Eudora SPAM Issues..
I have a client who is seeing large amounts of spam originate inside their
organization. I have traced the spam to Windows machines running Eudora 6.1.1
(latest) in paid mode. Apparently, spam messages come in, something is executed
in these spam messages, and copies/duplicates (with forged names/headers)
immediately drop into the Eudora OutBox (Messages waiting to be sent) to many
users all located in the Eudora Addressbook of that particular computer.
We have scanned (in safe mode and regular) with Norton AV Corporate fully up to
date, along with numerous spyware, malware, adware scanners (Spybot Search &
Destroy 1.3, CWShredder, Ad-Aware) all with up to date definitions, and have come
up with nothing.
It seems as though some sort of arbitrary execution of code within Eudora
emails is automatically executed before the Incoming SPAM is classified as such
and moved into the JUNK folder.
Headers of the outgoing spam contain the following lines (other than forged
from, reply-to, to, and subject):
X-Mailer: Zckvdgt 0.7
Content-Type: text/html;
Content-Transfer-Encoding: 7Bit
The outgoing spam is not always the same, but is (I believe) based on the spam
that comes in. We have seen Prescription Drugs, Pornographic Sites, and other
common SPAMs.
Is anyone else seeing this or can anyone provide any information? Any advise
would be helpful. In the time being, I am going to move those users to
Thunderbird in efforts to stop originating spam.
Thanks
Brian T Luerssen
Infinite Consulting Inc.