Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by Andrew

  1. I created a new e-mail account (blog@kantor.com) specifically to be used for posting to my blog via e-mail. I've created many a POP account. Trouble is, the mail I send to it from work, from home, wherever, never actually appears. I log in without a hitch (thru Neomail), but the Inbox remains empty. Any ideas? I can't see any problem with forwarders, and I'm not using SpamAssassin. It just ... disappears. Andrew PS: I even try sending TO that account FROM that account. No dice.
  2. Well, me happy with McAfee -- I think I'll stick with it. This isn't the first time NAV gave me problems. (Plus I hate the way NAV messes with my Recycle Bin. Even turning it off doesn't turn it off.)
  3. Rob: Who says I use my fingers? ;-P This is the third time I've forgotten what a pain Norton is -- each time I install it, something goes wrong somewhere. I mean come on, why would my anti-virus software prevent me from accessing my POP server? Sheesh.
  4. AHA! FIXED! It was the $#%^@& Norton Antivirus that was the problem. Switched to McAfee and all is well. Apologies to anyone who happened to spend time looking into this for me. I was absolutely clueless about what the problem could be.
  5. Oh, I'm also running Norton Anti-Virus 2003 on this machine. In case that matters.
  6. For the past week or so I have been unable to check my e-mail from home with a POp client. I get a "connection refused" message on Thunderbird, Outlook Express, and Outlook. I put in a help ticket, and Liz checked things out. It all looks good on her end. I can even check mail from work without a problem. So whatever it is, it's on this computer. I recently upgraded to WinXP SP2. Could that be it? (I even tried turning off the firewall -- no luck.) Right now the only way to retrieve mail via POP is by turning on SSL and dealing with all the "expired certificate" messages -- then it downloads no problem. Help! Any suggestions are welcome! Andrew
  7. Will do. Something odd is definitely going on here, for sure. I still get the "refused" message, by the way. Hmm.
  8. I put in a Help Desk ticket but haven't even gotten the 'we have received your ticket' message that I usually get. I clicked the button to check the status of the ticket, entered my e-mail address under "Forget Key" and requested it, but never received anything. All in all, very odd.
  9. I'm all of a sudden started having a problem getting my mail. No settings changed from yesterday, but now I get an error saying "the connection was refused". I use Thunderbird, but the same problem occurs with Outlook Express. I can get my through T-bird if I turn on SSL and deal with the certificate errors each time, but until yesterday I got my mail normally. Any ideas what may have changed? Thanks!
  10. I'm suddenly having a similar problem with Thunderbird. All was well till today, when it suddenly couldn't connect to my mail server ("the connection was refused"). I turned on SSL and that worked, except that I keep getting that certificate message. I actually came to the forums now to see if anyone else was having a problem.
  11. I'm guessing the answer is "No, SquirrelMail doesn't support filters." Is that right?
  12. I'm using SpamAssassin, and it's tagging all my probable spam as "[Probable Spam]". But I'd like to be able to use SquirrelMail and have it look for that tag and pop those messages into a Spam folder. I can do this with Horde, but can't see any way in SquirrelMail. Am I missing something -- either a how-to or a plugin? Thanks! PS: I assume there's no way to use sqmail's Bayesian capabilities without telnet access. Is that correct?
  13. I'm having the same (or a similar problem) -- POP works fine, but neither Eudora nor Outlook Express (Win XP) can find mail.kantor.com. I'll look up my IP and try that. Thanks for the tip. Andrew
  14. Glenn -- you said that (assuming it exists) whatever is on my machine has its own SMTP engine. Any way to search for that? My wife believes it only happens when we're running Outlook. She's been using Web-based mail for the past week and there are no bounces. Andrew
  15. Funny, that was the first thing I noticed. But DCS Research is just one of the makers of the various spyware removers I was using. Still, I'll take it out.
  16. I did a search for all files modified in the past two week. There were hundreds, mostly cookies, my normal mail files, etc. WAY too many to go through to find anything. Here's my Hijack This log: Logfile of HijackThis v1.97.7 Scan saved at 11:42:44 AM, on 2/7/04 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE C:\PROGRAM FILES\NORTON ANTIVIRUS\ADVTOOLS\NPROTECT.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE C:\PROGRAM FILES\PESTPATROL\PPCONTROL.EXE C:\PROGRAM FILES\PESTPATROL\PPMEMCHECK.EXE C:\PROGRAM FILES\PESTPATROL\COOKIEPATROL.EXE C:\PROGRAM FILES\LINKSYS\WIRELESS-B NOTEBOOK ADAPTER\WPC11CFG.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE C:\WINDOWS\NOTEPAD.EXE C:\WINDOWS\NOTEPAD.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kantor.com/ O1 - Hosts: www.dcsresearch.com O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ACROBAT\READER\ACTIVEX\ACROIEHELPER.DLL O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [systemTray] SysTray.Exe O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\ADVTOOLS\ADVCHK.EXE O4 - HKLM\..\Run: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE O4 - HKLM\..\Run: [PestPatrol Control Center] C:\Program Files\PestPatrol\PPControl.exe O4 - HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe O4 - HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" O4 - HKLM\..\RunServices: [NPROTECT] C:\PROGRA~1\NORTON~1\ADVTOOLS\NPROTECT.EXE O4 - HKLM\..\RunServices: [scriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg O4 - Startup: Wireless-B Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe O8 - Extra context menu item: MT It! - http://www.kantor.com/mt/mt.cgi?__mode=reg...s&bm_height=530 O8 - Extra context menu item: Open Frame in &New Window - C:\WINDOWS\WEB\frm2new.htm O8 - Extra context menu item: &Highlight - C:\WINDOWS\WEB\highlight.htm O8 - Extra context menu item: &Web Search - C:\WINDOWS\WEB\selsearch.htm O8 - Extra context menu item: &Links List - C:\WINDOWS\WEB\urllist.htm O8 - Extra context menu item: Zoom &In - C:\WINDOWS\WEB\zoomin.htm O8 - Extra context menu item: Zoom O&ut - C:\WINDOWS\WEB\zoomout.htm O8 - Extra context menu item: I&mages List - C:\WINDOWS\Web\imglist.htm O8 - Extra context menu item: RemindU - file://C:\Program Files\UpromiseRemindU\System\Temp\upromise_script0.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000 O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html O8 - Extra context menu item: Si&milar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html O8 - Extra context menu item: Backward &Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html O8 - Extra context menu item: Translate into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.html O12 - Plugin for .mid: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin2.dll O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll O15 - Trusted Zone: *.etradebank.com O15 - Trusted Zone: *.etrade.com O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/...7894.7098263889 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab
  17. No one else has access to the machine -- just Karen and me. And it just went a week or so without anything. Today, though, she got two bounces. She is convinced there is *something* on that machine, although I have to wonder. If someone had a zombie or trojan, wouldn't the machine be sending a LOT more spam (and thus she'd get a lot more bounces)? I checked Task Manager and saw nothing odd. I have not yet run MSCONFIG -- that's next. And I already downloaded Hijack This but couldn't make heads or tails of what I saw. (That is, if there was something Bad running, I doubt I'd notice.) I'll run it again and post the log. Thanks again for your help! Andrew
  18. Thank you all! As Mike said, this started more than a week ago -- pre-MyDoom. (In fact, Norton has been catching several My-Dooms every day.) Yes, the laptop's name is in fact "Notebook." I wasn't feeling creative. I tried three different anti-trojan packages yesterday, including the one from MooSoft. Nada. (Other than some cookies and adware, including one called "Bridge," that is.) She's not getting dozens of these bounces -- just a few a day. In fact, not even. It happens every few days. In the back of my mind is the idea that someone is just spoofing her domain and we're misreading the header somehow. I figure that two anti-virus packages and three anti-trojan packages would find *something* if it was there. The one thing I haven't tried is a Safe Mode scan. That's tonight. Thanks again for your suggestions (and please keep 'em coming either here or to me directly: andrew -youknowwhatsymbol- kantor.com).
  19. First, apologies if this isn't an appropriate place to ask this. But I'm trying everything. My wife Karen owns her own domain: kcentral.com (hosted here, of course). Recently she's been getting bunches of bounced mail (spam) -- and its bounced from mail she hasn't sent. I.e., her domain is being spoofed. But it's worse. I get bounces like this once in a while when a spammer spoofs one of my domain names. But the mail that generated Karen's bounces actually appears to have come from her: "Karen Ireland Kantor" and karen@kcentral.com. Further, the IP address from the header of the orgininating message is our IP address. (We have a cable "modem" and a hardware firewall, so our actual PCs are 192.something, but the firewall's IP matches what's on the bounces.) Just to be sure, Karen changed her name in Outlook to "Karen I Kantor." Today came a new batch of bounces -- they come sporatically -- and these had "Karen I Kantor" in them. Ouch. Obviously we have concerns about carrying a zombie on that particular computer. (The messages appear to be coming from a single computer on the network -- the laptop. Interestingly, it's the only one with an 802.11 connection, but I activated WEP on that a while ago. And I doubt any of my neighbors are sending spam from our machine.) BTW, it's running Win 98SE with all patches. I've checked to be sure I have the latest updates for Norton Anti-Virus (2003), and I ran a full scan. Nada. Ditto for a full scan from Trend Micro's Web-based scanner. Ad-Aware only turned up the usual cookies, and Zone Alarm doesn't show any unexpected activity -- although it might not because Outlook is permitted to access the Net. I'm at my wits end. Is there a chance that we have a trojan/zombie that's invisible to Norton and Trend Micro? Any way to check? I don't see any unusual processes when I hit Ctrl-Alt-Del and I don't know what else I can do. Help! (And thanks!) Andrew PS -- here's a typical header: Return-path: <karen@kcentral.com> Received: from dhcp26141213.columbus.rr.com ([] helo=notebook) by server6.totalchoicehosting.com with asmtp (Exim 4.24) id 1AlpWf-0005tP-HG for UCYVQ@finklfan.com; Wed, 28 Jan 2004 08:14:37 -0500 Reply-To: <karen@kcentral.com> From: "Karen I. Kantor" <karen@kcentral.com> To: <UCYVQ@finklfan.com> Subject: Not read: What are the washing instructions? Date: Wed, 28 Jan 2004 07:43:51 -0500 Message-ID: <00ba01c3e59c$62a8e2c0$6701a8c0@columbus.rr.com> MIME-Version: 1.0 Content-Type: application/ms-tnef; name="winmail.dat" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="winmail.dat" X-Mailer: Microsoft Outlook, Build 10.0.2627 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-MS-TNEF-Correlator: 00000000FC5CA04C8222D81198870006252FBF44A4BA3400
  20. I'm setting up a new domain for a friend, and I'd like her to be able to check her Web-based mail (preferably SquirrelMail) via a subdomain --http://mymail.juliecalkins.com -- rather than the long, full path. When I set up the mymail subdomain and point it to, say, https://www.juliecalkins.com:2096/3rdparty/...lmail/index.php (or *any* page), all I get is that "Index of /" page with links to the parent directory and cgi-bin. Why can't I get it to redirect. I tried pointing it to a variety of places, and even tried other subdomains (test.juliecalkins.com), but no luck. I'm sure it's something simple and stupid, but can't figure it out. Help!
  21. Ah, found the problem: Mail::POP3Client isn't installed. Thanks for your help!
  22. Yep, that's what I'm using. And I'm wondering if I'm missing any Perl modules. Any thoughts?
  23. No luck -- I get the same "Can't locate Mail/Box/Manager.pm in @INC..." error. Grr!
  24. Getting better, but not quite. Looked like a permissions problem, but now I get: Can't locate Mail/Box/Manager.pm in @INC (@INC contains: /usr/lib/perl5/5.6.1/i686-linux /usr/lib/perl5/5.6.1 /usr/lib/perl5/site_perl/5.6.1/i686-linux /usr/lib/perl5/site_perl/5.6.1 /usr/lib/perl5/site_perl/5.6.0 /usr/lib/perl5/site_perl .) at /home/akantor/pop2blog.pl line 18. BEGIN failed--compilation aborted at /home/akantor/pop2blog.pl line 18. I feel like I'm so close to this! Help!
  25. As a follow up: I tried moving the pop2blog.pl file to /home/akantor/pop2blog.pl but got the error /bin/sh: /home/akantor/pop2blog.pl: /usr/local/bin/perl: bad interpreter: Permission denied Any ideas? Help!
  • Create New...