Author Topic: More on 'Potential Infections'  (Read 20678 times)

0 Members and 1 Guest are viewing this topic.

Offline Rick F

  • Poster
  • *
  • Posts: 419
  • _______
Re: More on 'Potential Infections'
« Reply #30 on: May 16, 2007, 09:29:48 PM »
It's aggravating to have to stop and go to the web based email to be able to get your emails that have attachments, but that's the ONLY way I've been able to have any success in getting the pictures others are trying to send me. <snip>

Yep, I've also sent another email to BellSouth.  I haven't recv'd a response as yet (except for the automated response saying they recv'd my email). I wonder if it has something to do with BellSouth and ATT merger?
Dell Dimension; Intel-core2 duo; WinXP Media Ctr; 2.8ghz - NTFS; 1-Gig Ram; NVIDIA GeForce 7300LE; Firefox 19.0.2; OE-6; ZA-7.0.302; avast 6.0.1367; / DropMyRights / MalwareBytes-Free / Symantec LiveState Recovery Desktop 6.0 / (using WOT), MVPS HOSTS file, SpywareBlaster, WinPatrol PLUS,

Offline brdman3

  • Newbie
  • *
  • Posts: 7
Re: More on 'Potential Infections'
« Reply #31 on: May 17, 2007, 06:37:55 PM »
Tried ANOTHER experiment with this problem. I created an email (with an attached picture) from one of my Yahoo accounts and set it to my ISP (BellSouth) email addy. At the same time I sent a copy to a fastmail account I have. It IMMEDIATELY showed up in the ISP account as having a virus. Clicking "Continue" on the Avast warning window had the result of stripping the attachment from the email.  I logged on to the fastmail account and there was NO virus warning and the attachment was intact.  Next I forwarded the email from the fastmail account to my ISP email. It arrived intact -  WITH the attachment. This pretty much proves that some of the email coming from Yahoo to BellSouth subscribers is being corrupted.

Offline Rick F

  • Poster
  • *
  • Posts: 419
  • _______
Re: More on 'Potential Infections'
« Reply #32 on: May 17, 2007, 07:46:48 PM »
Quote
This pretty much proves that some of the email coming from Yahoo to BellSouth subscribers is being corrupted.

Yes, several have done the same test. As Vlk (and Alan) pointed out, there is an all important missing blank line after the source IP address as seen in this example.  It looks like the emails from Yahoo (Prodigy, SBCglobal, & NetZero) are getting malformed by the BellSouth servers.  Vlk speculated that could be their spam filters.

------- example -------
 
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="0-1719296184-1178287377=:62209"
Content-Transfer-Encoding: 8bit
Message-ID: <275121.62209.qm@web80202.mail.mud.yahoo.com>
X-Spam: [F=0.0001323180; S=0.010(2007050201); MH=0.500(2007050417); R=0.012(s7/n557)]
X-MAIL-FROM: <xxxxxxx@prodigy.net>
X-SOURCE-IP: [192.168.16.145]             
<--- Blank line missing after this line!!!!
--0-1719296184-1178287377=: 62209               
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Antivirus: avast! (VPS 000738-2, 05/04/2007), Inbound message
X-Antivirus-Status: Clean

Hi Rick,

Here's the test mssg you requested...
« Last Edit: May 18, 2007, 02:12:21 AM by Rick F »
Dell Dimension; Intel-core2 duo; WinXP Media Ctr; 2.8ghz - NTFS; 1-Gig Ram; NVIDIA GeForce 7300LE; Firefox 19.0.2; OE-6; ZA-7.0.302; avast 6.0.1367; / DropMyRights / MalwareBytes-Free / Symantec LiveState Recovery Desktop 6.0 / (using WOT), MVPS HOSTS file, SpywareBlaster, WinPatrol PLUS,

Offline vineyridge

  • Jr. Member
  • **
  • Posts: 25
Re: More on 'Potential Infections'
« Reply #33 on: May 18, 2007, 12:09:57 AM »
I'm Win98SE, Pegasus Mail, and BellSouth.

I'm getting the same warnings.  Today I received one from a yahoo customer, one from an Outlook Express or Thunderbird or Pegasus Mail client on a cable modem (CableLynx), and lots from three people on an email list I frequent.  The list does not allow attachments, and all emails must come in plain text, and I don't think it uses a yahoo group or server, since all the emails did not shriek.  The list warnings are always on the same people and have been coming up for maybe ten days;  I haven't checked to see if the original senders are coming to the list through yahoo, but would that matter. Since the last update today, yahoo client and the cable client are raising alarms.

This is getting nerve wracking.  I don't mind deleting my list emails, but I certainly mind personal ones being flagged if the flagging is off.

I just opened one.  It was from Europe, never had an attachment, but would open in the attachment area of PegMail.  Down at the very bottom, it said it was  virus free.  Was from Yahoo.com

I'm convinced it's Bell South screwing things up with only certain ISPs.

Vlk, I've copied the raw view and will try and email it to you.  Here is the heading on the reader:

This message contains binary or non-textual data that cannot be previewed within Pegasus Mail.

   Filename:   Unknown

You can work with this file in the message reader's 'Attachments' page. 

The other one might have been yahoo as well, but I deleted it.  Four of the ones on the email list were from the same yahoo customer, but I'm not sure about the other two users.
 
« Last Edit: May 18, 2007, 12:48:47 AM by vineyridge »

Offline brdman3

  • Newbie
  • *
  • Posts: 7
Re: More on 'Potential Infections'
« Reply #34 on: May 18, 2007, 06:06:32 PM »
I’m beginning to wonder if the merger with AT&T has something to do with this. When I powered up a day or two ago, I got an “Ad” (for lack of a better word) from AT&T to try their ‘AT&T Internet Security Suite’. With the ad window being semi transparent I couldn’t read the whole thing so I thought, what the heck, I’ll give it a try. It’s a BIG file and took quite a while to download and install, and required a reboot after being installed. As the PC rebooted a message popped up telling me that their software could NOT run due to the fact that my current anti-virus program (Avast 4.7 Home Edition) could not remain resident and run THEIR security stuff at the same time. There was an option to automatically DELETE Avast, which I declined to do. Later that day I did an uninstall on their software.

So it makes one wonder if AT&T is trying to build their own virus protection programs which won’t run unless you delete whatever you might be using at the present time so you HAVE to use theirs – at a cost of $5.00 per month added to your bill. A sort of priority software that’s exclusive to their own subscribers.

Offline Rick F

  • Poster
  • *
  • Posts: 419
  • _______
Re: More on 'Potential Infections'
« Reply #35 on: May 18, 2007, 08:59:44 PM »
BellSouth is still working on it.  I sent them another email today...

Quote
Dear Sir or Madam,
 
It's been over two weeks now that BellSouth (and AT+T?) started having trouble with some of their email servers.
 
What is the prognosis?  Are they working on it?  Or... do they not care if emails from Yahoo, Prodigy, Netzero and SBCglobal are being messed up?  If it's a problem with some spam filter, is there a way I can turn it off?

Respectively,
Rick F.

Their response...

Quote
Dear BellSouth Internet Service Customer,
Thank you for taking the time to contact BellSouth Internet Service. We appreciate the opportunity to address your concerns because it is our goal to provide the highest quality Internet service available.

I am terribly sorry you are experiencing these email issues. I know it is a frustrating situation however we have identified the issue that is blocking the attachments from yahoo and we are working to resolve the issue. I do want to assure you that you can check your email at our mail.bellsouth.net website and you will be able to view your attachments that have not been downloaded to your Outlook and Outlook Express mail client. Thank you for your patience. 

Again, thank you for this opportunity to address your concerns.
Dell Dimension; Intel-core2 duo; WinXP Media Ctr; 2.8ghz - NTFS; 1-Gig Ram; NVIDIA GeForce 7300LE; Firefox 19.0.2; OE-6; ZA-7.0.302; avast 6.0.1367; / DropMyRights / MalwareBytes-Free / Symantec LiveState Recovery Desktop 6.0 / (using WOT), MVPS HOSTS file, SpywareBlaster, WinPatrol PLUS,

Offline brdman3

  • Newbie
  • *
  • Posts: 7
Re: More on 'Potential Infections'
« Reply #36 on: May 19, 2007, 05:43:08 AM »
Rick's reply from BellSouth:

Quote
I am terribly sorry you are experiencing these email issues. I know it is a frustrating situation however we have identified the issue that is blocking the attachments from yahoo and we are working to resolve the issue. I do want to assure you that you can check your email at our mail.bellsouth.net website and you will be able to view your attachments that have not been downloaded to your Outlook and Outlook Express mail client. Thank you for your patience.

Sounds suspicious. They've been TOLD about this problem for over a month now and if they have indeed
Quote
identified the issue that is blocking the attachments from yahoo and we are working to resolve the issue
what's the holdup? Apparently it didn't take that long to CREATE the problem!!!![/color]

Offline sandraj

  • Newbie
  • *
  • Posts: 18
Re: More on 'Potential Infections'
« Reply #37 on: May 23, 2007, 03:32:32 AM »
Evidently the problem has been fixed. I am able to recieve attachements now from yahoo...

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67274
Re: More on 'Potential Infections'
« Reply #38 on: May 23, 2007, 03:40:25 AM »
Evidently the problem has been fixed. I am able to recieve attachements now from yahoo...
Good to know that the problem has been addressed...
Any other user of Yahoo can confirm that?
The best things in life are free.

Offline sandraj

  • Newbie
  • *
  • Posts: 18
Re: More on 'Potential Infections'
« Reply #39 on: May 23, 2007, 05:19:16 AM »
Today is the first day I've been able to receive attachments from a yahoo sender. I am a bell south user. I got email from 3 different people on yahoo, and the attachments came through on OE. Hopefully this is fixed.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 83935
  • No support PMs thanks
Re: More on 'Potential Infections'
« Reply #40 on: May 23, 2007, 02:36:14 PM »
Fingers crossed, that didn't take long then (NOT) about 20 days, perhaps longer.
Windows 10 Home 2004 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.8.2432 (build 20.8.5684.602) UI-1.0.566/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Rick F

  • Poster
  • *
  • Posts: 419
  • _______
Re: More on 'Potential Infections'
« Reply #41 on: May 23, 2007, 05:30:47 PM »
Yea!! It is fixed! 

I verified that it works through Yahoo using my yahoo acct. and adding an attachment.  I also got an email from my friend today who uses Prodigy and it came through just fine as well.

Glad BellSouth finally got it sorted out.

Thanks to all those who helped here on this great forum.  ;)
Dell Dimension; Intel-core2 duo; WinXP Media Ctr; 2.8ghz - NTFS; 1-Gig Ram; NVIDIA GeForce 7300LE; Firefox 19.0.2; OE-6; ZA-7.0.302; avast 6.0.1367; / DropMyRights / MalwareBytes-Free / Symantec LiveState Recovery Desktop 6.0 / (using WOT), MVPS HOSTS file, SpywareBlaster, WinPatrol PLUS,

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67274
Re: More on 'Potential Infections'
« Reply #42 on: May 24, 2007, 01:14:56 AM »
Thanks to all those who helped here on this great forum.  ;)
You're always welcome to come back any time you need help 8)
The best things in life are free.