Spam from Knoppix mail client usage?

[msmith]

I posted a question a while back (linked below hopefully) asking about why I started getting spam e-mails as result of once using a Knoppix CD (and KMail?) to pick up my e-mail.

I remain curious as to whether anyone else has seen a similar problem (especially given that the spam to knoppix@myaddress.com continues to this day !) and what might have caused it....

Of course it is too late to rectify my mistake but it wasn't a good advert for Knoppix (or, rather, something inclluded on it).

I should note that - apart from this annoying breach of my e-mail address - I like Knoppix otherwise.

My original posting is at :-
http://www.knoppix.net/forum/viewtop...e2008b75c6c5ae

[CrashedAgain]

I'm guessing that some spammer detected you on line as knoppix@ youraddress.net & added you to his list of functional addresses. Short of using a firewall, not much you could have done to prevent it. This is not a Knoppix problem , just an internet user problem.
I had a similar, someone started sending me spam in Russian, I think they got the address from me contacting a Linux message board. I traced the source to Montevideo but that was all I could do. I reported it to my ISP, asked them to handle it & it stopped.

[Cuddles]

msmith,

I, too, have "just" started to get spam, I think its in Italian, or maybe French, from someone who wants me to do "something" for them, and one more for a "mortgage loan" approval thingy...

From what I can tell, they are just trying to "ping" people for responses; since the contact list on these emails appears to be sent to any "user account"@myISP.com -=- it sounds like they are simply sending a "blanket" email to anyone, and looking for a reply to determine if they sent to an actual valid email account.

In situations like this, I either, one, block the sender/subject in my email, or, two, don't respond to them and delete the email. It should also be noted, that, when dealing with "public" message boards, if they attach your email addy to your post, when you post, (in some Windows newsgroups, this is the case), you should create a "fake" email addy to attach with... Common addys I have seen are: nospam@noserver.com, or novalidemailaddressprovided@noserverprovided.com -=- this practice, and knowing the newsgroup/forum, that you frequent, doesn't go and sell your email addy out, is about the strongest ally I have seen. I have even seen people go as far as getting a "dummy" email account that is given out, and a "working" email account that is only let out to "known" people. But, even then, I have heard these people can still get "junk" email in there "trusted" account. In some of the documentation, or man pages, I have seen email addys for "contact" people, written like someone at someserver dot com, which makes "stripping" an email addy manually required, not sure if this works, or not. I just think, you can't win, and it is only a matter of time before they "find" you.

I have had this problem in Windows, and now, in Knoppix - but I think my ISP is giving out my addy, for a price, IMHO...

Hope this helps,
Ms. Cuddles

[msmith]

Hmm - thanks for the replies.

I am still somewhat unclear how they managed to get my e-mail address just by my being connected to the Internet. Would the fact that Knoppix boots with known passwords mean that you are open to anyone hacking such details if you enter them in one of the Knoppix client applications (eg. a mail program)?

My PC doesn't normally 'leak' e-mail addresses unless it has been compromised. I am trying to suss out the most likely cause of the compromise.

Is the STD version of Knoppix likely to be more secure by default? There's no point in using the CD as a utility disk if it is easily hacked the minute you go online !

[CrashedAgain]

Hmm - thanks for the replies.

I am still somewhat unclear how they managed to get my e-mail address just by my being connected to the Internet. Would the fact that Knoppix boots with known passwords mean that you are open to anyone hacking such details if you enter them in one of the Knoppix client applications (eg. a mail program)?

My PC doesn't normally 'leak' e-mail addresses unless it has been compromised. I am trying to suss out the most likely cause of the compromise.

Is the STD version of Knoppix likely to be more secure by default? There's no point in using the CD as a utility disk if it is easily hacked the minute you go online !

I doubt if the fault is Knoppix passwords or lack thereof. After all, most hackers would be targeting the much more common Windows systems which have NO passwords. You could, however, make it a practise to set passwords before proceeding. Just open a terminal, 'sudo passwd' to set root password, 'sudo passwd knoppix' to set user knoppix password (actually I don't think you need sudo for this one).
One would think STD should be more secure but I don't know anything about it.