variety before
forwarding it to SpamCop.
CU,
-nei1_j-
More information about the SpamCop-List
mailing list