VIRUS (Worm.SCO.A) IN YOUR MAIL (fwd)
David Kramer
david at thekramers.net
Tue Jan 27 11:27:48 EST 2004
I just got this. As far as I know, my relays are closed tight and my
firewall is solid. Is this spam?
Could someone try relaying through thekramers.net and let me know if it
fails or succeeds?
I can't see anything I sent to them:
[root at uni /var/log]# grep surfnet.nl *
[root at uni /var/log]# grep hsbos.nl *
mail:Jan 27 08:39:27 uni postfix/smtpd[14647]: connect from
mail.hsbos.nl[192.87.129.131]
mail:Jan 27 08:39:27 uni postfix/smtpd[14647]: B08F31C6C9:
client=mail.hsbos.nl[192.87.129.131]
mail:Jan 27 08:39:28 uni postfix/cleanup[14649]: B08F31C6C9:
message-id=<VSXXD4dveo at mail.hsbos.nl>
mail:Jan 27 08:39:28 uni spamd[14720]: processing message
<VSXXD4dveo at mail.hsbos.nl> for david:500.
mail:Jan 27 08:39:28 uni postfix/smtpd[14647]: disconnect from
mail.hsbos.nl[192.87.129.131]
mail.info:Jan 27 08:39:27 uni postfix/smtpd[14647]: connect from
mail.hsbos.nl[192.87.129.131]
mail.info:Jan 27 08:39:27 uni postfix/smtpd[14647]: B08F31C6C9:
client=mail.hsbos.nl[192.87.129.131]
mail.info:Jan 27 08:39:28 uni postfix/cleanup[14649]: B08F31C6C9:
message-id=<VSXXD4dveo at mail.hsbos.nl>
mail.info:Jan 27 08:39:28 uni spamd[14720]: processing message
<VSXXD4dveo at mail.hsbos.nl> for david:500.
mail.info:Jan 27 08:39:28 uni postfix/smtpd[14647]: disconnect from
mail.hsbos.nl[192.87.129.131]
Remaining secure is a priority for me, so please help me out and let me
know what you think. See attached message.
--
DDDD David Kramer david at thekramers.net http://thekramers.net
DK KD
DKK D Buckle up for safety!
DK KD It makes it harder for the aliens to suck you out of your car.
DDDD
---------- Forwarded message ----------
Date: Tue, 27 Jan 2004 14:39:36 +0100 (CET)
From: Anti-Virus <virusmelding at hsbos.nl>
To: david at thekramers.net
Subject: VIRUS (Worm.SCO.A) IN YOUR MAIL
VIRUS ALERT
Our virus checker found
virus: Worm.SCO.A
in your email to the following recipient:
-> pschouten at hsbos.nl
Delivery of the email was stopped!
Please check your system for viruses,
or ask your system administrator to do so.
For your reference, here are headers from your email:
------------------------- BEGIN HEADERS -----------------------------
Received: from thekramers.net (unknown [65.203.121.147])
by relay.surfnet.nl (Postfix) with ESMTP id AF6C63F461
for <pschouten at hsbos.nl>; Tue, 27 Jan 2004 14:37:23 +0100 (MET)
From: david at thekramers.net
To: pschouten at hsbos.nl
Subject: Mail Delivery System
Date: Tue, 27 Jan 2004 07:38:47 -0600
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0010_EE6E125F.674244BF"
X-Priority: 3
X-MSMail-Priority: Normal
Message-Id: <20040127133723.AF6C63F461 at relay.surfnet.nl>
-------------------------- END HEADERS ------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/rfc822-headers
Size: 496 bytes
Desc: Undelivered-message headers
URL: <http://lists.blu.org/pipermail/discuss/attachments/20040127/6715e5f6/attachment.bin>
More information about the Discuss
mailing list