Am I a Spam Zombie?

ReallyCurious asks: "Recently, I've noticed a lot of junk email in my inbox reporting 'Mail delivery failure' or 'Undeliverable'. Some of these had documents attached, so I figured this was just a worm variant. But these messages keep coming. I worry that my machine has been turned into a 'Spam Zombie'. I don't see any suspicious processes running, but maybe it only runs for a few seconds, and at irregular times. I run a Windows 98 laptop, sometimes wirelessly connected to broadband (a few hours a day, on average), but I had to remove my virus software years ago because it was locking my system up, so I'm wide open. I've tried to be a good citizen and have been shopping for new virus software, but prices are running $40-$70, and most of these are just for upgrades (not even counting the mandatory 'subscriptions')! Is there an open or free virus fighting solution that's reliable and available for Windows? I'd be happy to run it ASAP."

No

[sa3]

The bounces you're getting are from other spam using you as the From address. Spam sent from your machine would have random addresses not necessarily your own. But you might still have a trojan running that could be used to send spam so you should check.

Why?

What makes you think you're going to get delivery failures for outgoing spam? If you're a spam zombie, I doubt it is going out with your email in the from: field.

eh

[doofusclam]

Why not run a free firewall and watch for any alerts that something is trying to connect to the internet? Zonealarm will do fine.

If you're a bit more techie you can use winpcap or similar to capture the traffic.

There's no excuse to be wide open. You'll soon do something about it when your ISP wakes up to the problem and cuts you off. I appreciate how people can get caught inadvertantly by malware (I was hosting a trojan for a few hours last week inbetween upgrades) but I don't appreciate you leaving it this long, then asking slashdot when it's plainly obvious what you need to do.

Cheers.

Re:Another stupid ask slashdot

[feidaykin]

Elitist attitudes like this are always amusing to me... Requests for this guy to search google don't answer his question... He wants to know what we, a group of tech savvy folk, recommend. It's harder for google to answer that directly than a simple ask slashdot. To all the moaners out there, stop reading Ask Slashdot or just stop reading the site alltogether. Questions like these are how people learn, and serve as starting point for disscusion here.

We should never insult folks for asking "stupid" questions, but rather admire the courage it took to ask.

Re:Well...

[walt-sjc]

Exactly. Email worms and spammers frequently forge the sender. The problem is clueless mail adminitrators that configure their mail relays to accept mail to anyone (even unknown users) and then generate a bounce message when it can't be delivered (user unknown...) All scanning (spam and AV) and user verification really needs to be performed at initial SMTP reception and not after the fact.

Unfortunately, older versions of Exchange are stupid in this respect, and accept pretty much anything. I believe you even have to specifically configure the newer versions of exchange too to behave correctly (someone correct me if I'm wrong here... I no longer use exchange, just read about how 2003 works...)

IMHO, if you are running an older version of exchange without a good Unix relay in front of it that can do all this validation and scanning for you, you are a big part of the problem.

I don't get it....

[Apreche]

OK. I'm a dual booting guy. Obviously my linux, which I use mostly, has no problems. However, my windows install also has no problems. I only got a virus once ever because after a clean XP install a worm got to me before I got to windowsupdate.

The point is that you do NOT need anti-virus software. Anti-virus anti-spyware software should be used only to cleanup already busted systems. Your system cannot be infected if you take proper care to prevent it. Even if you are running windows on a cable modem all day.

1) NEVER download an e-mail attachment.
2) Use Firefox instead of IE.
3) Use Thunderbird instead of Outlook
4) Do NOT visit untrustworthy websites
5) Do NOT download any software from the internet and install it. Even if it looks trusty from tucows or download.com do a google search to see if it it spyware first.
6) Have a firewall like zone alarm or sygate, or better have another computer between you and the net with a firewall on it. Or have a hardware firewall. Proper network level security keeps the worms out almost guaranteed.
7) If you have wireless lock it down. You don't want a drive by person to start sending spam out your pipe.
8) DO get all the windows updates that are security fixes. The ones that aren't security fixes you can choose to get or not get at your own discretion.

If you do those things then there is almost no way you can get hit. It's really that simple. And if you DO get hit, its usually easier to re-install due to the degrading nature of windows. Any windows install, even a clean one, falls apart over time. The registry fills with more and more junk. Improperly uninstalled apps leave files behind here and there. Hidden variables change and are not changed back. Even the cleanest installs seem to last at most 18 to 24 months except in very controlled business environments.

Dont pay for anti-virus software, its a ripoff. Just re-install and then take proper preventative measures so it doesn't happen again.

Re:I don't get it....

[R2.0]

"Microsoft have released three (3!) major desktop operating system revisions since then"

Windows ME: Oh, it was major, alright - a major failure. The "Upgrade" path at the time was to revert Back to 98SE.

Windows 2000: Remember, this was marketed as "not for home use". That was what ME was for. 2000 wouldn't support many legacy apps.

So there has really only been 1 major desktop OS revision that is relevant, and given XP's poor rep, there are plenty of reasons not to upgrade.

Also, the comparison between then and now isn't valid. A large number of the exploits now target services in 2000 & XP that 98 doesn't have.

98 certainly isn't state of the art, but I don't know that I'd call 2000 or XP that either. Your most compelling argument seems to be "98 is OLD!!"

BFD.

Question: Am I a spam zombie

[PhysicsGenius]

Answer: You are running Windows98 unprotected.

So...duh.

Re:maybe not.

[mbourgon]

Why is he owned if he uses 98? My impression has been that 98 is _safer_ - WinNT/2k/XP all have all these fun services that can be exploited, where 98 doesn't. Granted, if you run IE or the like all bets are off.

Or is there something I'm missing?

No anti-virus software? Then stay off the net!

[fmaxwell]

I run a Windows 98 laptop, sometimes wirelessly connected to broadband (a few hours a day, on average), but I had to remove my virus software years ago because it was locking my system up, so I'm wide open. I've tried to be a good citizen and have been shopping for new virus software, but prices are running $40-$70, and most of these are just for upgrades (not even counting the mandatory 'subscriptions')!

If you have a Windows 98 machine with no anti-virus software, then stay off of the Internet. Period. You have no right to endanger and inconvenience others just because you're too cheap/poor to buy anti-virus software and too computer-illiterate to type "free antivirus software" into Google (hint).

It reminds me of someone with 20/200 vision operating a car without glasses because glasses cost too much. "Oops! Sorry about your poodle! Didn't mean to run over your kid; sorry. Uh oh, hit another parked car."

Re:Early retirement

[theonetruekeebler]

Dude, Given my current valid/invalid ratio is below .01 already, any mail bombs will just be bouncing the rubble.