Re: [Hampshire] Your Set Up

> But how could they send spam if I have blocked the port they would use?

You have a choice[1] of two scenarios :-

- The SysAds at your ISP are entirely clueless and can't read the headers
of the purported spam. You can determine this by requesting said mail and
checking them yourself or getting SWK to do so on your behalf.
- You didn't actually block the port

Now without seeing the evidence, I can't tell you for sure which one it
was. But I see many, many more deluded protestations of innocence in such
situations than I see SysAds who can't read the top line of a set of mail
headers...

> I use kerio pf v4 as a software firewall behind the netgear router.

Irrelevant. If you're running Windows, you're running an insecure
platform. Once the platform is subverted (as most of them are -
particularly if you're running an old version like Win2K), any and all
apps that run on that platform are at risk

If you insist on running Windows, you have a duty either to disconnect
yourself from the Internet, or else to keep your box patched up. Running
Win2K cannot really be seen as an example of this.

The alternative to this is to get spam complaints levelled against you -
because that is what a vast number of these rootkits are there for.

So you're running Win2K. And you've had accusations of spam levelled
against you. Can you see where I'm headed, without sufficient evidence to
prove otherwise?

Vic.


[1] Strictly speaking, these are not mutually exclusive. But the situation
where everyone is a numbskull doesn't really help our investigation.