shower insights
Wayne Johnson
austin-ghetto-list@pairlist.net
Sun Jul 11 11:06:07 2004
This is a multi-part message in MIME format.
------=_NextPart_000_0017_01C46736.EEF70EC0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Well, I am doing everything I can to foil, fix and irradicate =
viruses...es...es.
wgJ
----- Original Message -----=20
From: Michael Eisenstadt=20
To: austin-ghetto-list@pairlist.net=20
Sent: Sunday, July 11, 2004 11:10 AM
Subject: shower insights
Taking a shower can lead to some insights.
Prior to showering I had poked about in the AGL=20
archives. I saw a number of viruses received. Sometimes,
not always, there is a recognizable subscriber
name just before or after the lines of virus=20
code. For example
From: austin-ghetto-list@pairlist.net (Cadaobh)
To my horror I saw a line of text a few lines above where
some virus code commenced which was the same
as above above except reading (MICHAELE) instead of=20
(Cadaobh) at the end of the line.
I haven't received any viral infected email from AGL
myself but according to my bounce theory, I should have.
So when Harry Edwards and Wayne report that=20
their computers are apparently NOT infected, they
may be correct. How then are they getting a=20
virally infected bounce from AGL? That they are
getting a bounce is indicated by the return
address austin-ghetto-list-admin@pairlist.net
(look for the word admin)
Unfortunately, the maillist software at pairlist.net =20
only looks at the apparent return address of
an email without examining its headers.
So anyone can spoof the email address of=20
an AGL subscriber and post it to the AGL
software and it will NOT be flagged to me
because it is from a subscriber so far as
the software can tell. The software ALSO=20
has a virus detecting applet working. If
it detects a virus it automatically bounces
the email to the address on the top WITHOUT
LOOKING at the headers.=20
So anyone trying to make a mess could
email a virus to the list purporting to come
from Harry Edwards, say. The virally infected
email bounces but not back to its true sender,
but to the spoofed address.
Is there a fix for this?
The only one I can think of at the moment that
I can implement (I obviously cant get pairlist.net
to fix their software) is to put EVERYONE on
the prior review list including myself. I would
have to review every post to see that there is no=20
virus in it (viruses easily identifiable by the lines
of machine language coding).=20
But there would be a lag, a latency if you will,
between the posting and EVERY message=20
getting flagged to me for approval or discard.
Not to speak of my not being glued to the=20
computer 24/7.
So for the moment I will do nothing hoping
that the subscribed kebold (you know who
you are) will get tired of playing his silly
games.=20
------=_NextPart_000_0017_01C46736.EEF70EC0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2800.1400" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#c0c0c0 background=3D"">
<DIV><FONT face=3DArial size=3D2>Well, I am doing everything I can to =
foil, fix and=20
irradicate viruses...es...es.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT> </DIV>
<DIV><FONT face=3DArial size=3D2>wgJ</FONT></DIV>
<BLOCKQUOTE dir=3Dltr=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV style=3D"FONT: 10pt arial">----- Original Message ----- </DIV>
<DIV=20
style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: =
black"><B>From:</B>=20
<A title=3Dmichaele@HotPOP.com =
href=3D"mailto:michaele@HotPOP.com">Michael=20
Eisenstadt</A> </DIV>
<DIV style=3D"FONT: 10pt arial"><B>To:</B> <A=20
title=3Daustin-ghetto-list@pairlist.net=20
=
href=3D"mailto:austin-ghetto-list@pairlist.net">austin-ghetto-list@pairli=
st.net</A>=20
</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Sent:</B> Sunday, July 11, 2004 =
11:10=20
AM</DIV>
<DIV style=3D"FONT: 10pt arial"><B>Subject:</B> shower insights</DIV>
<DIV><BR></DIV>
<DIV><FONT size=3D2>Taking a shower can lead to some =
insights.<BR><BR>Prior to=20
showering I had poked about in the AGL <BR>archives. I saw a number of =
viruses=20
received. Sometimes,<BR>not always, there is a recognizable =
subscriber<BR>name=20
just before or after the lines of virus <BR>code. For =
example<BR><BR>From: <A=20
=
href=3D"mailto:austin-ghetto-list@pairlist.net">austin-ghetto-list@pairli=
st.net</A></FONT><FONT=20
size=3D2> (Cadaobh)<BR><BR>To my horror I saw a line of text a =
few lines=20
above where<BR>some virus code commenced which was the =
same</FONT></DIV>
<DIV><FONT size=3D2>as above above except reading (MICHAELE) instead =
of=20
</FONT></DIV>
<DIV><FONT size=3D2>(Cadaobh) at the end of the line.<BR><BR>I haven't =
received=20
any viral infected email from AGL<BR>myself but according to =
my bounce=20
theory, I should have.<BR><BR>So when Harry Edwards and Wayne report =
that=20
<BR>their computers are apparently NOT infected, they<BR>may be =
correct. How=20
then are they getting a <BR>virally infected bounce from AGL? That =
they=20
are<BR>getting a bounce is indicated by the return<BR>address <A=20
=
href=3D"mailto:austin-ghetto-list-admin@pairlist.net">austin-ghetto-list-=
admin@pairlist.net</A></FONT></DIV>
<DIV><FONT size=3D2>(look for the word admin)<BR><BR>Unfortunately, =
the maillist=20
software at pairlist.net <BR>only looks at the apparent return =
address=20
of<BR>an email without examining its headers.<BR><BR>So anyone can =
spoof the=20
email address of <BR>an AGL subscriber and post it to the =
AGL<BR>software and=20
it will NOT be flagged to me<BR>because it is from a =
subscriber so far=20
as<BR>the software can tell. The software ALSO <BR>has a virus =
detecting=20
applet working. If<BR>it detects a virus it automatically =
bounces<BR>the email=20
to the address on the top WITHOUT<BR>LOOKING at the headers. =
<BR><BR>So anyone=20
trying to make a mess could<BR>email a virus to the list purporting to =
come<BR>from Harry Edwards, say. The virally infected<BR>email bounces =
but not=20
back to its true sender,<BR>but to the spoofed address.<BR><BR>Is =
there a fix=20
for this?<BR><BR>The only one I can think of at the moment that<BR>I =
can=20
implement (I obviously cant get pairlist.net<BR>to fix their software) =
is to=20
put EVERYONE on<BR>the prior review list including myself. I=20
would</FONT></DIV>
<DIV><FONT size=3D2>have to review every post to see that there is no=20
</FONT></DIV>
<DIV><FONT size=3D2>virus in it (viruses easily identifiable by the =
lines<BR>of=20
machine language coding). <BR><BR>But there would be a lag, a latency =
if you=20
will,<BR>between the posting and EVERY message <BR>getting flagged to =
me for=20
approval or discard.<BR><BR>Not to speak of my not being glued to the=20
<BR>computer 24/7.<BR><BR>So for the moment I will do nothing =
hoping<BR>that=20
the subscribed kebold (you know who<BR>you are) will get tired of =
playing his=20
silly<BR>games. </FONT></DIV>
<DIV><FONT size=3D2></FONT> </DIV>
<DIV> </DIV></BLOCKQUOTE></BODY></HTML>
------=_NextPart_000_0017_01C46736.EEF70EC0--