E-mail Changes

Please be sure to let us know when you change your e-mail address, so you don't get dropped from our lists. You can always use the Clergy E-mail listing for the latest clergy e-mail addresses. This page is updated about every month. Extension and retired ministers are now included.

Instructions for requesting removal from our e-mail lists:

We have 4 electronic mail lists (Dialogue, Bulletin Board, News and Alert). Visit our web site under Communications to get the details.

To be removed from any of our lists, please send an e-mail to Ben Roe, and he'll follow up with your request.

People who have been elected to Annual Conference membership either from their local church or their district are a part of the News and Alert lists as part of their responsibilities as members of the Annual Conference.

E-mail Formatting

E-mail format may not seem important, but it is often your introduction to someone, so you want to be sure it will look good in all the different e-mail programs that people use (not everyone uses Microsoft Outlook or Outlook Express). Here's a good article on the problem: http://www.lemis.com/email/email-format.html

E-mail Reading Tip

If you read your e-mail using a web browser (Hotmail, Yahoo, Gmail, etc.) and need the letters larger for easier reading, here's a tip: Internet Explorer gives you 5 different type sizes to choose from, though only 2 larger than the default. On the menu bar at the top, click on "View" then "Text Size" then "Larger" or "Largest." Your choice is saved until you change it. If you have a wheel mouse, you can hold down the Control <CTRL> key and roll through the available sizes.

Many Internet-savvy folks have switched away from Internet Explorer because of the frequent security issues that have arisen from vulnerabilities of IE. If you download and install the free, open source program "Firefox" you will have the ability to choose even more sizes from tiny to huge. Hold down the Control <CTRL> key and press either = or - to enlarge or shrink the text. If you have a wheel mouse, you can hold down the Control <CTRL> key and roll through the various sizes. Firefox is available here.

E-Mail Tips

This is just a reminder of the resources on our RMCUMC web site regarding e-mail and viruses. -- Ben Roe

The Conference e-mail lists are a way for us to stay Connected as a Conference community. If you know of someone who is a member of the Annual Conference, either clergy or lay member who isn't on our lists or appears not to read the announcements contained on at least the News list, encourage them to Connect up by giving us their e-mail address. We notice, too, that there are a few addresses whose mailboxes are full, which means that they are unused ... They are missing lots of information about the activities of our very large and active Annual Conference.

Viruses, Worms and Firewalls, Oh My!

Resources for Staying Safe Online

RMC News postings occasionally mention e-mail security. Here is a Web site that has lots of resources and tips on staying safe online. Here is another site that may be helpful, and another, from Microsoft.

Tips on Home Computer and Home Network Security

Here are 2 web sites that may be helpful as you consider the security of your computer system (and your home network, if you have one): Home Computer Security and Home Network Security. This is from the CERT Coordination Center for internet security at Carnegie Mellon University.

Here are some Anti-Virus software suppliers:

• McAfee 
• Norton
• Grisoft
• Dr. Solomon
• F-Secure
• Trend-Micro
• Kaspersky

Reviews of Anti-Virus Software:

• C|Net
• Firewall Guide

For you hardcore security fans, you should read this as well, about a significant risk of visiting untrustworthy web sites for users of Internet Explorer 5.5 or 6.0 on Windows 98 and XP. Includes notes about workarounds to protect yourself. 

More on Keeping E-mail Safe

Lloyd Ludlam, a United Methodist from Colorado Springs, has sent some more suggestions for users about keeping your e-mail safe. Lloyd has considerable experience with computer software. I've edited and expanded his suggestions a bit below. While the bulk of the discussion is focused on Windows users, the principles work for other operating systems. If anyone has experience with security issues for the Mac, you are welcome to forward your experiences to me for possible sharing via News. And if there are Linux or Unix users out there (in the Rocky Mountain Conference, that is), let me know.

First, you can update your Windows operating system from this Web site. Updating your Windows installation will help by installing any fixes for security holes discovered in various parts of the operating system. The page will ask your permission to install its Windows Update Control Package, which is necessary for the update to proceed. For Windows XP users, just turn on Automatic Updates.

Second, you can sign up for Microsoft's Security Notification Service that keeps their users informed of vulnerabilities as well as product upgrades that address these vulnerabilities. More information on this service. Be sure to read the 3 links at the left under "About Microsoft Passport."

Keeping the Operating System and Applications Software (such as MS Office, Netscape Navigator, Eudora, etc.) up-to-date and free of "bugs", and protected from attacks by "hackers", "whackers", etc., is just as important as keeping the Anti-Virus definitions current to protect against; "virus", "worm", etc. infestations.

The best discussion Lloyd has seen regarding the "friendgreeting" worm is found at this link.  The interesting aspect of this "worm" is that the "user" has to give permission via "EULA" [End-User License Agreement] agreement to have the "worm" installed, which makes the whole thing "legal". (BARF!) Which means that users should actually read those EULA agreements!

Up-to-date anti-virus definitions can keep the "worm" out of a users PC, but once infected, the Bug must be removed. Instructions for "worm" removal can be found at the above URL.

Finally, if you use other products that don't come from Microsoft, you should also keep them updated. For example, Netscape Navigator has a page addressing the question of upgrading and why it's a good idea here. The latest versions are available here. Eudora (an e-mail program) is here.

If your computer is at your place of work, you probably should not do these things without your network administrator's knowledge or permission, depending on your employer's policies.

Our Conference policy that e-mail is our primary means of communicating Conference news and announcements, means it is even more important to keep the connections open and available. More information here.

Updates NOT from Microsoft

There's a nasty Trojan horse-style worm in town--and it's cunningly wrapped in sheep's clothing. Known as either Xombe or Downloader, it comes cloaked as an e-mail from Microsoft, containing security patches that must be applied immediately. Instead of securing your system, however, it ends up installing another file-a Trojan horse.

From the Ziff Davis eNewsletter.

Another Virus: "Hi" Not Friendly

There's another Trojan horse-style virus/worm circulating called the Bagle or Beagle virus. It comes with a simple "hi" or "test" subject line and the attachment has the Windows Calculator icon to hide what it's really doing. Read more here or here.

Needless to say, do not open attachments unless you know they're coming. There may be simple text attachments to News and Bulletin Board notes telling you about the lists and where to go for more info. It is not a virus. All executable (that is, 'runnable') files are blocked at the Conference office firewall.

Sobig, Blaster, etc.

News outlets carry news about the virus, nicknamed "Sobig", that sweeps the internet on occasion. This virus/worm does come via e-mail in contrast to the "Blaster" worm, which came solely from one's connection to the Internet. Here's a story about it..

The RMCUMC e-mail system successfully strips the virus "payload" from these e-mails. If you wish to verify this for yourself, give me a call (800-536-3736x102) or send me (Ben) an e-mail that has a meaningful subject line DIFFERENT from one of those below (otherwise, I'll delete it before reading it!)!

If you have not gotten either a firewall appliance or firewall software for your computer, you should consider getting one. If you have not gotten virus-scanning software or signed up for automatic updates, now is the time! 

Maryann Allison, lay member from Salt Lake City, sent a copy of the note below to the Dialogue e-mail list.

From McAfee Security Dispatch:
A new variant of W32/Sobig, W32/Sobig.f@MM is a High Risk mass-mailing worm. It arrives as an email attachment with a .pif or .scr extension. When run, it infects the host computer, then emails itself (using its own SMTP engine) to harvested email addresses from the victim's machine. In addition, when it propagates, the worm "spoofs" the "from: field", using one of the harvested email addresses. 

Note: The worm copies itself onto the infected machine as: C:\WINNT\WINPPR32.EXE 

Caution: An infected email can come from addresses you recognize and may contain the following information: 

WHAT TO LOOK FOR: 

Subject: [content varies] 
- Your details
- Thank you!
- Re: Thank you!
- Re: Details
- Re: Re: My details
- Re: Approved
- Re: Your application
- Re: Wicked screensaver
- Re: That movie 

Body: [content varies] 
- See the attached file for details
- Please see the attached file for details 

Attachment: [content varies] 
- your_document.pif
- document_all.pif
- thank_you.pif
- your_details.pif
- details.pif 
- document_9446.pif
- application.pif 
- wicked_scr.scr
- movie0045.pif 
---------- end McAfee Security Dispatch ---------

Visit  McAfee's web site for more information.

Virus: Bugbear

The "Bugbear.B" virus spread to 115 countries in a few hours last summer. Among a number of interesting (and dangerous) things this virus does is that it changes itself, sets up a backdoor to your computer, and attempts to stop any anti-virus software you may have running. AND it puts someone else's name in the "From:" field, so that it can't be traced easily back to its originator. Several have e-mailed me telling me to take them off our list, and they are not on it! Update your virus definition files NOW!

For more information, read:

• BBC Technology News
• Norton/Symantec
• F-Secure

Nigerian (or UK, or whatever) Funds E-mails

If you get an e-mail asking you to help someone transfer millions of dollars, usually from Nigeria, sometimes from Kuwait, you should visit this web site before responding. These are scams with slight variations in facts, though always you lose money. You can also visit Snopes to check out other things on e-mail or the Web that are suspicious. They have tons of good stuff. 

New Form of Financial Scam

Probably all of us have received various versions of a Nigerian e-mail scam in which someone in Nigeria or of Nigerian origin wants to transfer millions of dollars to your bank account. All they need is your bank account number(!). There are many forms of Nigerian letter scams, but a new one specifically preys on Christian faith communities. Please be alerted that ALL of these solicitations are fraudulent - and dangerous. If you believe that no one would fall for this scam, be aware that a former district attorney in southern Colorado was victimized! Please advise those in your faith community to totally disregard these e-mails and letters.

Fake E-Mail Greeting Cards

E-mail is very important to our Conference communication connections. We hope you already have anti-virus software installed on your system and that you regularly update its virus "signatures" file. 

There is another type of threat, one that comes from a world wide web site that you visit (in this case at the invitation of an e-mail).

Lorrie Wright writes: 

The following alert message has been issued by McAfee (an anti-virus software company):

McAfee has noticed a resurgence in fake email greeting cards. This spam email invites the recipient to pick up an online greeting card. Downloading the card initiates a script that forwards the spam message to all Microsoft Outlook contacts. 

If you receive a notice of a greeting card and it doesn't identify the sender as someone you know, do not open the card, but delete  the whole email. If it is from someone you know, you might check with them to see if they really sent you a card before opening the card. 

Lorrie Wright, Information Systems Administrator