How to connect to Gmail/Googlemail via POP3 and IMAP using an email client. This information is easily available via the Gmail/Googlemail website, and is here really for our ease of access. :)

POP3

POP server: pop.gmail.com
Port: 995
Require SSL: Yes

User name: <your full Gmail/Googlemail email address>
Password: <your Gmail/Googlemail password>

We've been providing spam filtering on our email service for some time, ensuring that you never even see 95% of the unsolicited messages that are sent to your mailbox. Unfortunately it's hard to block all the spam without accidentally blocking ligitimate email too, so a small amount of spam will always get through. This article looks at how you can sort most of this spam into a separate "Junk" folder.

From: serv@elamex.com [mailto:serv@elamex.com] 
Sent: None
To: xxxx@xxxxx.com
Subject: Mail server report.

Mail server report.

Our firewall determined the e-mails containing worm copies are 
being sent rom your computer.

Nowadays it happens from many computers, because this is a 
new virus type (Network Worms).

Using the new bug in the Windows, these viruses infect the 
computer nnoticeably. 
After the penetrating into the computer the virus harvests 
all the e-mail addresses and sends the copies of itself to 
these e-mail addresses

Please install updates for worm elimination and your computer 
restoring.

Best regards,
Customers support service

I had to admit it made me chuckle, a customer asked me what it was. My reply was something along these lines.

E-mail File Attachments Size Limit

The largest piece of e-mail that you can send or accept from the Internet is 16 megabytes (MB). This includes the message text, headers and the attachment combined.

If the file you are trying to transfer exceeds 16 MB, you will need to either compress the file or split it into smaller parts.

If you attach multiple files, they will be zipped (compressed) into a single file by the AOL® software before they are sent out.

Emails can loop. As both sender and the recipient have their out-of-office turned on, but both are sending emails anyway. One party sends a message which triggers the others out of office which bounces back and triggers theirs. The error message is not sent until the out-of-office is turned off otherwise another loop would occur.

Some errors are replies to Spam emails that have been sent the out-of-office message. The spam had an incorrect or fake reply-to address and when the out-of-office message is returned to the fake address that email server sends out an 'unknown' or 'failed' back to you.

Automatic email warning messages from anti-virus systems, mail servers and mail gateways or simply people reporting that someone else receare generating 'false alarms'.

False Alarms

There are several types of message that are causing false alarms:

• Cleaned versions of a real virus - automatic anti-virus systems let 'cleaned' virus messages through.
• Error reports about viruses that fake the sender's address - can get sent back to the wrong person.
• False Undeliverable mail messages - if the senders address is faked - undelivererd mail will be mis-returned.

False Error Reports

Many of the current email viruses/worms fake the 'senders name', making the virus appear to come from somewhere other than its actual source. This is designed to mislead 'virus investigators' and anti-virus programs. And it does - causing false alarms to be sent out.

Example Report:

_____________________________________________

The MessageLabs SkyScan Anti-Virus service discovered a possible virus
or unauthorised code (such as a joke program
or trojan) in an email sent by you.

The email has now been quarantined and was not delivered.

Please read the whole of this email carefully. It
explains what has happened to your email, which suspected
virus has been caught and what to do if you need help
addressing the problem.

To help identify the quarantined email:

The message sender was
a.person@lancaster.ac.uk

The message recipients were
a.person@imeche.org.uk

The message title was Hello
The message date was Tue, 27 Jan 2004 11:16:09 +0000 The virus
or unauthorised code identified in the email is

>>> W32/MyDoom.A in '390205_2X_PM4_EMS_MA-OCTET=2DS__doc.pif'

_____________________________________________

'Address faking' worms do the following:

1. a PC gets infected with an 'address faking' virus/worm, such as 'SoBig', by someone opening an infected attachment.
2. that PC then (silently) sends out large numbers of emails with the virus/worm in an attachment to addresses from the owners address book:

• if you get an infected email - the anti-virus system of your email provider (or your own PC) may detect this and notify you - this is good news - you are NOT infected.
• but IMPORTANTLY, the virus/worm fakes the 'senders address' (also using addresses found on the PC - again, your address could be used) - so you can NOT tell who sent it.
• the infected emails are then discovered by a person (or an automatic anti-virus system) and an email is sent back to the (faked) senders email address (which could be you).

3. when the infected emails go out - some of them go to non-existent email addresses and get returned by the system to THE WRONG EMAIL address - they get automatically returned to the fake address (which could be you).
4. when the infected emails go out - some of them could land in the inbox of someone who has 'Out of Office' switched on which will send back an email to the fake address (again this could be you).

To summarize:

If your email address has been used in the 'senders field' instead of the genuine originator, you will get 'false alarms' email messages sent to you because:

• some anti-virus programs send out automatic warnings to the originator of virused email messages. If the 'sender's name' has be falsified, the warnings are sent to the wrong place (you).
• sometimes individuals will send warnings back to the source of an email virus they have received. Again, if the senders name has been falsified - these warnings will go to the wrong place (you).
• you may get 'returned undeliverable email' because the virus has sent out email to defunct addresses and email system has returned undelived email to the falsified senders address (you).

   

The result is that people receive a lot of false notifications that their PCs are infected when they are not infected.

Solutions

There is not much you can do about these false alarms, as the name of actual sender of the virused messages has been replaced by your name. What you can do is:

• check that the virus/worm (being warned about) fakes the senders address (or not):

  • check the Symantec virus pages.
  • ring the Help Desk - 0845 45 01254.
• do NOT forward virus warnings by email.
• ensure that your anti-virus software is working and up-to-date.
• for peace of mind, scan your PC for viruses.
• if you get a lot of 'warnings' from one place - block the email from that address.

Implications

It would seem that:

• we should NOT warn people about virus infections using email.
• we (preferably) should NOT use 'Out of Office' to notify people we are away.
• all we can do is ensure that our system is clean and as secure as possible.

Cleaned Viruses Get Through

Many email systems protect against viruses. The anti-virus systems remove the infected attachment and send on the message. The message arrives with a short text attachment which explains that the original (infected) attachment has been removed.

The name of the replacement attachment will be something like:

Deleted attachment.txt

These 'replacement' attachments are safe to open and will infom you of what virus was detected and removed.

This behavior may seem strange, but sometimes viruses infect (add themselves to) genuine messages. The automatic systems are designed not to remove the whole message in case a genuine original message is deleted.

Returned Undeliverable Messages

Faked senders names can cause 'false undeliverable mail' returns. An example of an 'undeliverable mail' report:

____________________________________________

Your message did not reach some or all of the intended recipients.
Subject: TEST
Sent: 27/01/2004 15:19

The following recipient(s) could not be reached:

linda@disney.com on 27/01/2004 15:24

The e-mail account does not exist at the organization
This message was sent to. Check the e-mail address, or
contact the recipient directly to find out the correct
address.

____________________________________________

Messages from another persons virus compromised system may have sent out lots of emails in your name to a wide range of addresses new and old (harvested from various places on your hard disk) and some of these messages will be sent non-existent addresses which will send back 'message undelivered' notices. As you didn't send the messages either as yourself or because of a virus - you may be puzzled.