Received this today

Dear user of Ntlworld.com e-mail server gateway,

Some of our clients complained about the spam (negative e-mail content)
outgoing from your e-mail account. Probably, you have been infected by
a proxy-relay trojan server. In order to keep your computer safe,
follow the instructions.

Pay attention on attached file.

For security reasons attached file is password protected. The password is "68320".

Cheers,
The Ntlworld.com team http://www.ntlworld.com (http://www.ntlworld.com)

I haven't opened the attachment.............is this a genuine ntl e-mail

JC

Received this today

Dear user of Ntlworld.com e-mail server gateway,

Some of our clients complained about the spam (negative e-mail content)
outgoing from your e-mail account. Probably, you have been infected by
a proxy-relay trojan server. In order to keep your computer safe,
follow the instructions.

Pay attention on attached file.

For security reasons attached file is password protected. The password is "68320".

Cheers,
The Ntlworld.com team http://www.ntlworld.com (http://www.ntlworld.com)

I haven't opened the attachment.............is this a genuine ntl e-mail

JC




hi and :welcome: to the site , no it isnt genuine , this has been covered elsewhere on this forum somewhere :)

Hello Sparkie and :welcome: to NTHW.co.uk


Can you post the headers for the email here but remember to starr out your email addy before submiting it to the forums.

The full headers will give us all sometehing to work on (and me a chance to add it to the spam filter)

Sorry Kitty
Bit of a newbie

<Can you post the headers for the email here but remember to starr out your email addy before submiting it to the forums.>?

JC

It's password protected so as to defeat any anti-virus software that you have - don't open it!

Sorry Kitty
Bit of a newbie

<Can you post the headers for the email here but remember to starr out your email addy before submiting it to the forums.>?

JC

hiya sparkie

np - assuming you use outlook express ? - right click on the message & choose 'properties', from the drop down menu, in the new window choose the 'details' tab, highlight the text in the window & choose 'edit' 'copy'.

Then in your reply in the forum, 'edit' 'paste' - remember to remove any details personal to you, before submitting the post

e.g.

Return-Path: <text_dispatch_list.UM.A.59.468@UNITY4.mcafee.com>
Received: from mcafee.com ([216.49.81.185]) by mta06-svc.ntlworld.com
(InterMail vM.4.01.03.37 201-229-121-137-20020806) with SMTP
id <20040228082109.JRPD10498.mta06-svc.ntlworld.com@mcafee.com>
for <****@ntlworld.com>; Sat, 28 Feb 2004 08:21:09 +0000
X-Mailer: UnityMail
Originator: <text_dispatch_list@UNITY4.mcafee.com>
Errors-To: <text_dispatch_list@UNITY4.mcafee.com>
X-UnityID: <20040227185717.B1CCYADP7AKACF6UMAIL5.7808109@UNITY 4.mcafee.com>
X-UnityUser: McAfee
X-Mailer-Version: 5.1.182
Reply-To: "McAfee Dispatch" <dispatch@mcafee.com>
From: "McAfee Dispatch" <dispatch@mcafee.com>
To: "****@ntlworld.com" <****@ntlworld.com>
Subject: VIRUS ADVISORY - W32/Bagle.c@MM
Date: Fri, 27 Feb 2004 18:57:17 -0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Thread-Index: AcP9ppMFZmMUuuWXR961XaZ7XRQc7w==
Content-Class: urn:content-classes:message
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Message-Id: <20040228082109.JRPD10498.mta06-svc.ntlworld.com@mcafee.com>

Spakie I use mozilla and if I wanted to see the full headers of an email I would click on view> then headers> all

Or you can use View> message Source.

The headers are like this..

<snip> See homealone beat me :)

Sparkie I use mozilla and if I wanted to see the full headers of an email I would click on view> then headers> all

Or you can use View> message Source.

The headers are like this..

<snip> See homealone beat me :)

the info about Mozilla could be useful:)

i would steer clear of that, anyone that wanted to be half secure would send the password protected file in one email and the password in another.

It's password protected so as to defeat any anti-virus software that you have - don't open it!

good advice - stuartbe had some thoughts on this - missing him tonight, looks like he can only get on at work atm:(

Here's one I received. I would not touch it with a barge pole.

Return-Path: <hu4.29931@newsfep1-win.server.ntli.net>
Received: from Troy ([24.84.105.137]) by mta06-svc.ntlworld.com
(InterMail vM.4.01.03.37 201-229-121-137-20020806) with SMTP
id <20040304040609.CTYC22505.mta06-svc.ntlworld.com@Troy>
for <***********@ntlworld.com>; Thu, 4 Mar 2004 04:06:09 +0000
Date: Wed, 03 Mar 2004 20:09:46 -0800
To: ************@ntlworld.com
Subject: Notify about using the e-mail account.
From: staff@ntlworld.com
Message-ID: <cgonatdfjexegljlpnt@ntlworld.com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="--------yivbacttirawsxkgejia"

A zip file with the password enclosed with it is very wrong, you have no security doing this.
Any reputable ISP would invite you visit part of their site to do a download. No kosher organisation will spam e-mail with so called fixes, ie exe files, zips whatever.
Even if it comes from a known source leave it alone. Check with the source/friend BEFORE opening. Their pc could be infected etc.

:LOL: