Re: [gentoo-user] Did anony receive this crap too?
On Sun, 30 Nov 2003 22:48:42 -0600 rd [EMAIL PROTECTED] wrote: True, SA is missing it here too! Is there any way or any thing that we should be doing to feedback this info to the SA project?? -rdg SA's focus is on detecting UCE, not virii. If you want a quick fix, try score MICROSOFT_EXECUTABLE 10 in your local.cf or a better way is to hook a virus scanner into your MTA. There are also some helpful rules to detect virus bounces on the wiki at www.exit0.us or you could even write your own rules, they're only regular expressions. -- Yorkshire Dave. Custom rules for spamassassin, detect listwashing tokens http://www.wot.no-ip.com/cgi-bin/detoken.pl -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sunday 30 November 2003 10:48 pm, rd wrote: True, SA is missing it here too! Is there any way or any thing that we should be doing to feedback this info to the SA project?? You not using SA's learning mechanism?? It can learn about spam if you teach it. Jeff -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/yziXld4MRA3gEwYRAiJjAJ0aPlUECIsxz0AonAauZM2cI9GZxwCeN7dT Wg//yQJR5xiUAJI5ZxobVbo= =yT9A -END PGP SIGNATURE- -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
FX wrote: I started getting it on Nov 18th. two or three a day. the MS update attached crap email and some with undeliverable Mail:User Unknown I found it its the SWEN bug. great it is from back in Sept. http://antivirus.about.com/cs/virusencyclopedia/p/gibef.htm Yes, it's exactly my case too ! But I really don't know what for M$ viruses are sended to me, no windblowz here ... -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
the senders assume ppl are using windows, and it is ofcourse not microsoft thats sending it, probably some ppl that hates m$ :) On Mon, 2003-12-01 at 16:54, Norbert Kamenicky wrote: FX wrote: I started getting it on Nov 18th. two or three a day. the MS update attached crap email and some with undeliverable Mail:User Unknown I found it its the SWEN bug. great it is from back in Sept. http://antivirus.about.com/cs/virusencyclopedia/p/gibef.htm Yes, it's exactly my case too ! But I really don't know what for M$ viruses are sended to me, no windblowz here ... -- [EMAIL PROTECTED] mailing list -- Regards, Redeeman () ascii ribbon campaign - against html e-mail /\- against microsoft attachments -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
On Sun, 2003-11-30 at 22:09, FX wrote: I started getting it on Nov 18th. two or three a day. the MS update attached crap email and some with undeliverable Mail:User Unknown I'm getting the same ones. I'm starting to get up to around 10 a day. But the thing is most of the MS worms (W32/[EMAIL PROTECTED] in this case) that are sending out the faked MS updates and forcing the undeliverable Mail bounces are harvesting the e-mail address from the Outlook address book. So, if any of you out there are using MS Lookout... I mean Outlook... without a virus scanner, shame on you. BTW: I haven't looked at the archives, but are the e-mail addresses being munged? -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
Steven Elling wrote: So, if any of you out there are using MS Lookout... I mean Outlook... without a virus scanner, shame on you. Better wish them luck. :) -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
And if they are NOT be munged -- WHY WHY WHY not!!! -rdg On Mon, 2003-12-01 at 17:40, Steven Elling wrote: On Sun, 2003-11-30 at 22:09, FX wrote: I started getting it on Nov 18th. two or three a day. the MS update attached crap email and some with undeliverable Mail:User Unknown I'm getting the same ones. I'm starting to get up to around 10 a day. But the thing is most of the MS worms (W32/[EMAIL PROTECTED] in this case) that are sending out the faked MS updates and forcing the undeliverable Mail bounces are harvesting the e-mail address from the Outlook address book. So, if any of you out there are using MS Lookout... I mean Outlook... without a virus scanner, shame on you. BTW: I haven't looked at the archives, but are the e-mail addresses being munged? -- [EMAIL PROTECTED] mailing list -- Never underestimate the bandwidth of a station wagon full of tapes! -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
rd wrote: And if they are NOT be munged -- WHY WHY WHY not!!! -rdg On Mon, 2003-12-01 at 17:40, Steven Elling wrote: On Sun, 2003-11-30 at 22:09, FX wrote: I started getting it on Nov 18th. two or three a day. the MS update attached crap email and some with undeliverable Mail:User Unknown I'm getting the same ones. I'm starting to get up to around 10 a day. But the thing is most of the MS worms (W32/[EMAIL PROTECTED] in this case) that are sending out the faked MS updates and forcing the undeliverable Mail bounces are harvesting the e-mail address from the Outlook address book. So, if any of you out there are using MS Lookout... I mean Outlook... without a virus scanner, shame on you. BTW: I haven't looked at the archives, but are the e-mail addresses being munged? -- [EMAIL PROTECTED] mailing list -- Kathy Wills + + Genealogy Web Site: http://www.kathywillsfamily.com + + + + Summit Group Web Site: http://www.tsginfo.com/index.php?rc=VW4374 + + -- [EMAIL PROTECTED] mailing list
[gentoo-user] Did anony receive this crap too?
I'm getting lots of spam and virus mails to the account I use for the gentoo mailinglist lately. CONGRATULATIONS! CONGRATULATIONS!! CONGRATULATIONS!!! Due to mix up of some numbers and names, we ask that you keep your winning information confidential until your claims has been processed and your money remitted to you. This is part of our security protocol to avoid double claiming and unwarranted abuse of this program by some participants. All participants were selected through a computer ballot system drawn from over 68,000 companies and 80,000,000 individual email addresses and names from all over the world. This promotional program takes place twice in every six years. This lottery is partly promoted and sponsored by Bill Gates, President of the World Largest software, we hope with part of your winning you will take part in our next year (USD$5M) five million United States Dollars international mega lottery. To file for your claim, please contact our assigned official agent/claims and duty officer: Dr. Mtisi Colby ASTRAL SECURITY AND FINANCE BV NL. (Subsidiary Of Delta Lottery NL) e-mail:[EMAIL PROTECTED] Direct telephone Tel:0031-630-326-755 Fax:0031-641 770 994. -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SN wrote: | I'm getting lots of spam and virus mails to the account I use for | the gentoo mailinglist lately. | | Nope. But you did score a 2.4/5 on SA. Congratulations. :) -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE/ynzsVo//RA50KO0RAgM1AJ94WIJiqHeBfeW5oJ+sIPScWal+gQCdHoq4 30UZDr7VCQetjm0rVD63OPo= =UTBK -END PGP SIGNATURE- -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
On Fri, 28 Nov 2003 20:42:40 +0100 SN [EMAIL PROTECTED] wrote: I'm getting lots of spam and virus mails to the account I use for the gentoo mailinglist lately. That sort of crap doesn't make it thru the filters here, but I see signs of it in the maillog, as much in the last 3 or 4 days as in the previous few months. I guess the spammers harvested addresses from the list archives. It had to happen sooner or later, it does with any public accessible mailing list archive. -- Yorkshire Dave. Custom rules for spamassassin, detect listwashing tokens Insert witty .sig here http://www.wot.no-ip.com/cgi-bin/detoken.pl -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
SN wrote: I'm getting lots of spam and virus mails to the account I use for the gentoo mailinglist lately. I did not get that mail, but I got viruses and unable to deliver messages, too :-( For me it looks like some of us who get this newsletter read mails with Windows and hav thmeselves a virus, which is trying to span ... Martin PS: about the half of the spam that I receives comes from Italy -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
This looks to me to be a variant on the 419 scam. Such messages should be sent to [EMAIL PROTECTED] Presumably they will take action against the scammers, but with a traffic volume of over 10,000 messages a month they may be a bit behind and losing ground. CONGRATULATIONS! CONGRATULATIONS!! CONGRATULATIONS!!! Due to mix up of some numbers and names, we ask that you keep your winning information confidential until your claims has been processed and your money remitted to you. This is part of our security protocol to avoid double claiming and unwarranted abuse of this program by some participants. All participants were selected through a computer ballot system drawn from over 68,000 companies and 80,000,000 individual email addresses and names from all over the world. This promotional program takes place twice in every six years. This lottery is partly promoted and sponsored by Bill Gates, President of the World Largest software, we hope with part of your winning you will take part in our next year (USD$5M) five million United States Dollars international mega lottery. To file for your claim, please contact our assigned official agent/claims and duty officer: Dr. Mtisi Colby ASTRAL SECURITY AND FINANCE BV NL. (Subsidiary Of Delta Lottery NL) e-mail:[EMAIL PROTECTED] Direct telephone Tel:0031-630-326-755 Fax:0031-641 770 994. -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
RE: [gentoo-user] Did anony receive this crap too?
I get fake MS security bulletins... Which is kinda ironic But MS does confirm that it's some [EMAIL PROTECTED]@^^$#@ trying to spread virii. -Original Message- From: SN [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2003 2:43 PM To: [EMAIL PROTECTED] Subject: [gentoo-user] Did anony receive this crap too? I'm getting lots of spam and virus mails to the account I use for the gentoo mailinglist lately. CONGRATULATIONS! CONGRATULATIONS!! CONGRATULATIONS!!! Due to mix up of some numbers and names, we ask that you keep your winning information confidential until your claims has been processed and your money remitted to you. This is part of our security protocol to avoid double claiming and unwarranted abuse of this program by some participants. All participants were selected through a computer ballot system drawn from over 68,000 companies and 80,000,000 individual email addresses and names from all over the world. This promotional program takes place twice in every six years. This lottery is partly promoted and sponsored by Bill Gates, President of the World Largest software, we hope with part of your winning you will take part in our next year (USD$5M) five million United States Dollars international mega lottery. To file for your claim, please contact our assigned official agent/claims and duty officer: Dr. Mtisi Colby ASTRAL SECURITY AND FINANCE BV NL. (Subsidiary Of Delta Lottery NL) e-mail:[EMAIL PROTECTED] Direct telephone Tel:0031-630-326-755 Fax:0031-641 770 994. -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
On Sun, 30 Nov 2003 16:12:55 -0800 (PST) Dennis Allison [EMAIL PROTECTED] wrote: This looks to me to be a variant on the 419 scam. Such messages should be sent to [EMAIL PROTECTED] Presumably they will take action against the scammers, but with a traffic volume of over 10,000 messages a month they may be a bit behind and losing ground. --snip-- Dr. Mtisi Colby ASTRAL SECURITY AND FINANCE BV NL. (Subsidiary Of Delta Lottery NL) e-mail:[EMAIL PROTECTED] Direct telephone Tel:0031-630-326-755 Fax:0031-641 770 994. I doubt they can do anything about scammers working from NL, I believe the law against such things is very lenient over there. -- Yorkshire Dave. Custom rules for spamassassin, detect listwashing tokens http://www.wot.no-ip.com/cgi-bin/detoken.pl -- [EMAIL PROTECTED] mailing list
RE: [gentoo-user] Did anony receive this crap too?
Yes, in the last 4 days I have received about 6 or 8 MS viri payloads!! Too bad for those using MS desktops!! -rdg On Sun, 2003-11-30 at 18:25, Jon Liebold wrote: I get fake MS security bulletins... Which is kinda ironic But MS does confirm that it's some [EMAIL PROTECTED]@^^$#@ trying to spread virii. -Original Message- From: SN [mailto:[EMAIL PROTECTED] Sent: Friday, November 28, 2003 2:43 PM To: [EMAIL PROTECTED] Subject: [gentoo-user] Did anony receive this crap too? I'm getting lots of spam and virus mails to the account I use for the gentoo mailinglist lately. CONGRATULATIONS! CONGRATULATIONS!! CONGRATULATIONS!!! Due to mix up of some numbers and names, we ask that you keep your winning information confidential until your claims has been processed and your money remitted to you. This is part of our security protocol to avoid double claiming and unwarranted abuse of this program by some participants. All participants were selected through a computer ballot system drawn from over 68,000 companies and 80,000,000 individual email addresses and names from all over the world. This promotional program takes place twice in every six years. This lottery is partly promoted and sponsored by Bill Gates, President of the World Largest software, we hope with part of your winning you will take part in our next year (USD$5M) five million United States Dollars international mega lottery. To file for your claim, please contact our assigned official agent/claims and duty officer: Dr. Mtisi Colby ASTRAL SECURITY AND FINANCE BV NL. (Subsidiary Of Delta Lottery NL) e-mail:[EMAIL PROTECTED] Direct telephone Tel:0031-630-326-755 Fax:0031-641 770 994. -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list -- Never underestimate the bandwidth of a station wagon full of tapes! -- [EMAIL PROTECTED] mailing list
RE: [gentoo-user] Did anony receive this crap too?
Why? Outlook XP/2003 block access to them by default. To this day I have not been able to figure out how to disable that. -Original Message- From: rd [mailto:[EMAIL PROTECTED] Sent: Sunday, November 30, 2003 10:12 PM To: [EMAIL PROTECTED] Subject: RE: [gentoo-user] Did anony receive this crap too? Yes, in the last 4 days I have received about 6 or 8 MS viri payloads!! Too bad for those using MS desktops!! -rdg -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
rd wrote: Yes, in the last 4 days I have received about 6 or 8 MS viri payloads!! Too bad for those using MS desktops!! Not with a good email client, but bad for those who ru outlook... -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
I started getting it on Nov 18th. two or three a day. the MS update attached crap email and some with undeliverable Mail:User Unknown I found it its the SWEN bug. great it is from back in Sept. http://antivirus.about.com/cs/virusencyclopedia/p/gibef.htm On Sun, 2003-11-30 at 15:49, [EMAIL PROTECTED] wrote: SN wrote: I'm getting lots of spam and virus mails to the account I use for the gentoo mailinglist lately. I did not get that mail, but I got viruses and unable to deliver messages, too :-( For me it looks like some of us who get this newsletter read mails with Windows and hav thmeselves a virus, which is trying to span ... Martin PS: about the half of the spam that I receives comes from Italy -- [EMAIL PROTECTED] mailing list -- FX [EMAIL PROTECTED] -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
On Monday 01 December 2003 13:09, FX wrote: I started getting it on Nov 18th. two or three a day. the MS update attached crap email and some with undeliverable Mail:User Unknown I found it its the SWEN bug. great it is from back in Sept. I've been getting 10-15 of these a week since back in Sept. It's annoying because SA isn't picking up all of them. :~( Jason -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
True, SA is missing it here too! Is there any way or any thing that we should be doing to feedback this info to the SA project?? -rdg On Sun, 2003-11-30 at 22:23, Jason Stubbs wrote: On Monday 01 December 2003 13:09, FX wrote: I started getting it on Nov 18th. two or three a day. the MS update attached crap email and some with undeliverable Mail:User Unknown I found it its the SWEN bug. great it is from back in Sept. I've been getting 10-15 of these a week since back in Sept. It's annoying because SA isn't picking up all of them. :~( Jason -- [EMAIL PROTECTED] mailing list -- Never underestimate the bandwidth of a station wagon full of tapes! -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Did anony receive this crap too?
Using razor2 and giving it a high score should prevent them from coming through. My connection is very slow, however, and if razor2 times out then its score doesn't count. On Monday 01 December 2003 13:48, rd wrote: True, SA is missing it here too! Is there any way or any thing that we should be doing to feedback this info to the SA project?? -rdg On Sun, 2003-11-30 at 22:23, Jason Stubbs wrote: On Monday 01 December 2003 13:09, FX wrote: I started getting it on Nov 18th. two or three a day. the MS update attached crap email and some with undeliverable Mail:User Unknown I found it its the SWEN bug. great it is from back in Sept. I've been getting 10-15 of these a week since back in Sept. It's annoying because SA isn't picking up all of them. :~( Jason -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list
