, August 24, 2003 12:40 PM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.Virus] No wonder viruses spread
But since the subject that you are receiving is undeliverable : RE:
Details isn't that his server is just returning the message Unless the
virus has more subjects then the list of subjects that I am
So if a forged user from my domain sends a message to another IMAIL machine
to a user that doesn't exist and then their Imail Machine rejects the
message. I'm assuming that postmaster gets the entire message (virus
included) based upon the forged domain.
Actually, you should be safe on either
messages from bad
or expired address. If it is, is there a way to shut down?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of David Dodell
Sent: Saturday, August 23, 2003 6:01 PM
To: [EMAIL PROTECTED]
Subject: [Declude.Virus] No wonder viruses spread
Here
, August 23, 2003 6:01 PM
To: [EMAIL PROTECTED]
Subject: [Declude.Virus] No wonder viruses spread
Here is a snipet of some on going email I'm having with a LAN
administrator at a university hospital. I forwarded a copy of the
Declude virus catch, to show them the IP #'s of the machine that sent
the Sobig
But since the subject that you are receiving is undeliverable : RE:
Details isn't that his server is just returning the message Unless the
virus has more subjects then the list of subjects that I am aware of.
Comparing it to the headers generated by the copies of Sobig.F we've looked
at, it
-- Original Message --
From: R. Scott Perry [EMAIL PROTECTED]
Comparing it to the headers generated by the copies of Sobig.F we've looked
at, it appears that it was indeed a bounce message.
Then I'm confused .. to me it appeared from the headers that it
Received: from guava.uch.edu [168.200.2.37] by stat.com with ESMTP
(SMTPD32-8.02) id A94AD300BE; Sat, 23 Aug 2003 13:06:34 -0700
Received: from mail pickup service by guava.uch.edu with Microsoft
SMTPSVC;
Sat, 23 Aug 2003 14:06:33 -0600
Received: from uchaex2.uch.ad.pvt
Here is a snipet of some on going email I'm having with a LAN
administrator at a university hospital. I forwarded a copy of the
Declude virus catch, to show them the IP #'s of the machine that sent
the Sobig virus. I can't get it through his head that the headers
are forged, and irrevelant.
My