Posted on 06/10/2006 7:59:10 AM PDT by FarmerW
It is still a good idea to check out your computer with a anti-spyware, anti-viral software package, but from what you've described, the most likely culprit are international spammers who are sending the emails from their own computers.
All that's needed to send out spam is an SMTP server. These are the equivalent of mail carriers. Once a message is accepted by an SMTP server for delivery, it is sent on its way to the destination address. If delivery should fail, the SMTP network returns the failed letter to the return address instead of to the point of origin.
A person with a tech background could look at the bounced messages and trace the message back to the point of origin. You could to.
1) Open your mail client.
2) Find one of the bounced messages.
3) Highlight the message by clicking on it once.
4) Right-click on the message, or if you're using a Mac with a one button mouse, Control-Click on the message.
5) You want to view all the message headers, so select from the pop-up menu the option most likely to show you the complete message headers. The message headers are normally invisible when reading your email, but they contain the routing information for a message.
6) Once the message is expanded, and you're viewing the message headers, look for information indicating the point of origin. It will sometimes look like this:
Received: from the-spammer.smtp-server.com (the-spammer.smtp-server.com [555.555.555.555]) by your-email-server.your-isp.com (8.13.4/8.13.4) with ESMTP id k4OEkVG3013134 for (your-email@your-isp.com); Wed, 24 May 2006 09:46:42 -0500
With most spammers, the best you'll be able to do is track it to the SMTP server they used to send the email from. There are a number of these email servers that strip out the point of origin, or allow a local account connection so that the point of origin appears to be the email server.
However, if the spammer uses a commercial server to send their message, the message will contain more than one "Received:" tag, and the second one should note the point of origin, as an IP address. The IP address can be compared against your external IP address to see if you were the point of origin, or if you want to locate the original sender, using a traceroute program (Google: traceroute), then you can narrow down the sender to the city of origin, node, and ISP. Of course, the sender might be a slave machine that the spammer hacked, and may not be the spammer but is instead a tool, at which point tracking the spammer beyond that point would require either hacking the machine yourself, or getting the ISP that machine is hooked up to to do the trace back on connections into the machine.
But I hope this gives you a picture. You could probably also try and google information on tracing emails to their point of origin.
This is common, and it is no fault of yours nor is it any problem of your computer nor of Earthlinks. Just delete the messages. Nothing useful you can do about them nor learn from them.
Now as to whether there is a virus on your computer, that's an entirely separate question, regarding which this spam provides no clue, either for or against.
The feds really ought to be cracking down more heavily and applying the various existing laws against computer cracking (explicitly extended, if necessary, to include any deliberate attempt to evade mail filtering).
A Router is a magical device.
A Router 'appears' to your ISP to be an ordinary PC; however your Router is SMART! It can 'hang' about 125 PC's and TV (if you are wi-fi capable) on to a single broadband connection. The Router will 'pretend' to be your PC, or a generic PC; while it does this, it assigns your PC a unique address. There are trillions of address possibilities out there, your Router will automatically negotiate with your PC which ONE address it will use, and when it will change it. You are now a moving target, 'hiding' behind your router. So, now a virus must not only know your IP's assigned address to your house, it must guess which one of a trillion possible addresses is really 'you'.
Sometimes you get incomplete data transmissions. Depending upon the Router (Make and model #) the Router will monitor the data stream, and disgard and automatically request a re-transmit on bad packets when they are received.
To make matters even more complex for the hacker, your router knows which of ~125 PC's that it can hide, are which. So, you can have your wife and kids all surfing, emailing or playing network games at the same time. To your ISP, it looks like a busy PC; as they will not 'see' you.
Now, your Router 'knows' who you are talking to; and especially knows who you are 'NOT' talking to. The Router will automatically drop an unsolicited request to your PC. If you surf to Freerepublic.com; the router knows that any incoming web pages are requested by you. If Iamavirus.com sends you some info; the Router doesn't even acknowledge that the message was trashed, it simply trashes the message. This means that the source gets the same response from running up against a router, as if he tried to attempt to address a machine that simply wasn't there.
Everything Firewall software attempts to do, a Router does automatically. Even better, a Router does this faster; because this is exactly what a Router was designed to do.
This means, your PC software firewall (Norton, Black Ice, Defender, ect) is completely frivilous. What's more, the Router will not bog down your PC as it sniffs through each and every message sent upsteam or downstream. Your download speeds will be MUCH (very noticably) faster with a Router; than using your CPU to emulate what a Router does, while running real software.
Routers are cheap; and you can get them at WalMart, RadioShack, Office Depot, Costco, Sams, Target, Best Buy, Circuit City or any PC shop. If you are running wireless; then you are going to be talking a few more bucks; but if you are simply connecting into an ethernet jack on the back of your cable modem; you can pick up ANY brand of Router for around $25-30. At this point, they all do the same thing, and the difference in performance between the $200 Router and the $25 Router is going to require lab equipment to measure. Brands that are popular include NetGear, Linksys, Buffalo, Motorola, SMC or D-Link. There are others, but considering that there are 3 primary chip-sets that are mass produced; each of these is using one of those 3 chipsets. You can pay more if you want; however I can't think of a single reason why you would want to.
A rule of thumb - Especially if you have broadband. Having Broadband and not using a Router is not only dangerous, it's very foolish. Would you drive or buy a house without insurance? You use your PC for taxes, finances and purchasing goods online. Do you want this information protected? Protection doesn't get a whole lot more robust than what a Router in conjuction with some decent virus/spyware software will do together.
Thanks for this info. A bit belated, but much appreciated.
Bought a Linksys today
Good for you; you just made your PC about 10,000,000x harder to infect.
It can still be done; but now getting infected requires user participation. Opening an email attachment, or running a program; stuff like that.
Prior to the router, you can get infected by 'bots' that simply scan and dump their payload to randomly generated IP addresses. Your router will take care of this.
PS. Now your wife/kids can all jump on the internet with you, X-Box games, surfing, email all while you hang at FreeRepublic.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.