Sorry, I know this is not Psyche specific but this is the most active list. I received an email, (virus packed no doubt), on 2 different mail servers, 2 different domains; the message claims to come from root but the relay IP is in SOA somewhere in China. I don't understand why sendmail allowed it. The e-mails had README.EXE embeded in them as a "*.wav" mime type. This is all that was in the maillog. Nov 7 00:35:08 mail sendmail[23448]: gA78Z5Y23448: from=root@mail.wavefood.com, size=156475, class=0, nrcpts=1, msgid=<200211070835.gA78Z5Y23448@mail.wavefood.com>, proto=SMTP, daemon=MTA, relay=[211.101.140.97] Nov 7 00:35:09 mail sendmail[23449]: gA78Z5Y23448: to=root@mail.wavefood.com, ctladdr=root@mail.wavefood.com (0/0), delay=00:00:03, xdelay=00:00:00, mailer=local, pri=216178, dsn=2.0.0, stat=Sent Thanks, Joshua -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
