How to find out who's infected.

  • Thread starter Thread starter Chris Berry
  • Start date Start date
C

Chris Berry

I keep getting netsky worm mails in my inbox which afaik means that someone
with my address in their book has unfortunately got the virus.
Is there any way of telling who's infected so I can send them a friendly
mail?
Thanks.
cb
 
from the wonderful person said:
I keep getting netsky worm mails in my inbox which afaik means that someone
with my address in their book has unfortunately got the virus.
Is there any way of telling who's infected so I can send them a friendly
mail?
Click to expand...

Yes. Simplest way (since you don't seem to know about headers etc) is to
sign up for 'www.spamcop.net' and feed the raw text of the message in
there (but it won't let you actually report viruses, just spam. It will,
however, usually do a good job of identifying the ISP of the originator,
which is as close as you can get most times).
 
GSV Three Minds in a Can said:
Yes. Simplest way (since you don't seem to know about headers etc) is to
sign up for 'www.spamcop.net' and feed the raw text of the message in
there (but it won't let you actually report viruses, just spam. It will,
however, usually do a good job of identifying the ISP of the originator,
which is as close as you can get most times).
Click to expand...

I know a little about headers but cannot resolve the sender. Sometimes the
best I can get is an IP address or a domain but there seems to be no way of
identifying the sender properly - other than the spoofed address it was sent
from in the email itself. Well - I believe that's what netsky does anyhow.
I also know about spamcop (which doesn't seem to improve spam/message
ratios) and it provides me with not much more than the same data that I'd
get with a whois/tracert/ping query.
Is there no way to tell who's infected?
cb
 
Chris said:
I know a little about headers but cannot resolve the sender.
Sometimes the best I can get is an IP address or a domain but there
seems to be no way of identifying the sender properly - other than
the spoofed address it was sent from in the email itself. Well - I
believe that's what netsky does anyhow. I also know about spamcop
(which doesn't seem to improve spam/message ratios) and it provides
me with not much more than the same data that I'd get with a
whois/tracert/ping query.
Is there no way to tell who's infected?
Click to expand...

Sometimes you can make a guess if you can work out what link there is
between the apparent sender and someone who might have your e-mail address
in their address book.

I did this once when I got a virus infected message from an Edinburgh based
printmaker. As my sister is an artist in Edinburgh, it didn't take too
much working out. ;-)

That was a lucky one-off however. 99.9% if the time, you're never going to
know.

Tim
 
Chris Berry wrote:
[snip]
I know a little about headers but cannot resolve the sender. Sometimes the
best I can get is an IP address or a domain but there seems to be no way of
identifying the sender properly - other than the spoofed address it was sent
from in the email itself. Well - I believe that's what netsky does anyhow.
I also know about spamcop (which doesn't seem to improve spam/message
ratios) and it provides me with not much more than the same data that I'd
get with a whois/tracert/ping query.
Is there no way to tell who's infected?
Click to expand...

not unless you're their internet provider, no...
 
Chris Berry said in news:[email protected]:
I keep getting netsky worm mails in my inbox which afaik means that
someone with my address in their book has unfortunately got the virus.
Is there any way of telling who's infected so I can send them a
friendly mail?
Thanks.
cb
Click to expand...

Have you traced through the Received headers yet?
 
kurt wismer said:
Chris Berry wrote:
[snip]
I know a little about headers but cannot resolve the sender. Sometimes the
best I can get is an IP address or a domain but there seems to be no way of
identifying the sender properly - other than the spoofed address it was sent
from in the email itself. Well - I believe that's what netsky does anyhow.
I also know about spamcop (which doesn't seem to improve spam/message
ratios) and it provides me with not much more than the same data that I'd
get with a whois/tracert/ping query.
Is there no way to tell who's infected?
Click to expand...

not unless you're their internet provider, no...
Click to expand...

Thanks guys. I'm thinking that there should be soething like this as part of
the service provided by ISP's
cb
 
Back
Top