fredex wrote:
On Wed, Sep 13, 2006 at 05:33:21AM -0500, Mike McCarty wrote:
I'm getting inundated (like a few tens of e-mails a day) with
messages claiming that my machine has been identified as sending
a multitude of messages and is likely to be infected, or that
some e-mail I don't recognize was undeliverable. Both of them
recommend that I follow the attached instructions.
The attachment is a .zip which unpacks to a file named
text.doc .scr
(many more spaces in the name than I put). For some of these,
I've managed to ascertain that they are actually Windows
executables. Sometimes my ISP warns me that the attachment
contains the W32.Mydoom.M@mm virus, and the content was
removed (in which case the .zip is 0 bytes). Other times
the "virus protection" was unavailable, and I am warned
that it wasn't run, and those are the ones I've looked
at.
Would someone please help me in interpreting the headers
from these messages so I can ascertain where they originate,
and possibly get someone (who I presume is infected) either
cleaned or shut down?
Thanks very much for your time.
Mike:
I dunno where they come from, but I get tons of 'em too. They're
clearly some kind of spam, I presume them to be a phishing scheme,
though it could just be a virus laden piece of crapware.
My spam filter (spambayes) does an excellent job of filtering out
all that junk so I never see them anywhere except in the spam (or
unsure) folder.
It's probably just clueless anti-virus software sending mail to the
forged sender address used by the virus.
http://attrition.org/security/rant/av-spammers.html
http://www.joewein.de/sw/spam-virus-warnings.htm
http://www.f-prot.com/news/gen_news/030910_open_letter.html
http://www.f-prot.com/news/gen_news/040130_open_letter.html
Paul.
--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list