Free Online IT Tutorials and Training
The Problem: Mailbox Full
All of a sudden, you can’t send or receive e-mail.
Why?
Your mailbox may be full.
Your computer doesn’t actually send and receive e-mails directly. Your mail client software, either Microsoft Outlook, Mozilla Thunderbird, SeaMonkey, Apple Mail etc. will send and receive mail via the Internet’s version of the local post office, your Internet service provider’s mail server. Your provider sets aside storage space on their servers to store mail while you are not connected to it (when your mail software isn’t running). Most providers have a limit of how much mail you can store on their servers, and the mail stored on their servers. If your provider offers webmail as a service, only the mail stored at the provider’s servers will be visible in your mailbox.
When this storage space at the servers is used up (full) you cannot send or receive any more e-mail until you delete something. It’s more or less the same as having a post office box at the post office, and the box being too full to cram any more letters into. Periodically, you have to go to the post office and empty it. Big parcels will fill the box faster than small letters. With e-mail, the big parcels are e-mails with attachments, or e-mails with pictures or video embedded in them. The bigger the mail messages are, the faster the mailbox fills up. Consider carefully what you send and receive.
Let me show you how to fix this…
(Jump straight to The Fix)
The Reader’s Question:
Dear InetDaemon,
Why do I get a “503 Valid RCPT command must precede DATA” message when I send to some people?
Thanks!
The Error Message
This mail message is sent to you automatically by the mail server. It most often happens when you are sending to someone who doesn’t use the same mail provider you use. The mail server will automatically send you this notification when you have not configured Outlook to send your login information to the server before sending e-mail. The body of the notification email will have a message that looks something like this:
FROM: System Administrator
TO: InetDaemon
Subject: Undeliverable: Test Message
Your message did not reach some or all of the intended recipients.
Subject: Test Message
Sent: 6/2/2012 7:38 AM
The following recipient(s) cannot be reached:
<address@domain.tld> on 6/2/2012 7:38 AM
503 Valid RCPT command must precede DATA
Why It Happens
Responsible email providers will require you to configure Outlook to log in to their server before sending e-mail to restrict the ability to send mail from their servers to just their own customers. This helps block spam by preventing anyone who doesn’t have a login from sending an e-mail from that server. Your mail service provider requires that you verify your account information before downloading mail (via IMAP or POP3), and they also require it before sending mail via Simple Mail Transfer Protocol (SMTP).
Sending login information to the server before sending an e-mail is not a Microsoft Outlook default, so you get an error from your email provider’s mail server when sending to external providers.
The Geeky Bits
The mail server that actually sends your e-mails for you has been configured to use the SMTP AUTH extension as defined in RFC 2554. When sending an e-mail, the mail user agent (Outlook) connects to the mail transfer agent (your provider’s mail server) and the server responds with the authentication types used by sending the client the SMTP verb “AUTH” and a list of methods. The client selects an authentication method it supports and replies back with “AUTH <method>”. If the server does not receive an AUTH from the client, it treats the client as an unknown sender and does whatever the server is programmed to do when an unknown sender sends mail (ignore the mail message, send a warning message to the client).
How to Fix It
How to fix “503 valid RCPT command must precede DATA”:
Continue reading
I happen to have the ‘good fortune’ of having more than one Apple Fanboy amidst my network of associates and they are all downplaying the latest round of Flashback-based malware infections on the Mac as being ‘unusual’ and ‘nothing to worry about’ and they still insist that installing anti-malware software is pointless. Same thing they have been telling me for just about a decade.
Contrary to what the Fanboys say, Mac OS X has been hit with viruses and worms in the past. Flashback is not the first. Malware specifically targeting the Mac OS X platform starting appearing as early as 2004. Apple computers have never been ‘immune’ to malware and spyware, contrary to Apple’s advertising, and Apple computers have been part of the earliest history of virus development, beginning with Elk Cloner which predates the first PC virus “Brain” by about 4 years. Yes, owners of Apple products had to worry about viruses four years before PC users did…
Here’s the a small sample of the kinds of malware targeting Apple computers that I could dig up in a quiet evening at home from the web. This list of Apple Malware is far from complete:
- 1982 - Mac Virus Elk Cloner (created by Richard Skrenta). A boot sector virus attacks the Apple II. This predates the first virus on Windows computers, so Apple computers got viruses before PC’s did. Dwindling market share protected the Apple computers–just wasn’t worth the hacker’s effort.
- 1992 – INIT 1984 – Triggers on Friday the 13th on any computer running MacOS (pre-OS X)
- 1994 - Mac Virus INIT-29-B modifies system files and applications, crashes the early Macs.
- 1995 - HyperCard Virus HC-9507 embeds itself in all HyperCard stacks.
- 1987 - nVIR Virus. Spread by infected floppies.
- 1988 - HyperCard viruses start appearing
- 1990 - MDEF (Garfield) infected the operating system files.
- 1998 - Hong Kong / AutoStart 9805 infects via the AutoPlay feature of QuickTime.
- 1998 - Sevendust / 666
- 2004 - OSX /Renepo (opener) script worm
- 2006 - OSX/Leap-A (OSX.Oomp). First ‘official’ Mac OS X virus. Actively infects via iChat buddy lists.
- 2006 - Inqtana worm and virus
- 2006 - Macarena - Proof of Concept worm
- 2007 - BadBunn; also OSX/RSPlug (DNS Changer) – Persisted till 2011 due largely to the myth that Macs are immune, so Mac users did not patch or protect their systems.
- 2008 - MacSweeper scareware, Imunizator scareware
- 2008 - AppleScript.THT that spreads via the Remote Desktop Agent feature by using a tunnel to hide itself from the firewall and allow remote hackers complete access and control of the Mac.
- 2008 - OSX.Lamzev.A - Opens a backdoor to allow hackers to control your Mac remotely
- 2008 - OSX.Trojankit.Malez - Opens a backdoor to allow hackers to control your Mac remotely
- 2008 - OSX/Hovdy-A trojan horse
- 2008 - Troj/RKOSX-A - SPAM with link to malware ridden video website, site prompts user to download ’video codec’ (actually the RKOSX-A trojan) to view video
- 2009 - OSX.Iservice and OSX.Iservice.B in pirated copies of … Continue reading
I’m paranoid about the web, and with good reason.
The #1 way hackers get into computers today is through your web browser from an infected website. The battle for control of your computer has spread from e-mail and attachments. Another battlefront has opened up on your web browser. A large number of big-name sites have been hacked recently and nobody is completely sure just what the hackers made off with. Hackers use DNS spoofing to trick computers into coming to an infected website, so you can’t completely be sure that you ended up on the website you intended to visit. They also buy up common misspellings of big sites to catch anyone that makes a typo.
Hackers have been using SQL injection vulnerabilities to break into websites for years (it is in fact one of the primary ways hackers get into a server), and these vulnerabilities still go unpatched. Now they are infecting websites in order to set up complex computer/browser/plugin fingerprinting engines that detect vulnerable versions. These engines deliver attacks custom-tailored to infect the visitor’s computer with slimy botware. Take out the cookies, pop-ups, plugins and JavaScript and you’ve stripped your attack surface these engines can attack, down to just your web browser. But this makes browsing less user friendly and a lot more frustrating in the short term, and confusing for people who aren’t technical.
Of course, whenever someone starts talking about a really secure platform, the Mac fanboys jump right in to tell me how secure Apple MacOS is–never mind that the MacOS/Safari combo gets hacked every year (2007, 2008, 2009, 2010,2011) during PWN2OWN at CANSECWEST. Never mind that the hackers have now developed a crimeware kit for the Mac, which means Mac users will need to be on the lookout for a deluge of malware from now on.
With so much dangerous malware and so many threats, how do I stay secure online?
The term computer appliance is a generic term for a class of computer devices that come pre-packaged and pre-wired from the factory with special features and functionality pre-configured and ready to use with only minimal setup. There are several types of devices that fall into this category such as storage appliances, network appliances, security appliances, anti-virus appliances and so forth. You can find this new tutorial I’ve written in my Tutorials section, under Computers as computer appliances.
Malware is malicious software which the user is tricked into downloading and/or installing from an e-mail attachment, or more commonly today, malicious and infected websites. Social Engineering is a term used to describe the techniques used to deceive people and trick pe0ple into revealing information or taking an action that is unsafe. Socially-engineered malware is malware that is pushed to Internet users from malicious URL’s (website addresses) that have content designed to grab your attention and trick you into clicking a link in a search engine or e-mail, or which exploit a vulnerability via JavaScript or within a plugin (Java, Flash, Silverlight, Adobe Reader etc.) to gain access to the computer and install malware. Once installed, the malware remotely grants hackers control of the computer, and full access to everything on the computer and everything the computer is used to access, including email, online banking and personal online investment accounts. The hacker may even be able to observe the screen, and record keyboard and mouse activities.
The latest website to fall victim to getting hacked is MySQL.com, owned by Oracle Corporation, which was briefly forcing malware downloads to computers running vulnerable web browsers that connected to the MySQL.com website.
According to recent statistics published at Virus Bulletin by Bruce Hughes of anti-virus company AVG technologies, Internet users are four times more likely to encounter social engineering as the mechanism used to infect their computers than a technological ’hack’.
An independent security firm has released their third quarter report on the protection provided by each of the top five web browsers. The test was designed to determine how well each browser protects against malicious URL’s, malicious downloads and phishing.
The firm compared the following browser versions:
- Internet Explorer 9
- Firefox 4
- Chrome 12
- Safari 5
- Opera 11
Which browser blocked the most malware and was the best, most secure browser against socially-engineered malware?
According to NSS Labs, all of these browsers offer a reputation system to warn the user about malicious URL’s and block malicious software downloads from those addresses. Reputation systems are used to provide the user additional feedback to make a determination as to whether the site is safe and to recommend blocking the website to the user in cases where the sites are known to be malicious. However, one of these browsers proved dramatically more effective at blocking socially-engineered malware–malware that users are tricked into downloading simply by visiting a website or clicking a picture or link in a search engine result, e-mail, tweet or SMS text.