"unrepairable virus detected" says MAILER DAEMON....victim of spoofing?

Could he in fact have a virus?

No because there are none that currently infect or affect OS X - with any version.

He uses an iMac 20"/1.8 Ghz (running on Panther) and purchased
in March '05....could this make him more vulnerable than those of
us running on Tiger with newer machines?

No again - check previous answer.

Is there any way to stop hackers from using his email address?

I think you mean spammers, not hackers and no there isn't.

Will his IP eventually get block listed again?

Doubtful since whichever spammer used his email address to appear as the sending email address for a bulk spam mailing is not using his IP.

This message with an infected attachment may have been sent by an infected Windows PC which has your friend's email address in the infected user's address book. Such a virus sends an email with infected file attached to every email address in the infected user's address book (without the infected user's knowledge) and randomly selects an email address from the address book to appear as the sending email address for the message.

No such virus or any virus exists for OS X.

" A few months ago my friend's email was put onto a blocklist, because it was detected that his mac was vulnerable to hackers."

Absolute nonsense.

"Or is the mailer daemon email ITSELF A SPOOF?"

Yes.

Backing up your data on a regular basis is by far the best assurance against any computer-related problem. Keep up with security updates and don't open attachments without confirming with the sender what they are, and odds are, you will never get a virus, even if one existed for Mac OS X.

Yes you should take precautions by installing security updates when made available by Apple and use what is between your ears.

A Mac with an Intel processor is not any less secure than a Mac with a PPC processor. It isn't the processor type which makes an operating system more or less secure - it is the OS.

Installing Windows on a Mac with an Intel processor makes it as grossly insecure as Windows on any PC. If Motorola processors (PPC) were the primary processors used on PCs, nothing would be any different in regards to Windows insecurity.

bubbalauren,

If he didn't send the email, then the most likely reason for the message is that somebody is spoofing his email address.

Is there any way to prevent address spoofing? Yes, but not at the user's level.

Your friend could be blacklisted again.

Yes, it is possible that the email message itself was a fake.

Should we take precautions? YES! Turn on and configure your firewall. Don't go to dodgy, skanky or other such suspect Web sites. Turn off "Open 'safe' files after downloading" in Safari. Don't use P2P software like Limewire. Never, ever, download and install any program from an unknown or untrusted source, no matter how "cool" the magazines or your friends tell you it is. Create an administrator account and make your user account an ordinary, non-administrator user.

Oh, and look at Apple's recommendation with respect to using antivirus on your Mac. (Item 6.)

Backing up your data is a Very GOOD IDEA(TM), but it is not a cure-all.

-Wayne

Using a firewall has some benefits, but a firewall will not prevent spoofing because spoofed messages almost always originate outside of the firewalled network and get delivered via standard email protocol.

Stanley,

Thanks for underlining one of my comments:
"Is there any way to prevent address spoofing? Yes, but not at the user's level."

The laundry list (including comments on using the built-in firewall) was in direct response to another of bubbalauren's question:
"Should we take precautions against potential security threats ( as Mac users)", which was not about spoofing.

-Wayne

Thanks for the clarification. It might be helpful to also note that anyone who has a consumer-level router for your DSL or cable modem probably already has a firewall that's fine. There is no need to use both a software and a hardwire firewall for Mac users in my opinion.

Its also usually a good idea to keep your firewall's firmware current if you're using a hardware firewall. This is one reason why I like to use Apple's Airport Extreme, because Apple is good at pushing out updates for it as necessary.

Stanley,

Since the majority of consumer-grade router/firewalls are kept in the default (ie insecure with well-known default passwords) configuration, it is still a VERY GOOD IDEA(TM) to configure the built-in ipfw firewall on your Mac.
It is also a VERY GOOD IDEA(TM) to properly secure your router.

You should also be aware that wireless is inherently insecure.

-Wayne

Wired and wired networks are as insecure or as secure as their owners configure them to be, within reason. A properly configured hardware firewall is all the average person needs. Note that I said "properly configured." Configuring a hardware firewall is not all the much more effort than configuring a software firewall.

Stanley,

Since wireless networking involves broadcasting traffic that can be intercepted by any appropriately tuned receiver within radio line of sight, I stand by my statement.

Second, you are creating a single point-of-failure for your network's security. Given the huge number of known router vulnerabilities, using the BSD-standard firewall ipfw, for which Apple has so kindly provided a user-friendly and easily-understood GUI, makes for a solid second layer of defense.

Making regular data backups and properly configuring your router are both VERY GOOD IDEAS(TM), but, even taken together, they are not "all the average person needs" with respect to computer security.

Computer security is a process. You have named two good practices in that process, but there is no single "magic" bullet that makes computers secure, not even for the average person.

-Wayne

That's a reasonable opinion. For me, doing backups is priority number one as far as protecting myself against harm from a computer glitch.

Network security is indeed important, but I feel the importance weighs much more heavily toward Windows users then Mac users. In all the years I have had Macs on a publicly available nework running 24x7, I have never found a successful intrusion attempt on any of my Macs, including the ones that I use for file sharing and web site hosting. Still, there's always a first time for everything, so good security practice is needed.

Hello Stanley.

I agree with Wayne here - keeping the built-in firewall included with OS X on without any services/ports activated that aren't needed or regularly used is a good idea regardless if you are behind a hardware firewall.

I've never experienced a conflict this way so if having a 2nd layer of defense doesn't hurt or cause any problems, I don't see why not.