Thank-you, Tim, for the follow-up.
> > 'If that line says the "from" is reasonable,
> > look at the lines up to and inclucing the
> > next Received: line and loop, otherwise
> > stop, it's spam.'
> I think he means:
> 1. Look at the lines up to and including the next received line.
> 2. Repeat the process, upwards.
> 3. Otherwise, stop looking any further, it's spam.
Parse Error! My mind incorrectly parsed what Tony said. I took "line
and loop" as two parallel verbs connected by the conjunction "and". Now
I see that "line" is a noun qualified by the adjective "Received:".
I believe I successfully followed the rest of what you said, but I don't
quite get what to look for as flags that a message is likely a spoof.
I've known for some time that
- messages from most countries other than my home country,
- messages claiming I'm in legal trouble, tax trouble, etc.,
- messages asking for crypto-currency, gift cards, and other hard or
impossible to trace payment, and
- threatening messages
are almost certainly malicious and should not be responded to or
forwarded, should not have links in them clicked or attachments to them
downloaded, perhaps should be reported to appropriate authorities, and
certainly should deleted. Those are not the messages that trouble me
most. It's other kinds of messages. The message that I started this
thread because of came from someone I've known for decades, but the
"From" was an address I had not seen before. But recent events have the
sender (and two other people) in a vulnerable position. I had to be
careful.
I've heard that if a malicious person/group
- can access someone's address book
AND
- has the tools to do spoofing,
then he/they can spoof the e-mail addresses of everyone in the address
book *without* knowing the password of anyone in that address book. I
think this happened to me a few years ago. I lost friends as a result
of this event. Changing passwords made no difference. I had to delete
all my e-mail accounts, create new ones, and do a lot of contact
information changing. 2-3 years after that, a friend got a message (an
e-card) from the old, dead-for-over-2-years e-mail address and clicked
the e-card link, which infected his system. I was able to verify that
the old e-mail address really was still dead.
I realize there is no perfect solution or 100% safety. But for the
benefit of others as well as myself, I'm following up on this. When I
do as Tony and Tim suggest, what am I looking for that would be a red
flag the the message is (probably) bad, or would be a green flag that
the message is (probably) genuine and safe?
thanks,
Bill.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx