Here is an explanation of the Klez virus. Note that based on the explanation below, an open relay is not required. The virus can simply using it's own SMTP engine contact the recipient's email server and drop the email which is perfectly 'legal' (meaning within SMTP rules as defined by the RFCs and common safe SMTP setup practices, not legal as in the law). If someone contacts your email server to send email to you, it's not relaying.
http:[EMAIL PROTECTED] Excerpt of virus' operation: --------- Email: This worm searches the Windows address book, the ICQ database, and local files for email addresses. The worm sends an email message to these addresses with itself as an attachment. The worm contains its own SMTP engine and attempts to guess at available SMTP servers. The subject line, message bodies, and attachment file names are random. The From address is randomly-chosen from email addresses that the worm finds on the infected computer. --------- Enjoy, Woody On Sun, 2002-04-21 at 19:22, J. Craig Woods wrote: <snip> > > As a matter of fact, I have never heard of or seen a email type virus, > such as W32/Klez.e@MM, on linux. Another reason to bring the uninitiated > into the fold, right LX? > -- Woody --------------------------------------------------------------- Gatewood Green Web Developer/Systems Admin Email: [EMAIL PROTECTED] http://www.linif.org/ Linux in Idaho Falls Linux User Group ---------------------------------------------------------------
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
