@Michael Re: Apoligies Re: Dearest

Frank Murphy frankly3d at gmail.com
Tue Oct 4 16:07:29 UTC 2011

On 04/10/11 16:49, Michael Schwendt wrote:
> On Tue, 04 Oct 2011 15:54:30 +0100, FM (Frank) wrote:
>>> in the headers. Another indiciation that the Google Mail web interface
>>> has not been abused by someone from Turkey.
>> That is true, I did have to "logout all other sessins",
>> and do you recoginse all recent activity" or similar words.
>> It is also true that 6.02 is the current version of TB I use.
> You would need to develop a theory why somebody else would forward a
> message from one of your folders at GMail -- the spam message has been
> received by you at GMail via your Fedora Project address alias on Oct 2nd
> according to its headers --using exactly the same Thunderbird version and
> Linux OS version identifier, the same time-zone, the same machine
> hostname, _and_ exactly your IP address at UPC Ireland.

No idea, but I have received spam from my own email address before.

>> If you wan't to help.
>> Can sonething be sent without me knowing about it?
> Sure. With username and password, somebody can abuse your account via
> IMAP, SMTP, POP, or even the web interface. Google Mail displays a list of
> previous logins in its web interface. And by default, it stores copies of
> messages sent via SMTP in the Sent folder.
>> Is the fact that my isp email is routed through gmail a factor
>> (plain password) pulled every 30\60 min?
> Can you explain the setup in detail?

Originally in Gmail, it allows you can get other pop email
by entering email address and password.
It won't pull an exe attachment.

My isp does not use https, even for their webmail.

>> rkhunter shows nothing.
> There is a huge difference between capturing only a Google Mail account
> passphrase and an entire Linux machine connected to the Internet.
> You would need an even better theory about why somebody ("from Turkey")

Still no idea.

> with access to your computer would be so stupid and on your computer use
> Thunderbird to forward a single spam message to a list you're subscribed
> to. Much too big of a risk to be discovered. Rootkits exist in order to
> retain access to a remote machine. They try to hide themselves.

Only my eldest son "the gamer"
had tried to do anything foolish on this PC.
I don't use a screensaver, as I can never recall the password.
I keep it on a usb stick.


Frank Murphy
UTF_8 Encoded
Friend of fedoraproject.org

More information about the users mailing list