Jump to content
Sign in to follow this  
geofan49

Report a Virus -- How?

Recommended Posts

Specifically, HOW can a virus be reported?

Actually, it would be the email that contained the virus that could be reported. It would be reported the same way as any other spam is, submitting it via the paste in box or forwarding as attachment. Please be careful how you handle the virus though as you would not want to infect your own system.

Share this post


Link to post
Share on other sites
Actually, it would be the email that contained the virus that could be reported. It would be reported the same way as any other spam is, submitting it via the paste in box or forwarding as attachment. Please be careful how you handle the virus though as you would not want to infect your own system.

So, if I use Yahoo mail, and I am simply doing the "Forward as Attachement" is that sufficient to report a virus?

I see that forwarding from Yahoo normally includes any attachment.

Share this post


Link to post
Share on other sites

Extracted from a Topic in the "How to use ..." Forum section .. moved to the Reporting Help section ...

Whn you sort it out, care to write up a tutorial to explain it to the next person with the same question?

PM sent to advise of the action ...

Share this post


Link to post
Share on other sites
<snip>

I see that forwarding from Yahoo normally includes any attachment.

...As I understand it, the default forwarding action for a Yahoo!Mail account (at least for a free US account) is to forward as in-line text, not forward as attachment. Forward as attachment would be the method you would have to use for SpamCop.

...Good luck!

Share this post


Link to post
Share on other sites
...As I understand it, the default forwarding action for a Yahoo!Mail account (at least for a free US account) is to forward as in-line text, not forward as attachment. Forward as attachment would be the method you would have to use for SpamCop.

I just tried my free Yahoo account for the first time in a while and the forward button is now a pulldown that offers both options, in-line and as attachment.

Share this post


Link to post
Share on other sites

You can also go into your options and change the default to "Forward as Attachment" that is what I have mine set at since the only thing that gets forwarded from my Yahoo account is spam to spamcop.

Share this post


Link to post
Share on other sites
You can also go into your options and change the default to "Forward as Attachment" that is what I have mine set at since the only thing that gets forwarded from my Yahoo account is spam to spamcop.

Yeah, that is how I have been using SpamCop since day one with Yahoo web mail client. Works great! Too bad that method does NOT work with GMAIL, must copy and paste the email into the SpamCop webform, forward GMAIL does not work... with SpamCop...

My question is, if I do the "Yahoo forward as attachment", and that attachment incudes the virus attachment, will the virus get reported too?

Share this post


Link to post
Share on other sites
... My question is, if I do the "Yahoo forward as attachment", and that attachment incudes the virus attachment, will the virus get reported too?
If I understand the question correctly - "yes", the viral attachment simply shows as a code area in the message body and is ignored by the parser (there should be a comment in the parse to that effect). No harm is done in the process, the sender is reported - and reporting virus senders is OK within SC guidelines (though not spam by many definitions). You would need to submit the email (or the viral part of it) for testing by an anti-virus application to get any detail about the virus itself, which is separate from SC reporting. One tool for that is mentioned in VirusTotal, Multiple AV scanner

Share this post


Link to post
Share on other sites
Specifically, HOW can a virus be reported?

I review my email in Mailwasher to delete spam before opening it with my mail program, so viruses just show up as in-line text, and my filters recognize the executable file types and flag the emails. I like to track down the sending system and contact the system administrator myself (unless it is some foreign IP # whose owner could not possibly have my email address for any legitimate reason). I truncate the virus after the first few lines and add "[snip]" so they can see it was a virus.

I think it is important enough to try to stop viruses, and presumably these viruses are being addressed to me by finding my email address in the address book of the victim, so it may well be someone I know. Also, I often have to mail back and forth a few times with admins who are clueless enough to try to say it didn't come from their system because the forged return address is not their ISP's domain.

Share this post


Link to post
Share on other sites
I often have to mail back and forth a few times with admins who are clueless enough to try to say it didn't come from their system because the forged return address is not their ISP's domain.

You should have to have a license to operate a mail server. I encounter WAY to many admins that use exactly that response and have to have their hand held through the process of actually reading mail headers.

Share this post


Link to post
Share on other sites
You should have to have a license to operate a mail server.

Most commonly, I see it when it is an elementary or high school domain. I imagine the technology teacher is stuck with the job of running their mail server.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×