A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.comp.home-networking (UK home networking)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.comp.home-networking (UK home networking) (uk.comp.home-networking) Discussion of all aspects of computer networking in the home, regardless of the platforms, software, topologies and protocols used. Examples of topics include recommendations for hardware or suppliers (e.g. NICs and cabling), protocols, servers, and specific network software. Advertising is not allowed.

OE6.x Tip - Adding entire domains to 'Blocked Senders' List



 
 
Thread Tools Display Modes
  #1  
Old September 30th 03, 10:46 PM posted to uk.comp.home-networking
Mark Cherry
external usenet poster
 
Posts: 4
Default OE6.x Tip - Adding entire domains to 'Blocked Senders' List

(With apologies to regulars of this NG. If this looks like a 'boilerplate', it's
because it is. Having seen the E-mail attack thread, I thought some people might
be interested. There's a weblink to the freeware Macaffee "Stinger" program in
here somewhere. I'll be back, seeking help with my networking woes once I've
read the backlog of about 400+ recent messages...)


To all,

You're probably well aware that spammers and trolls employ frequent address
changes or completely
false email IDs and you may have given up all attempts to add them to your
personal blocked senders
list. Here's some tips which I hope prove to be of use in finding where it's
coming from and how
to stop it, with a minimum of effort.

1. Examining junkmail message headers without opening the email.

Some spam email comes in HTML form and may contain executable applets. These
range from irritating,
but harmless, time-wasters, like fake virus alerts or 'launch IE over and over'
infinite loops,
which force a reboot and could cause you to lose any unsaved work. These scripts
often attempt to
exploit the user's Outlook Express 'preview pane' but most users are already
well aware of the
dangers and have deactivated that feature. Nevertheless, the applets will
execute if sheer curiosity
causes you to open the post conventionally.

To get around this problem, in Outlook Express, RIGHT-click on a suspect email
and, on the drop-down
menu, select 'Properties'. You will first get a small dialog displaying the
message headers.
The From: line will show you what domain it originated on and whether or not the
sender's name has
been anonymized (eg ). I they're not willing to make
themselves known
then you're not going to be interested in what they have to say/sell.

2. If you're still convinced the email is benign and you REALLY want to see what
you would be
missing by deleting it....

Whilst in the Message Properties box, click the 'Message Source' button to see
the email in
text-only form. You can view any HTML codes within the message without risk of
any applets being
executed. You may also see long, meaningless blocks of seemingly random
characters at the end of
the source, particularly where there is an attachment. Whilst this may be
benign, like embedded
font information, it could equally be harmful executable code, such as a virus,
trojan, or worm.
Exit the views and delete the message.
You may also wish to:-
a) Exit Outlook Express and run your virus checker on your system.
b) Download the FREEWARE "Stinger.EXE" from
http://vil.nai.com/vil/stinger/ to
detect and remove some
of the recent headline-hitting nasties and their variants.
c) Check Windows Update for your OS, IE and OE versions for any emerging
vulnerabilities in the
message properties dialog and fixes on offer.

3. Blocking the domain.

Although the spammer may have successfully substituted some random characters
for their username,
you will note that the domain name is not similarly scrambled. The sender's ISP
would not accept the
message without this being valid. Sometimes a particular domain, or country of
origin suffix is
seen time and again. If none of your regular email contacts use these domains
then you'll not be
missing anything by blocking all output from it. Make a written note of it, or
highlight everything
after the '@' symbol, using the cursor and press CTRL-C, to copy it.
Then, under [Tools Menu][Message Rules][Blocked Senders List][Add] type the
domain name (no need
to use the @ character) or CTRL-V to paste what you copied. Choose to block
mail, news, or both and
press OK. You can add more entries at this point, or click OK again, to back out
of the Tools-Rules
menu.

4. Trolls.

This technique is also effective against newsgroup trolls, provided that all
their multiple
handles/email IDs all stem from the same domain, perhaps because they only have
the one ISP
account but adding more is no problem.


5. The recent email 'flood'

The following email rules are currentlly routing virtually all the phoney
"Microsoft Security pack" emails to my deleted items folder.

'Where the message has an attachment' Delete it
'Where the message size is over 80kb' Delete it

To make sure that things like attached photos from your family or friends don't
get zapped by
these, create additional rules which select on the basis of their email IDs (you
can specify
multiple names per rule) and use the 'move the message to the specified
folder' option
(create one or more extra local folders to move them to first).
Add the 'and stop processing more rules' option, save the rule, then move it up
the rules list
so that it is processed before the 'delete-anything-with-attachment' rule.

(In case you were wondering, 'stop processing more rules' means 'don't apply
further conditional tests to *this* message' or 'goto next incoming message
and restart from Rule #1').

If in doubt, uncheck the tickboxes against the blanket-deletion rules and use
the 'Apply Now'
button in the rules menu (browse to and select Inbox to apply them to) after
you've received
mail, logged off, looked through your Inbox contents for attachments you were
expecting and moved
them to another folder.

6. The more joy of bulk-deletion.

That's all there is to it. Only a few mouse-clicks difference between automatic
and manual rule application. All that remains is to empty the deleted items
folder
and you're done. No more hitting the delete key hundreds of times over....




regards,


Mark


 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Phone line blocked after house move R. Mark Clayton uk.telecom.broadband (UK broadband) 9 January 27th 06 08:07 PM
Broadband service blocked by Freeserve proxy LilaDuncan uk.telecom.broadband (UK broadband) 10 June 11th 05 03:12 PM
BT Openworld being spam-blocked Saul uk.telecom.broadband (UK broadband) 7 September 25th 03 11:23 PM
Downloads blocked? Nick Dixon uk.telecom.broadband (UK broadband) 2 August 16th 03 10:22 AM


All times are GMT +1. The time now is 02:37 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2019 BroadbanterBanter.
The comments are property of their posters.