If you've got a spam-blocker at the mail *server* level, add these to
its list and you should be able to resume using your old address.

Block all mail with FROM addresses containing:

"Microsoft"
"MS Net"
"MS Tech"
"MS Corp"

and BODY content containing:

"Latest Microsoft"
"MS Customer"
"MS Consumer"
"Microsoft Customer"
"Microsoft Consumer"
"Microsoft Partner"
"Microsoft Client"

Myke

--

-================================-
Windows...It's rebootylicious!!!
-================================-

I'll give it a shot. Thanks for the tip.

Loren

You're welcome. It's working well for me.

Note that "MS Partner" and "MS Client" were not in my "message body
contains" list because I haven't received any which contain those
phrases yet, however, knowing how this thing likes to dynamically morph
its content, it's probably just a matter of time until those begin to
show up as well.

Myke

--

-================================-
Windows...It's rebootylicious!!!
-================================-

My inbox has also recently been flooded with a lot of "returned mail"
messages with sizeable files attached to each one of them.

Adding the following phrases to my spam-blocker at the mail *server*
level seems to prevent most of them from reaching my inbox as well:

Block all messages with BODY content containing:

"Undelivered to"
"Undelivered mail to"
"Undelivered message to"

"Undeliverable to"
"Undeliverable mail to"
"Undeliverable message to"

Myke

--

-================================-
Windows...It's rebootylicious!!!
-================================-

It's essentially destroyed my Yahoo account. I seem to be filling my
6M quota about once every, oh, 45 minutes...

Mike (Can one, in Yahoo Mail, block anything which approximates this
virus?)

Set up a rule in Yahoo Mail based on the message content or subject.

--


news:<3F7121F5.C37 (AT) erols (DOT) com>...

My suggested words and phrases have pretty much eliminated the problem
for me. I don't think a single one of them has slipped through to my
inbox in the past 2-3 days now because of the spam-blocker phrases I've
suggested. To say that it's not going to help much is simply not true.
It has already helped me a *lot*. That's why I posted the list.

Note that my suggestions target message body content more than they
target header content. I had poor luck trying to identify patterns in
the headers of the emails I was receiving. The content of their message
bodies, however, is fairly consistent and therefore much easier to use
for nuking them.

These phrases work best when applied at the *server* level. If you're
simply adding them to your *client's* filters you'll still have to put
up with downloading them from the server when you check your mail.
That's not what I'm suggesting. This is definitely a *server-level*
spam-block operation.

Myke

--

-================================-
Windows...It's rebootylicious!!!
-================================-

Didn't say it wouldn't help anyone else, nor did I mean to infer that if I
did, only that it wasn't helping me in my situation.


Mailwasher, which let's me check the mail while it's on the server before
downloading it, is the best resource I've got available to me at this point.
And while it does let me mark for deletion/bouncing at a server, it still
wastes so much of my time doing it before I download my actual mail, and
it's filling my box so fast that I'm starting to lose mails. Looks like I
may be giving up the address before long. *shrug* What's 7 years right?

Loren

Your provider isn't providing you with the right tools to effectively
defend your inbox against this kind of attack.

I've been telling people for 7 years to ditch Windows and switch to
Linux for reasons just like this but does anybody listen to me?
"Naaaahhhh!!"

Myke

--

-================================-
Windows...It's rebootylicious!!!
-================================-

No arguement there!

Loren

I don't have control over anything at the server level (AFAIK, anyway)
but someone up the stream has gotten on the ball with this, and most of
the Swen mails are either intercepted entirely or replaced by an
"undeliverable mail" message of some kind now.

Yes, I had been getting those stinkin' "undeliverable mail" messages to
which, IMO, were worse than the Swens because each one of them contains
a pointless attachment that's larger than what Swen brings with it.

I don't know if the undeliverables are related to Swen or not but they
started to arrive at pretty much the same time - and in response to
messages addressed to phony recipients which I didn't bother to send out.

To kill those too, I have to block all mail with body content containing:

"Undeliverable to"
"Undeliverable mail to"
"Undeliverable message to"
"Undelivered to"
"Undelivered mail to"
"Undelivered message to"

Those seem to morph their content almost as badly as Swen so I'm pretty
sure they're all a 2nd phase of the same worm's operation.

Myke

--

-================================-
Windows...It's rebootylicious!!!
-================================-

I've gotten them, too, and I agree that they're part of the worm. But
now I'm getting different messages which appear to be legitimate
interceptions and which in any event don't have attachments.

Both the patch and the undeliverable mail messages are mentioned on
Norton's(symantec) website as designed to spread the W32.Swen virus. It
may
damge a computer's registry and any anti-virus protection. I've had
messages
that didn't appear to have any attachment, but that my anti-virus
software said
still carried the virus (the undeliverable mail messages).
Just to be sure I ran the program available from Norton (free even if
you don't
use their anti-virus program I believe) designed to remove this worm and
undo
the damage.
I got the file from:
[url]http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a (AT) mm (DOT) html#r[/url]

When talking about "a computer's registry" and its "anti-virus
protection" call it what it really is: "a Windows registry" and "Windows
anti-virus protection". My *computer* has neither of these ghastly
appendages attached to it.

I just use Linux and some clever mail server filters and never give it
another thought.

Myke

--

-================================-
Windows...It's rebootylicious!!!
-================================-