PS what is the deal with the SO.Big or whatever I have never received over 2 or 3 of these in a single day and today fprot has found over 25!
Sobig.F is a variant of the sobig virus which uses a multi-threaded smtp engine. Instead of spreading itself one message at a time to addresses in your address book/mailboxes, it delivers messages in parallel. Since an SMTP conversation usually has a lot of dead time, this vastly increases the number of messages sent out by the virus. It's slamming mail servers all over pretty damn hard.
From my own mail systems: http://phantom.dragonsdawn.net/~gordon/sobig.f.outbreak/
We're seeing upwards of 1000 connections *per minute*, most of which are either the virus, or a mail server on the internet informing us that its found a virus in a message with one of our return addresses.
There was a big dip this morning, and we believe that this corresponds with several major ISP's going offline. I'm told that Qwest shut their mail systems *off* last night, and my own Comcast cable connection was down this morning. Their support told me that their whole network was offline.
-- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
