Forum Moderators: mack
Does this mean that the potential customer has a virus and the virus attaches itself to our Email address? We used to get a ton of emails (valid) from customers and one day we just started getting a ton of "failed messages" and viruses...with only a few valid emails.
Could it be that there is something wrong on our end and can a virus attach itself to our email address on the web without the customer clicking on the email link?
I am perplexed. Has anyone experienced this?
to know if your server is infected ..ftp to it and look in all the folders that run your mail apps ..check all of them by copying them all back to your machine and either going through them by eye ( if you know how to look for virii ..like in a hex veiwer only DONT open what you don't know ) ...
or you can import a free standalone AV from ealaddin .com ( check the site map ) they are way more effective than Symantec etc and use it to check your machine hard drive ..if the mail folders have stick on virii this AV will get it....
there can be many other explanations also ..depends on your config ..
Almost all viruses now spoof the sender, often based on the infected machine's address book, it will email itself to all those addresses, with the attached virus, which will often get caught by various mailservers and get returned to the spoofed sender address as a virus.
Usually this happens in the first few weeks of a new virus's life, although with ones like Klez this pattern didn't slow down for a few months.
The rejected and failed emails are not usually related to legitimate emails, so the drop in real emails is either an illusion based on the much higher number of bad emails, or is actually a drop.
Or you might have the problems that leosghost talks about, although in my experience its usually just a bunch of infected client machines.
Another thing that has been happening, I saw this recently, is that email spiders are crawling websites, getting the email addresses, then sending those to another program that emails out those exact emails you're getting, sort of a self perpetuating virus, using the addresses from your website.
The best protection for this more recent exploit is to run a real spider trap, assuming you have php and not asp, and to protect your email addresses by javascripting them in. Search these forums for those topics and you'll find lots of stuff.
