On Tue, 26 Aug 2003, jayjwa wrote: >Date: Tue, 26 Aug 2003 13:59:13 +0000 >From: jayjwa <jayjwa@xxxxxxxxxxx> >To: xfree86@xxxxxxxxxxx >Reply-To: xfree86@xxxxxxxxxxx >Content-Type: TEXT/PLAIN; charset=US-ASCII >Subject: Re: What's the matter with the list... > >I thought all those viruses couldn't touch us on Linux or UNIX flavors, >most viruses I seen are for Windows or windows' mail clients like outlook >or mal-scripts for Internet Explorer. I haven't had any troubles.... If someone sends you an email virus directly to your own mailbox, then you download it. If 1000 people send you that virus, then you download it 1000 times. It doesn't matter what OS or email software you are using, it is just another email, albeit an annoying one. If you use the Micro$haft Outbreak software that such viruses usually target, then you'll likely spread the virus to others as well unknowingly. If you use Linux then of course you wont spread it further, but you will still get ten billion copies of the thing in your inbox and have to delete them or filter them out. Wether or not someone is infected, everyone is annoyed by getting 10000 emails they don't want, so the virus pays its tolls on everyone simply by filling everyone's email inboxes. That's not enough though. Oh no. The millions of braindead mail server admins out there are smart enough to run antivirus software to detect and block such viruses from their own systems, but they're stupid enough to have the antivirus software configured to send out an autoresponder email when a virus is detected. However, the viruses are forging the From: and/or Sender: and/or whatever headers in the email, so the autoresponders are sending antivirus alert messages out randomly to millions of people who had absolutely nothing to do with sending the virus in the first place. Since the forged addresses the viruses use are random addresses taken from address books and emails received on the infected computer, they include innocent individual people like me and you, and they also include innocent mailing lists like xfree86@xxxxxxxxxxxx In short: joeblow1234@xxxxxxx gets sent a copy of the virus. He is running Windows and the vulnerable mail client. The virus infects his computer, and then sends out God knows how many copies of itself to random people's addresses in his address book and from mails he's received, however the "From:" address it uses are also randomized like that. The people receive copies of the virus and some of them then spread it on unknowingly. However those who do not get infected, either get their email inbox filled, or else their mail system filters out the virus for them. Some of those mail filter systems running antivirus software then send out their stupid damned antivirus warning alert messages to the forged From: address, which happens to be xfree86@xxxxxxxxxxx or whatever, and so once it hits the mailing list, it is then sent out to several hundred or thousand more people. The antivirus software is in fact as bad if not worse than the viruses themselves. Viruses end up using antivirus software as massive email system denial of service amplifiers. In addition to that, some people are on vacation and have stupid vacation autoresponders set up that help to flood everyone's email boxes with "I'm on vacation, not that you should give a shit, but I'll send you a notice about it every 10 seconds anyway" notices. Then due to this massive amount of junkmail being sent, resent, etc. people's email boxes start to fill up and max out their quota or fill the hard disk storing their email. Then, all of these systems kindly send out a nice "mailbox is full, can't deliver message" mail to everyone at the fake addresses and we're all spammed again. Those messages then get sent out to hundreds of list subscribers once again, and fill up even more mailboxes. The virus authors are not only laughing their asses off at the damage their viruses have done, but they're laughing even harder at how much the antivirus software is HELPING them to destroy email communication on the Internet and cost businesses hundreds of thousands of dollars. They're laughing hard at the sysadmins who enable these stupid autoresponders. And they're laughing the hardest, because they know when they find the next hole in Micro$oft Outbreak 3-6 months from now, they can count on the entire world having not learned their lesson from the last time, so they can destroy the email system for 2 weeks once again. I fear the only way to stop all of this is draconianism. It's definitely going to continue to get much much worse before it ever gets better. Hope this helps many people out there understand the breadth and depth of the Micro$oft email virus threat, and how much it does affect everyone, including Linux users, even if our computers don't directly spread the virus, the email system and stupid system administration policies around the net spread the massive DoS attack that is a domino-effect because of it. Time for admins around the world to put the mouse down and wake up and smell the maple nut crunch (to quote Denis Leary). But I digress... -- Mike A. Harris _______________________________________________ XFree86 mailing list XFree86@xxxxxxxxxxx http://XFree86.Org/mailman/listinfo/xfree86
