On Wed, 4 Feb 2004 13:52:58 +0000, Anne Wilson wrote > On Wednesday 04 February 2004 13:32, robin wrote: > > Anne Wilson wrote: > > > Increasingly, members of this list are being accused of sending > > > virused emails. I know that some of you have no choice but to > > > use windows for part of your life, but PLEASE, if you do, check > > > that you are clean. Our addresses are being picked up from > > > somewhere, and more and more clues point to someone who uses > > > linux mailing lists. The warning I received this morning was from > > > [EMAIL PROTECTED] > > > > It is not necessary to use Windows to have your address appear in > > the From header of a virus - all that is necessary is for your > > email address to be in the address book of someone who has an > > infected computer. Same goes for spam - I've had mails ostensibly > > from myself offering the usual viagra, organ enlargement etc. > > > > Sir Robin > > Agreed, Robin, but I ask myself who would have an addressbook with > the names of a number of people from a linux mailing list? It could > be coincidence, but working on the principle that two is coincidence, > three, just possibly, more than that - probably not....
>From my experience, this virus isn't just scanning address books and flailing away. It's mixing and matching so if it finds [EMAIL PROTECTED] and [EMAIL PROTECTED] in an infected computer, it's going to fake [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] and [EMAIL PROTECTED] mandrake.com. Given the odds (and a huge address book), sooner or later some of these composed addresses are going to start resulting in real addresses. At least that's how it appears to me, judging from all the failed attempts in my mail server logs. Besides, anyone using outlook with the 'copy all emails to addresse book' setting will quickly get a collection of linux mailing list addresses the first time they receive a forwarded email from a linux friend (like a tech tip, or a buy-sell note). Some people like it that way, other's don't even realize they're filling up their address book with strangers. So it's very easy for a non-linux person to load up their address book with linux mailing list addresses. The thing that bothers me most about this virus is: - Not the virus itself. It was quickly added to my filters, never to be seen again. - Not the faked addresses. They are rejected (NOT BOUNCED) by my mail server and never returned. No, the thing that's most annoying is the continual stream of bounce replies from mail servers that feel the best solution to an unknown user is to send it back (to the faked sender) in full with comments. This is not the correct way to deal with mail, particularily when it's virus initiated. Scott -- Nothing goes to waste when Little Fish are near! (http://www.littlefish.ca)
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
