Home
News
Support
Download
Glitches
SPAM
E-Mail Settings
E-Mail Warnings
Spyware info
Antivirus
High Speed
PC Cleanup
New PC
Music Download?
Wireless Routers
Got A MAC?
Speed Test
Hard Drives
Rates
Mission
Company Profile
ComSouth Goals
Recycle that Old PC
Contact us

E-Mail Virus', Spyware and Identity theft Alert !!!

Please note the rapid increase of E-Mails that include but not limited to:

New this week... 8-20-2007 ... I saw 3 of these come in tonight
Do Not click on the IP addresses in this E-Mail ... delete it FAST!

Welcome,

Here is your membership info for (Varies).

Account Number: 73188999 (Varies)
Login ID: user8036 (Varies)
Password ID: xo175 (Varies)

Please keep your account secure by logging in and changing your login info.

Click on the secure link or paste it to your browser: http:// Varies IP

Thank You,
Technical Services
(Varies)

 

A postcard for you.  Or a greeting card and a link to click on to retrieve it.
Many of these have legitimate sounding names; Hallmark, etc ...
DO NOT click on the links, they could be potentially dangerous, delete the E-Mail.

Note: Postini has been catching a number of these, however your notification may
be sending notices to you as fast as the virus.  To fix this you can log into Postini and
go to Virus settings, at the bottom of the page change the frequency of notifications.
Example Below:

Notifications When you receive a virus-infected email, you can set the frequency of the notifications.
 
 

Huge Spam Spike in Progress
A massive spam blast this week--loaded with PDFs that tout stock opportunities
shows no sign of abating, a security company says. Gregg Keizer, Computerworld

An Attachment with a PDF or a ZIP file ... names that make no sense and not from anyone you know.
If they are from someone you know, check and see if they knowingly sent that item.
It has been proven that PDF's and ZIP's can contain embedded virus' ... delete them.

A number of "Banks" including Regions, North Fork, Etc. ... wanting you to complete some form.
This is blatant identity theft and should be deleted.

Storm Worm Linked to Spam Surge
Malevolent--and prolific--Storm worm is releasing huge quantities of spam.

 

Understanding Mail Delivery Errors

If you send an e-mail that for some reason can't be delivered, either our mail server or the mail server where the error occurred sends a mail delivery error report back to you. Some of these error reports are pretty cryptic, so we receive a fair number of "Why did my mail bounce back?" questions.

Let's look at some of the most common mail delivery error reports and try to decipher what they mean. If you receive a mail delivery error report not shown below, can't figure it out, and want to know what it means, forward it to ispadmin@comsouth.net for interpretation.

WARNING: Don't be fooled by phony mail delivery error reports! If you receive one that claims to be from "postmaster@comsouth.net" or "postmaster@mail.comsouth.net", it is a fake that may carry a virus. Mail delivery error reports originating from comsouth.net's mail system always show "Mail Delivery Subsystem <MAILER-DAEMON@mail.comsouth.net>" on the "From: " line, never "postmaster".

Almost all mail delivery error reports begin with something like the following: 

   ----- The following addresses had permanent fatal errors -----
<JDOE@HOME.COM>

That tells you that your mail to the specified address could not be delivered. It may also tell you whether the error is a "permanent fatal error" (one which makes it impossible to deliver the message) or a "transient non-fatal error" (just a temporary setback, and the mail server will keep trying).

A more complete description of the problem is usually next, in a section labeled "Transcript of session follows". Below are the more common ones, each followed by an explanation. These are taken from actual delivery error reports, but the usernames have all been changed to "jdoe" to protect the privacy of the actual addressee.

The examples below are all mail delivery error reports generated by Sendmail, the predominant mail server software on the Internet. Error reports generated by other mail server software (QMail, Postfix, Microsoft Exchange, or whatever) may look different, but will contain the same basic information.

User Unknown

   ----- The following addresses had permanent fatal errors -----
<JDOE@HOME.COM>
    (reason: 550 5.1.1 <SBEMIS1@HOME.COM>... User unknown)

   ----- Transcript of session follows -----
... while talking to mx-rr.home.com.:
>>> RCPT To:<JDOE@HOME.COM>
<<< 550 5.1.1 <JDOE@HOME.COM>... User unknown
550 5.1.1 <JDOE@HOME.COM>... User unknown

Instead of "user unknown", you might see "unknown user", "invalid recipient", "not a valid user", "mailbox unavailable", "not known here" or something else expressing the same idea.

In this example our mail server tried to deliver the message to the mail server at home.com, but the home.com mail server refused to accept it because they have no user known as "jdoe". This could be because the username part of the address (jdoe) was typed incorrectly, or because the "jdoe" account at home.com expired or was cancelled, or because you were trying to reply to a message sent out under a falsified address. In rare cases it can indicate a mail system failure at the remote site.

What you should do:
Confirm the intended recipient's address, if possible. Resend your message to the corrected address.

Host Unknown

   ----- The following addresses had permanent fatal errors -----
<JDOE@SWITCHGRASS.NET>

   ----- Transcript of session follows -----
550 5.1.2 <JDOE@SWITCHGRASS.NET>... Host unknown (Name server:
mail.switchgrass.net.: host not found)

This means that our mail server was not able to locate the mail server for switchgrass.net (mail.switchgrass.net) in the Internet's domain name service (DNS). If the target system can't be found in the DNS, then our mail server can't connect to the remote mail server to deliver your message.

Most "host unknown" errors are caused by a typo in the domain name part of the intended recipient's address, but an increasing number of "host unknown" errors are the result of trying to reply to junk mail (spam). This is because the "From:" address on junk mail is almost always bogus. Where the address is typed correctly and is a real one, the problem is usually a temporary failure in DNS.

What you should do:
Confirm the intended recipient's address, if possible. Resend your message to the corrected address.

Mail Quota Exceeded

   ----- The following addresses had permanent fatal errors -----
<JDOE@JUNO.COM>

   ----- Transcript of session follows -----
... while talking to c.mx.juno.com.:
>>> RCPT To:<JDOE@JUNO.COM>
<<< 552 <JDOE@JUNO.COM>... Mail quota exceeded
554 <JDOE@JUNO.COM>... Service unavailable

Many systems impose a quota on the amount of disk space each user's mail box may use. If a user on such a system exceeds his quota the mail system refuses to accept any more mail for him.

The error message returned from some systems may look a bit different, like this one from America Online: 

The mail you sent could not be delivered to:
552 jdoe@aol.com has a full mailbox

Or this one from HotMail: 

<<< 552 Requested mail action aborted: exceeded storage allocation
554 5.0.0 <JDOE@HOTMAIL.COM>... Service unavailable
What you should do:
Give the intended recipient time to clean out his/her mailbox, then resend your message.
Note:
comsouth.net does impose a 2 Meg limit on customers' mailboxes. If a customer's mailbox becomes grossly oversized he/she will receive e-mail from the System Administrator ( ispadmin@comsouth.net ) requesting that it be reduced in size. A chronic offender may have his/her incoming e-mail blocked for a period of time.

Message Exceeds Maximum Size

   ----- The following addresses had permanent fatal errors -----
<JDOE@RESPONSE.ETRACKS.COM>
    (reason: 552 5.2.3 <JDOE@comsouth.net>... Message size exceeds fixed
    maximum message size (80000))

   ----- Transcript of session follows -----
... while talking to response.etracks.com.:
>>> MAIL From:<JDOE@comsouth.net> SIZE=222751
<<< 552 5.2.3 <JDOE@comsouth.net>... Message size exceeds fixed maximum message size (80000)
554 5.0.0 <JDOE@RESPONSE.ETRACKS.COM>... Service unavailable

On many systems the mail server is configured to reject large messages. In the past this was usually done to conserve disk space on the mail server. These days, with an increasing number of maturity-challenged Internet users thinking it is "kewl" to clog up other people's mailboxes with huge junk file attachments, it is often used to prevent users' mailboxes from overflowing their quotas due to stupid childish pranks.

The number in parentheses (80000 in this example) is not always present, but if it is it shows the per-message size limit imposed by the remote mail system, expressed in bytes.

 

What you should do:
The only solution is to shorten the message and try again. In many cases this means deleting the multi-megabyte file attachment you're trying to send to someone who probably doesn't want it anyway.
Note:
Normally the comsouth.net mail system is configured to reject messages larger than 5 MB, but we reserve the right to change the size limit at any time as required by prevailing conditions.

Delivery Deferred, Will Keep Trying

    **********************************************
    **      THIS IS A WARNING MESSAGE ONLY      **
    **  YOU DO NOT NEED TO RESEND YOUR MESSAGE  **
    **********************************************

   ----- The following addresses had transient non-fatal errors -----
<JDOE@SONNENSHEIN.COM>

   ----- Transcript of session follows -----
<JDOE@SONNENSHEIN.COM>... Deferred: Connection refused by sonnenshein.com.
Warning: message still undelivered after 4 hours
Will keep trying until message is 5 days old

If you see a banner similar to this at the top of a mail delivery error report, it means delivery of your message failed due to a transient (temporary) error. The actual error could be any of a number of things.

What you should do:
Do nothing! The banner means EXACTLY what it says: you DO NOT need to resend your message. Our mail system will keep trying once per hour until delivery succeeds or until five days elapse, which ever happens first. If after five days the message still can't be delivered, you'll get another error message like the following example.

Message Could Not Be Delivered For Five Days

   ----- The following addresses had permanent fatal errors -----
<JDOE@SONNENSHEIN.COM>

   ----- Transcript of session follows -----
<JDOE@SONNENSHEIN.COM>... Deferred: Connection refused by sonnenshein.com.
Message could not be delivered for 5 days
Message will be deleted from queue

Our mail server kept trying once an hour for five days but was still unable to deliver the message, so it gave up trying.

What you should do:
Write a letter, make a phone call, send a FAX. You can resend your e-mail if you want to, but if the intended recipient's mail server couldn't be reached for five days on the first attempt, it probably won't be reachable on the second attempt.

Sender Domain Not Found

   ----- The following addresses had permanent fatal errors -----
<JDOE@AOL.COM>

   ----- Transcript of session follows -----
... while talking to b.mx.aol.com.:
>>> MAIL From:<JDOE@BCLP.NET>
<<< 550 <JDOE@BCLP.NET>... Sender domain not found in DNS
550 <JDOE@AOL.COM>... Service unavailable

In an attempt to stem the flow of spam e-mail into their systems, many mail systems reject messages where the domain name part of the sender's address (the part after the "@") cannot be found in the DNS. This is effective against some spam because spammers often send out their mass mailings under phony addresses.

However it also turns away messages from legitimate senders whose e-mail addresses are incorrectly entered in their mail programs. In the example above comsouth.net customer "jdoe" tried to send a message to jdoe@aol.com. However, comsouth.net's John Doe mistyped the domain name part of his address as "bclp.net" instead of "comsouth.net"when he set up his mail program. The AOL mail system couldn't find a domain called "bclp.net" in the DNS, so it rejected the message.

This will also block mail from legitimate senders who intentionally alter their e-mail addresses in their own anti-spam efforts ("jdoe@comsouth.net.NOSPAM", for example).

What you should do:
Go into your mail program's setup and make sure your e-mail address is entered correctly, then resend your message.

Possible Virus

   ----- The following addresses had permanent fatal errors -----
<JDOE@MEDIAONE.NET>
    (reason: 553 5.0.0 Possible virus, see
http://www.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html)

   ----- Transcript of session follows -----
... while talking to ndmls01.mediaone.net.:
>>> DATA
<<< 553 5.0.0 Possible virus, see
http://www.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html
554 5.0.0 <JDOE@MEDIAONE.NET>... Service unavailable

Some mail systems filter out messages that seem to contain viruses. If you receive a delivery error message similar to the one above, it may mean your PC has a virus infection and may be sending out virus-infected e-mail.

What you should do:
Check your computer for virus infections, and remove any that are found. comsouth.net recommends that all PCs with Internet connections should have anti-virus software installed. If you already have anti-virus software, make sure you know how to use it, make sure it is configured to scan files as they are downloaded, and make sure you keep its virus description database up to date.

Delivery Errors For E-Mail You Did Not Send

You may occasionally receive e-mail delivery errors for messages you know you didn't send. The most common reason for this is your address is in someone else's machine that is infected with a virus and it is sending out as if it is you.

 

As always, make sure your Antivirus is up to date, Spyware removal tools installed, pay attention to E-Mail, don't get fooled.  And don't' be a "Forwarder"

 

[Home] [News] [Support] [Download] [Glitches] [SPAM] [E-Mail Settings] [E-Mail Warnings] [Spyware info] [Antivirus] [High Speed] [PC Cleanup] [New PC] [Music Download?] [Wireless Routers] [Got A MAC?] [Speed Test] [Hard Drives] [Rates] [Mission] [Company Profile] [ComSouth Goals] [Recycle that Old PC] [Contact us]

Send mail to tomdawson@comsouth.net with questions or comments about this web site.
Copyright © 2007 ComSouth Computer Services
Last modified: 02/11/08