ID:189297
 
On two occasions, I've received "recipient unknown" errors that have been rerouted back to my inbox, regarding email I didn't send.

Here's the catch, though -- virus scanner comes up clean.

Do you think that some cheap bastard is using my email address as a return path to send virii, or do you think I have a virus that's new and not detectable yet?
The latest big virus going around is an e-mail worm that spoofs addresses found in infected computers' address books, and I believe it also grabs them right off of websites...

So while you may not have the virus on your system, some infected system somewhere is using your address as its From address...and you end up getting those notifications...
In response to SuperSaiyanGokuX
Ahhh. Ive got a couple of those "recipient unknown" errors lately, at least now I know whats causing them.
Any advice for stopping it?
Im really getting sick of having a new virus out-break every week all because some guy thinks anyone who uses their computer less then 10 hours a week (or doesnt upgrade their firewall/virus scanner hourly) doesnt deserve to have access to the internet/e-mail/computers.
Anyway, now Im getting ranty, so to summerize we should form a posse and roam the Earth beating up these guys.


*In case you couldnt tell, you should have stopped reading at the end of "Any advice for stopping it?"
In response to DarkView
There's no point ranting at them. Firstly, they can't hear you. And secondly, if they could they'd be happy that you're annoyed at them. Virus writers are that kind of person. =)
The Sobig worm has been responsible for most of this crap. I've been getting two kinds of spam from it (since AOL started blocking the virus e-mails themselves):

In response type A, some moron set up their virus filter to e-mail the "sender" a message that the virus "they" sent was intercepted--as if the idea of a spoofed header never entered the programmer's pointy little head. Why such a feature was ever put into e-mail virus filters I'll never know; whoever thought it up obviously knew less about e-mail than I know about bullfighting.

In response type B, the filter (if any) did not catch the worm, and the mail went through to either an autoresponder or a dead address. If a dead address, I get a useless "message undeliverable" response. If an autoresponder, I get all kinds of weird crap. The other day I had a very interesting conversation with Ron from a doorbell company, whose old addresses were sending me replies to messages I never sent.

By far A is the most annoying, because it says that someone went to enough trouble to put up an effective filter, and then invoked a feature (by default or intention) that merely adds to the traffic. The fl.us servers were by far the dumbest of this bunch: Two different Florida county addresses were actually sending back the virus intact. I've been making it a crusade to contact both groups and tell them (politely) how to fix their filters, because this kind of ineptitude is just inexcusable these days.

Lummox JR
In response to Crispy
Crispy wrote:
There's no point ranting at them. Firstly, they can't hear you. And secondly, if they could they'd be happy that you're annoyed at them. Virus writers are that kind of person. =)

I blame their parents. Every kid learns one thing in their life: "Any attention is good attention." It's up to the parents to explain that "Being bad is bad." If their parents don't explain that being bad is bad, then the kids just go for the bad attention -- because, remember, any attention is good attention.
In response to Spuzzum
You cant always blame one person or event.
Blaming parents is harsh, its extremely hard to make all the right choices all the time, especially nowdays when every kid "knows their rights".
Its impossible to raise the perfect child simply on the basis that you are the perfect parent. Say you teach the child "Being bad is bad". They go to school with a child who knows "being bad is bad", but also figured out that you only get in trouble for being bad when you get caught.
Now you might say that the parent should teach the child its still bad if you dont get caught, but lots of parents trust there kids and neven figure out they learnt not to get caught.


-To Crispy: I wasnt ranting to them, more muttering to myself.
In response to Lummox JR
Lummox JR wrote:
By far A is the most annoying, because it says that someone went to enough trouble to put up an effective filter, and then invoked a feature (by default or intention) that merely adds to the traffic.

I suppose the idea is that if the virus isn't one that spoofs headers, then the person who has the virus is notified of that fact. That could be quite useful, in the event that the virus isn't smart enough to spoof headers (I'm sure there are some that don't). The filter should check whether the virus spoofs headers or not first, though, I agree.

The fl.us servers were by far the dumbest of this bunch: Two different Florida county addresses were actually sending back the virus intact.

...

...okay, now that is just stupid. Let's make a virus filter that spreads viruses, shall we?! -_-

I've been making it a crusade to contact both groups and tell them (politely) how to fix their filters, because this kind of ineptitude is just inexcusable these days.

Hear hear. Get 'em, Lummox! =)
In response to Crispy
Crispy wrote:
I suppose the idea is that if the virus isn't one that spoofs headers, then the person who has the virus is notified of that fact. That could be quite useful, in the event that the virus isn't smart enough to spoof headers (I'm sure there are some that don't). The filter should check whether the virus spoofs headers or not first, though, I agree.

I think that kind of notification would only be useful once, and only in cases where the exact worm is known not to spoof. However since profile-based detection is better than signature-based detection, knowing the exact worm's exact behavior may not be possible.

Moreover, by default the worm should be assumed to be lying about everything.

The fl.us servers were by far the dumbest of this bunch: Two different Florida county addresses were actually sending back the virus intact.

...

...okay, now that is just stupid. Let's make a virus filter that spreads viruses, shall we?! -_-

Like I said: Insert hanging chad joke here.

Lummox JR
In response to Crispy
Crispy wrote:
There's no point ranting at them. Firstly, they can't hear you. And secondly, if they could they'd be happy that you're annoyed at them. Virus writers are that kind of person. =)

From what I've read on virus writers, more of them do it just as a proof of concept than to be destructive; to them it's a learning exercise. I can understand developing other things for those reasons, but not viruses.

However the ones who attach destructive payloads to existing viruses do tend to be the attention-whoring type.

Lummox JR
h4x0r.
In response to Sariat
HEY! Don't go blaming stuff like that on me!

~; ){en )3ishop ;~

<Always blamed for things>
In response to DarkView
Now you might say that the parent should teach the child its still bad if you dont get caught, but lots of parents trust there kids and neven figure out they learnt not to get caught.

...and that's the parents' fault. See? =)