Here is an explanation of the Klez virus.  Note that based on the
explanation below, an open relay is not required.  The virus can simply
using it's own SMTP engine contact the recipient's email server and drop
the email which is perfectly 'legal' (meaning within SMTP rules as
defined by the RFCs and common safe SMTP setup practices, not legal as
in the law).  If someone contacts your email server to send email to
you, it's not relaying.

http:[EMAIL PROTECTED]

Excerpt of virus' operation:
---------
Email:
This worm searches the Windows address book, the ICQ database, and local
files for email addresses. The worm sends an email message to these
addresses with itself as an attachment. The worm contains its own SMTP
engine and attempts to guess at available SMTP servers.

The subject line, message bodies, and attachment file names are random.
The From address is randomly-chosen from email addresses that the worm
finds on the infected computer.
---------

Enjoy,

     Woody

On Sun, 2002-04-21 at 19:22, J. Craig Woods wrote:
<snip>
> 
> As a matter of fact, I have never heard of or seen a email type virus,
> such as W32/Klez.e@MM, on linux. Another reason to bring the uninitiated
> into the fold, right LX? 
> 

-- 
     Woody

---------------------------------------------------------------
Gatewood Green            Web Developer/Systems Admin
Email:                    [EMAIL PROTECTED]
http://www.linif.org/     Linux in Idaho Falls Linux User Group
---------------------------------------------------------------


Want to buy your Pack or Services from MandrakeSoft? 
Go to http://www.mandrakestore.com

Reply via email to