Leader

Collapse

Announcement

Collapse
No announcement yet.

Annoying Emails

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Annoying Emails

    I keep getting this damn email, 10-15 times a day. The name of the "hiring manager" changes, and somehow they are sending it from my own FH email to myself?? I've changed my password, but yet they still keep sending me this crap from myself to myself????? How can I make it stop?

    Show Full Headers | Printer View | Add Sender To Address Book

    From: <[email protected]>


    To: <[email protected]>

    Subject: hello

    Date: Sat 10-07-2010 06:39 PM


    Attachments
    Name Type Save View
    Message text/html Save
    My name is Tammi TORALES, I am a hiring manager with International Student Exchange Center (EPSEC),
    a non-profit international student exchange organization, specializing in managing exchange programs
    for university and college students from all over the world.

    I would like to offer you a job of an Area Representative with our organization.

    An Area Representative's responsibilities include
    * Distributing of educational materials and grants from our sponsors
    * Preparing materials that will be used for country & state guides for foreign students
    * Working with host families, helping to resolve their issues, responding to their concerns

    Job Requirements
    * 1-2 years of Previous sales experience is required.
    * Previous sales experience in admissions, health club memberships, or personnel placement is preferred.
    * Telephone appointment setting and interviewing experience.
    * Strong communication skills, both on the phone and in person, are required.


    Please note that you will need a PC with Internet connection,
    as well as a working cell phone or a landline to successfully perform as a Student Organization Representative.
    This job would allow you to work from home or office,
    since all your functions will be done through a web-based interface, which can be accessed remotely.

    All employees are provided with free training materials. The starting salary is $31.28 per hour,
    which can be increased depending on your performance level. We offer paid holidays, vacation,
    and education reimbursement for full-time and part-time employees.

    Our work environment is very dynamic.
    Our people are valued.

    Apply today for a rewarding experience in the international education & student exchange industry!

    Please forward your resume along with your contact information to the following email: [email protected]
    Steve
    Proud member of the IACOJ
    SUA SPONTE
    "I've got no respect for any young man who won't join the colors."
    ~Gen. Nathan Bedford Forrest, CSA

  • #2
    Harrassing Email

    SPIPER,

    Thank you for your report. I will forward this on to the appropriate personnel and will get an answer for you ASAP.

    Please accept our apologies and be assured that we will get this issue resolved.

    Your patience and continued support of Firehouse.com is appreciated.

    Firehouse Web Manager

    Comment


    • #3
      Well, a friend of mine showed me exactly how they are doing it.

      No password is needed for sending, only receiving.

      This is what it looks like if I interactively lookup the mail server for firehousemail.com, connect to it, say I'm [email protected] sending an email to myself, and put in a message:

      Code:
      [[email protected] ~]$ nslookup
      > set q=mx
      > firehousemail.com
      Server:         127.0.0.1
      Address:        127.0.0.1#53
      
      Non-authoritative answer:
      firehousemail.com       mail exchanger = 0 sitemail.everyone.net.
      
      Authoritative answers can be found from:
      firehousemail.com       nameserver = ns1.cygnusb2b.com.
      firehousemail.com       nameserver = ns2.cygnusb2b.com.
      sitemail.everyone.net   internet address = 216.200.145.235
      
      
      [[email protected] ~]$ telnet sitemail.everyone.net 25
      Trying 216.200.145.235...
      Connected to sitemail.everyone.net (216.200.145.235).
      Escape character is '^]'.
      220 dm0208.mta.everyone.net ESMTP EON-INBOUND
      HELO pcf2.pculture.org
      250 dm0208.mta.everyone.net
      MAIL FROM: [email protected]
      250 Sender okay
      RCPT TO: [email protected]
      250 Recipient okay
      DATA
      354 Ready
      Subject: This is how they show up as from you.
      Email is fundamentally insecure.
      .
      250 Thanks, queued as [email protected]
      The folks who hacked together what we currently use for email in 1982, replacing even older less capable systems, figured for sure it would be replaced by 1990.

      It's an ancient, fundamentally insecure and insecurable system which is why we have the constant fights against spammers and keep just adding baling wire, duct tape, and bubble gum to it to try and filter out the junk.

      My son who is much more computer savvy than I found this:

      Originally posted by http://www.publicdomainregistry.com/whois-process/


      Search Results - us-epsec.com

      Owner (Registrant Contact)

      Name: Alexey Zhukov
      Company: Beatles Steel
      Address:

      Novopeschanaya 56 8


      City: Moscow
      State: Moscow
      Country: RU
      Zip: 145672
      Tel No: 7 4999433354
      Fax No:
      Email:

      Administrative Contact

      Name: Alexey Zhukov
      Company: Beatles Steel
      Address:

      Novopeschanaya 56 8


      City: Moscow
      State: Moscow
      Country: RU
      Zip: 145672
      Tel No: 7 4999433354
      Fax No:
      Email:

      Technical Contact

      Name: Alexey Zhukov
      Company: Beatles Steel
      Address:

      Novopeschanaya 56 8


      City: Moscow
      State: Moscow
      Country: RU
      Zip: 145672
      Tel No: 7 4999433354
      Fax No:
      Email:

      Nameserver Details

      NameServer: ns1.reg.ru
      NameServer: ns2.reg.ru

      Record Details

      Creation Date: Jul 09 2010
      Expiration Date: Jul 09 2011
      Last edited by SPIPER; 07-11-2010, 01:04 PM.
      Steve
      Proud member of the IACOJ
      SUA SPONTE
      "I've got no respect for any young man who won't join the colors."
      ~Gen. Nathan Bedford Forrest, CSA

      Comment


      • #4
        So, it appears that not only can they send emails to me from myself, but looks like they could send emails to anyone from me. Probably can do this with anyone's Firehousemail email.
        Steve
        Proud member of the IACOJ
        SUA SPONTE
        "I've got no respect for any young man who won't join the colors."
        ~Gen. Nathan Bedford Forrest, CSA

        Comment


        • #5
          It is spamming. You sometimes have went to a site that caught you e mail address and now in turn they are sending you trash, spam and juck.

          Try going into your pc and set a filter or block that e mail address.

          Be careful what you open and go to.

          I never type a site name in my browser but do a search on what I am looking for using maybe some like "LA FIRE" for that FD. Once it locates it then I hit on that link.

          Also in your address book, add something like,

          [email protected]

          or whatever ever your ISP domain is. This will confused a spammer site.
          Stay Safe and Well Out There....

          Always remembering 9-11-2001 and 343+ Brothers

          Comment


          • #6
            Harassing Emails

            SPIPER,

            Unfortunately, there is nothing that Firehouse.com can do other than to tell you as stated above, to block the sender by blacklisting them.

            Firehouse.com is not sending the email and therefore have no control over what others send, virus, etc.

            Again, use caution with what you are opening and we do apologize for any inconvenience this has caused you and do appreciate you bringing this as well as a solution to the other members of our forum.

            We appreciate your continued support of Firehouse.com.

            Firehouse Web Manager

            Comment


            • #7
              I realize FH is not sending them, I now know who is. But in order to block them, I have to block myself since they are essentially hacking fhmail to send these.
              Steve
              Proud member of the IACOJ
              SUA SPONTE
              "I've got no respect for any young man who won't join the colors."
              ~Gen. Nathan Bedford Forrest, CSA

              Comment


              • #8
                Apology

                SPIPER,

                Again, we do apologize and if there is anything Firehouse.com can do to assist you, please do not hesitate to contact us either via the forums or via the Contact us Tab of the website.

                Your continued support is appreciated.

                Firehouse Web Manager

                Comment


                • #9
                  Originally posted by SPIPER View Post
                  I realize FH is not sending them, I now know who is. But in order to block them, I have to block myself since they are essentially hacking fhmail to send these.
                  Odds are they aren't hacking FH at all but just spoofing your email address. The fact that there is a firehousemail address showing doesn't mean that the email originated through FH. You'd need to look at the full headers on one of the emails to see where it actually came from.
                  "Nemo Plus Voluptatis Quam Nos Habant"
                  sigpic
                  The Code is more what you'd call "guidelines" than actual rules.

                  Comment


                  • #10
                    Originally posted by SPIPER View Post
                    So, it appears that not only can they send emails to me from myself, but looks like they could send emails to anyone from me. Probably can do this with anyone's Firehousemail email.
                    FWIW, if this gaping security hole was being used very frequently, FH would have probably been blackholed by now by every major blackhole service and firehousemail would be unusable. That's why I suspect a simpler spoofing explanation rather than one using an exploit at FH.
                    "Nemo Plus Voluptatis Quam Nos Habant"
                    sigpic
                    The Code is more what you'd call "guidelines" than actual rules.

                    Comment


                    • #11
                      In a way, this "gaping security hole" is the same as the spoofing you refer to.

                      SMTP, Simple Mail Transport Protocol, is how emails are generally sent. You send an email via SMTP, to an SMTP server, which sends it along to other mail servers before it finally reaches its destination.

                      Unfortunately, the SMTP way of doing things has no built in security measures. It was not intended for use on an internet where "bad" people exist - it was designed for use on research networks, where there was no reason to spoof or otherwise misuse the protocol. So, when one of these middle servers receives an email, it just passes it on to the correct server, regardless of where it came from. So I can set my email address in Outlook or another mail client (or use something like telnet, which is the code snippet originally posted in here) to anything I want, and send emails from that address. I can't receive them that easily, but I can send an email from anyone.

                      An easy way to block this, is to just block your own email address. Unless you send emails to yourself, from yourself, this won't cause you any problems.

                      Hope that helps,
                      Grecko

                      Comment

                      300x600 Ad Unit (In-View)

                      Collapse

                      Upper 300x250

                      Collapse

                      Taboola

                      Collapse

                      Leader

                      Collapse
                      Working...
                      X