Hi all, very new here and don’t even know if I should be looking at a firewall or some other security product. I just installed the firewall thinking that was what was needed …
I am getting a lot of mailer deamon returned mail I didn’t send - someone is using random letters then @ … .com emailing as if it coming from my domain, I am assuming those are not really coming from my computer, but to be 100% positve I was looking for a product that could monitor and stop any outgoing emails, warning me and filtering on the from protion of the email being anything other than the specified real email address.
Is the firewall the right product?, or should I be looking somewhere else?, or should I not even worry about it if I have a firewall and antivirus running?
THanks in advance for any advice - all is welcome!
yes, the firewall is an excellent choice, and, of course, being partial to Comodo I would recommend Comodo.
To create a fairly secure rule for your outgoing mail, you could do as follows: [Protocol: TCP] [Direction: Outgoing] [Source ip: Any] [Source port: Any] [Remote port: 25] [Remote ip: Your mail server’s ip address]
You could tighten the rule even more by specifying a single local ip (if you are using a static ip address) and/or a local port range such as 1026-4000 but this is probably overkill. The most important parameter of the rule, I believe, is specifying your mail server’s remote ip address.
Now, if you want to determine if those rogue messages are coming from your machine, you can check the Options/Properties of the received meassage. I have two email accounts, using Outlook 2003, both ending in [ at ] shaw.ca My isp is Shaw. As an example, I sent a simple text (could be anything) message from one of my accounts to the other. By right-clicking on the received message and choosing Options, I can see that it did indeed originate from my one account I sent it from. Details are in the screenshot below. When checking the message properties, you need to scroll down a bit to see where the message originated from.
to clarify, that bottom text box in the screenshot should state: “My email address that message was sent to”.[/b]
To clarify … I know that email can be spoofed or forged or whatever I should call it … are you saying that to know it is coming from my machine b oth the mail address and the ip address would both match my test message, if the email address matched and the ip address is different I don’t need to worry, it is a spoof from some %$%(%)$'S MACHINE?
Edit: I just ran the test and all of the info in the header is different - Thanks