Mail Tampering?

Similar Messages

• Mail has been tampered with and I don't know where to look

  I have a client who is going through a divorce and her soon to be ex-husband has tampered with her email on her Apple computer. She is running 10.5.2 and using the standard mail client. She noticed when she opens an email the email is forwarded automatically. No rules have been setup. There are no traces of the mail in the outbox or the sent messages folder yet she recieved some bounce messages saying emails weren't accepted due to virus/spam blocks. Where can I look to stop this forwarding action or what software would do this ? What logs can I look at ?

  I see two possibilities here:
  1. The situation is incidental. Do the messages she's getting the supposed bounce notifications for match ones she's actually received? The reason I put this first is that it wouldn't make sense to forward email to an address that's going to bounce, if the point is to spy on the emails. That would bring such activity to someone's attention immediately. If it doesn't seem to be happening to all messages, its likely this is actually the result of a spamming or phishing operation of some sort. Spammer spoof known valid email addresses, and thus you get bounces for messages you've never sent. A phishing tactic to harvest email accounts to use for spam has you get a supposed bounce notification, then you are offered a link to log in. The link of course does not lead to the actual mail site, and you provide your credentials to access the account which are then stolen.
  2. If the mail is being forwarded, it has been set up at the provider end, and not at the local computer. Most webmail providers now offer forwarding service, especially Gmail. If one were to have access to the account credentials, or even just one time were able to access the account from the person's computer, they could set up the forwarding with the email provider. Nothing would be required on the target's computer, and nothing there would be changed.

• Certificates and Mail - has anyone got them to work recently?

  Hi,
  I've been using Thawte digital certificates with Mail for almost three years and had no problems. Recently one of my certificates was due to expire, so I revoked it and got another one issued. The certificate is installed in my Keychain and everything looks to be correct - Keychain places a small green tick next to it and says 'This certificate is valid' and it is also ticked in the Address Book.
  However, the option to sign and encrypt messages in Mail's compose window has vanished. I can't find a way of getting it to appear so it looks like Mail can't find the certificate.
  I've quit Mail and reimported the certificate, no change. I've tried a self-certified certificate to see if that works - nothing.
  A look on the forums suggests that a number of other people have had similar problems.
  So has anyone found a workaround? This is quite important as I rely on signed email messages when working on large documents.
  Thanks,
  Mike.
  iMac G5 1.5Gb RAM 250 Gb HD   Mac OS X (10.4.6)  

  This is from Mail Help, that perhaps you have not seen:
  "Signing and encrypting email messages
  If you have a personal certificate on your computer, you can send signed messages (including the body of the message and any attachments) to anyone using Mail. Signed messages let your recipients verify your identity as the sender, and provide assurance that the message has not been tampered with in transit. A Signed icon (a checkmark) in the email header indicates your personal certificate is installed in Keychain Access.
  Encrypted messages (which encrypt both the body of the message and any attachments) offer a higher level of security than just signed messages. You can only send encrypted messages when you have certificates stored on your computer for both you and all recipients of your message. The easiest way to get someone's certificate is to have them send you a signed email message. When you view a signed message, Mail automatically imports the person's certificate (or "public key") and stores it in your keychain. You'll know you have the recipient's personal certificate installed in Keychain Access if an Encrypt (closed lock) icon appears next to the Signed icon after you address a new mail message to that person.
  To SIGN and ENCRYPT an email message:
  Choose File > New Message. In the Account pop-up menu, choose the account for which you have a personal certificate installed in your keychain. A Signed (checkmark) icon on the upper-right side above the message text indicates the message will be signed when you send it. To send the message unsigned, click the Signed icon to deselect it. An unsigned ("x") icon replaces the checkmark.
  Address the email. An Encrypt (closed lock) icon appears next to the Signed icon if you have a personal certificate for the recipient in your keychain and indicates the message will be encrypted when you send it. To send the message unencrypted, click the Encrypt icon to deselect it. An open lock icon replaces the closed lock icon.
  For security, encrypted messages are saved in your Sent mailbox in an encrypted format.
  If you don't have a certificate for all the recipients, a dialog appears that allows you to either cancel the delivery of the message or send the message unencrypted.
  If your recipients are using Mail, security headers marked Signed and Encrypted are visible in the messages they receive. If they are using an application that doesn't use signed and encrypted messages, the certificate might be in the form of an attachment. If your recipients save the attachment as a file, they can add your certificate to their keychain.
  Since many mailing lists reject signed messages (because the signature is an attachment), deselect the Signed icon before sending a message to a mailing list.
  See also
  encryption
  security
  digital signature
  Open this for me
  Apple Service & Support article: How to Use a Secure Email Signing Certificate (Digital ID)"
  Hope this answers your problem.
  iMac 1.9 GHz PowerPC G5 1.5 GB DDR2 SDRAM   Mac OS X (10.4.6)   Slot Loading 8X Dual Layer SuperDrive, iSight & Apple Remote; iPod Video

• Experts say it been tampered with...

  My wifes i mac pro (2009)-black keys OSX-Lion has had many strange thing happening to her settings display mail system and network connections to Verizon. She has also had duplicate issues on her iphone.
  This is the 3rd "apple experts analysis:
  Maria and I spent time restoring her music and photos, working on organizing her photos by creating a good workflow, removing confusing duplicates, cleaning up unnecessary files an folders on her computer, recovering emails, talking about how things are synced and some more general tutoring.
  We talked about security, talked more about her situation which she explained in further detail, explored her computer and checked many settings and spots for foul play or erroneous settings.
  The end result and diagnosis: 100%, her computer is being tampered with by someone other than herself. There is no way for Maria to secure her computer and she should stop trying to spend money and time to do so. It's become clear that her computer is being tampered with either remotely or in person or both. It's become clear that the attacker is someone who knows Maria as they are not after financial gain nor after stealing anything off the computer.  I believe they are only doing this to toy with her.  Because this is the case, and because the attacker has personal knowledge or access to her computer, there is truly no way to secure her computer.  It's unfortunate.
  Please note, none of this is certain, it is only my professional opinion. At this point, backing up consistently is her only course of action until she discovers the person that is tampering with her computer and solves the problem by solving the issue with that person.
  Regarding your question about your home router, I think it is a non issue. Your home router is not the problem. It is certainly an access point for someone to take control of the computer, but so is being on the internet anywhere. For this reason, the router is inconsequential.
  My response:
  BUT, when a conclussion to an issue is the following statements "The end result and diagnosis: 100%, her computer is being tampered with by someone other than herself." and "until she discovers the person that is tampering with her computer and solves the problem by solving the issue with that person.
  1. It not me
  2. Its not my son
  3. Its not my daughter
  4. IT MAY BE REMOTELY. "not really sure"
  I've been in business for over 30 years and when I give a person a document that they are paying good money I have my t's crossed and i's dotted.
  This isn't!
  If in fact you are 100 % sure it is tampering then HOW, what device, what program, what techniques is this "hacker" accessing her computer even after she has change all pass words and security setting?
  And how good of a hacker does this person have to be to do all that is done on the computer?
  Any help would be helpful. Spent way to much for thes answers and no solutions

  The "analysis" contains nothing to suggest that the computer has been tampered with; that's merely a conclusion, without any supporting evidence. It also contains the nonsensical statement, "There is no way for Maria to secure her computer and she should stop trying to spend money and time to do so," which could not have been written by anyone who knows anything about IT security. That strongly suggests to me that the "analysis" is completely worthless.
  To secure the computer, take the following steps:
  1. Back up all data using Time Machine.
  2. Erase the boot volume and reinstall Lion.
  3. Go through the initial setup process, importing only user data and settings, not applications or other files.
  4. Install only trustworthy third-party software from original media, by download from the developer's own file server, or by purchase from the Mac App Store.
  5. Activate FileVault and choose a secure login password. Never write down this password, and never disclose it to anyone, including Apple. Keep in mind that if you forget the password, your data will be lost beyond any hope of recovery (unless you have unencrypted backups, which somewhat defeats the purpose.)
  6. Do not activate Remote Login or Screen Sharing.
  7. Do not connect unknown peripherals, such as USB devices, that might contain a hardware keylogger.
  You'll then have something close to military- or diplomatic-grade security for your data.

• Is firefox creating "Choose your favorite way to communicate" appearing in my Yhaoo mail display?

  Sometimes when I try to display the list of e-mails in my Yahoo mail I get the message noted with three word/symbol responses;
  Email, SMS or Instant Message instead of the email list. I can not get away from the message without leaving mail subsystem. Even if I select one of the responses offered, nothing happens. If I try to "save" the message, it shows it as a Firefox file? Yahoo doesn't seem to know anything about it but I did find a report of the same problem on Maxthon Forum with a snap of the screen image. I downloaded to jpeg and can forward it if you want to see a sample of the problem.

  I had this same problem and finally figured out that somehow one of my children had tampered with my Yahoo mail while I was away from the computer. It's been a few months, but I fixed it in just a few seconds by clicking and dragging the preview screen (the one that's telling you "choose your favorite way to communicate") down and/or out of the way. Once I used the bar/line to drag that screen out of the way my inbox and emails appeared again!
  To repeat, the problem had nothing to do with enabling or disabling the preview pane. It was simply that my inbox was being "covered up" by that other screen.

• Please help me to access my yahoo mail account. What should I do if get this message ? : "If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue. "

  The following is the extended part of the error message :
  Technical Details
  mc1610.mail.yahoo.com uses an invalid security certificate.
  The certificate expired on 13-Feb-12 5:30 PM. The current time is 09-Mar-12 1:06 PM.
  (Error code: sec_error_expired_certificate)
  I Understand the Risks
  If you understand what's going on, you
  can tell Firefox to start trusting this site's identification.
  Even if you trust the site, this error could mean that someone is
  tampering with your connection.
  Don't add an exception unless
  you know there's a good reason why this site doesn't use trusted identification.

  Hi,
  Please also try here: https://login.yahoo.com/
  If the problem persists please try deleting the '''cert8.db''' file in the [http://kb.mozillazine.org/Profile_folder Firefox Profile Folder] after exiting Firefox. You can also open the profile folder in Firefox '''Help '''('''Alt '''+ '''H''') > '''Troubleshooting Information''' > '''Open Containing Folder''', and exit Firefox.
  [http://kb.mozillazine.org/Profile_folder_-_Firefox Firefox Profile Files]

• Something has gone crazy wrong with my 'contacts' for e-mail and the addresses are all a jumble of letters. What do I do?

  I read one of my e-mail letters and wanted to forward it. When I clicked on the contact list to send "to" all the address were just a jumble of letters. ie: jdnter:@mdjl . Nothing made any sense. Has my e-mail been tampered with? Any suggestions? Please HELP
  I went back to try to 'copy' a sample to send to you but everything was back to normal. What happened?

  Are you using a key scrambler extension (Comcast Constant Guard) ?
  Start Firefox in <u>[[Safe Mode]]</u> to check if one of the extensions or if hardware acceleration is causing the problem (switch to the DEFAULT theme: Firefox (Tools) > Add-ons > Appearance/Themes).
  *Don't make any changes on the Safe mode start window.
  *https://support.mozilla.com/kb/Safe+Mode
  *https://support.mozilla.com/kb/Troubleshooting+extensions+and+themes

• Mail wont open and restart cancelled by mail

  when I try to open my e-mail it wont open - it just doesnt do anything.  When I try to download updates or shut down computer it says it is intereupted by mail.  Help

  Force Quit the Mail Application
  Click the Apple Logo in the top left corner of the screen
  Click "Force Quit"
  Select the MAIL application
  Force Quit the app
  After the application is quit then you should be able to restart your computer.
  The Application is fully quit when the is no little glowing dot under the application icon.

• How can I disable sending from one Mail account?

  Hello. I have a gmail account that I use to subscribe to various newsletters and accounts. So it's essentially a read-only account for me. But I too frequently accidently send mail from that account. Is there a way to prevent mail from being sent from that account?

  I want to do the same thing as the OP.  I have tried making outgoing server none. And checking "always use this server so it prompts me to edit the message so that I manually select a different address to send from inthe drop down list. And selecting a different account for composing.  Actually, all my outgoing emails keep coming from the one account I am attempting to disable.  Got any other ideas?

• How can I setup a mail-specific passcode/restriction on iPad used by multiple family members?

  How can I setup a mail-specific passcode/restriction on iPad used by multiple family members?
  Have an Exchange mail account setup and accessible in my mail on iPad... however my kids use it and i would like to restrict them from accessing this specific portion of the device.  I tried viewing restriction options and do not see that i can apply a restriction specifically to Mail.  Thanks for your help.

  Not a feature of iOS. Check the AppStore to see if there are other
  mail apps that allow passcode protection.
  Or use Safari to log onto your email via a web-based interface and
  enter your credentials each time. A bit slower, but the kids will
  not know the details to login.

• How can I move an e mail account from one family pack to another

  I have an e mail address (not main family pack e mail address) and I would like to move it to another family pack. Is this possible and if so how?
  Thanks

  Caroline12, Welcome to the discussion area!
  I believe that your question is about a Mobile Me family pack account. If that is true, I believe that the answer is no.
  But your probably should post your question in the Apple.com > Support > Discussions > MobileMe discussion area.

• How can I display not only one account's mail but all in the central inbox?

  I am changing from OSX (machines with OSX 1.8.5 and Mavericks) mail to Thunderbird.
  However, one feature of OSX Mail I can't find in Thunderbird or have overseen it:
  I use several mail accounts, that OSX Mail is showing me on top level in one general inbox.
  Below that level, I can of course jump into the different accounts if needed to read mails only related to that account.
  Is there a similar view in Thunderbird?
  Thanks for any help
  Christoph

  http://kb.mozillazine.org/Global_Inbox

• Filename in sender Mail Adapter

  Hi Experts,
  Brief about Scenario:
  Invoice generated with PDF format in R/3 system and send to  mail box.  XI  pick that file from mail box  and deposited in SFTP Server.   
  Landscape in XI end.
  Mailbox - - -  XI 7.0 - - - SFTP
  The file name generated with CompanyCode_InvoiceType_InvoiceNumber.PDF from R/3 system. So that Same file name should be deposited in SFTP Server  . Here CompanyCode and InvoiceType are static and invoiceNumber generated dynamically with PDF format.
  My question is How to get file name from mail box.
  Thanks in advance.

  Hups. I forgot what was your main problem
  To get attachment file name you can try to implement you own adapter module as described [here|http://wiki.sdn.sap.com/wiki/display/XI/Adapter%20Module%20PI%207.0%20Get%20Attachment%20Name?bc=true]:
  I found it in this [thread|Need to get the Mail attachment name as it is to the receiver file adapter;.
  Please check that thread. The question is "not answered" but the last post states it was solved that way.

• Cannot send email from yahoo mail client

  I cannot open or send or attach anything to my email in the yahoo mail.  I know there's nothing wrong with the email because it works on my laptop, just not on my computer.  Could there be a setting problem, or a cookie problem or something?
  I also cannot open Bonjour to see my printer settings.  Everything was working fine yesterday.

  outgoing mail server
  SMTP - Yahoo! SMTP Server
  primary server
  Yahoo! SMTP server - ON
  server port 465
  That's what I have for my yahoo account.

• Cannot send email from Mail through .mac account

  I have recently opened a .mac account and started using the email service. It works fine online however I am having difficulty sending messages through the Mail application in Tiger.
  Whenever I attempt to send a message, a dialog box appears saying "Cannot send message using the server smtp.mac.com".
  I have tried looking at the setting in preferences. I have deleted and .mac a/c setting in Mail and re-set them up, all the problem persists.
  Please help!

  Hello David.
  Who is your ISP used for connecting to the internet and are you accessing an email account snd SMTP server in Mail provided by your ISP?
  If so, can you send messages with the email account and SMTP server provided by your ISP?
  Most, if not all ISPs now block the use of SMTP servers that are outside of their network (or not provided by the ISP used for connecting to the internet) on Port 25 which is the standard port used for SMTP servers. Some ISPs allow the use of an authenticated SMTP server only (such as the .Mac SMTP server) that is outside of their network on Port 25 but some block its use regardless.
  These restrictions are part of an overall effort to prevent spam emanating from the ISP's domain.
  Something to try.
  Go to Mail > Preferences > Accounts and under the Account Information tab for your .Mac account preferences at the SMTP server selection, select the Server Settings below for the .Mac SMTP server.
  Enter 587 in place of 25 in the Server Port field and when finished, select OK to save the changed setting.
  Test if this resolves the problem.
  If not and you are accessing an email account and SMTP server in Mail that is provided by your ISP used for connecting to the internet, select/use your ISP's SMTP server to send mail with your .Mac account which is invisible to all recipients.