[PLUG] Mail abuse problem
Scott Van Hoosen
svanhoosen at yahoo.com
Mon Jun 2 09:18:02 UTC 2003
Viruses such as Klex will scan the infected Windows
user's Outlook address book and sends itself to all of
those receipients, then addresses the email FROM
someone from that same address list. That way, you
can't easily tell who actually sent the email, as it
looks like it was sent from someone else. I would bet
that in your situation, someone had that webmaster
email in their address book, then their infected
computer blamed its email blast on them.
-Scott
--- Holger Stephan <holger at selover.net> wrote:
> Here is a mail security question:
>
> A few days ago I received a message that contained a
> .pif file,
> obviously a virus infected mail. I'm using Evolution
> on RH, so I just
> deleted it.
>
> Today the webmaster of one of the domains on my
> server received an
> undeliverable notification from the AOL postmaster,
> with a virus message
> attached. In other words: it seems my webmaster sent
> out this virus
> message:
>
>
--------------------------------------------------------------------------
> From: webmaster at bd-4.org
> To: sclark3650 at aol.com
> Subject: Re: Application
> Date: 02 Jun 2003 08:13:55 +0000
> Please see the attached file.
>
> <<Attachment: DOS/Windows program attachment
> (approved.pif)>>
>
--------------------------------------------------------------------------
>
> I'm using AUTH for SMTP. There is nothing in the
> maillog. The only two
> people using email with bd-4.org are both on Linux.
> There are others on
> Windows using other domains on the same server. Mail
> retrieving is with
> ipop3/pop3s on the other domains and on bd-4.org
> only imaps.
>
> I'm concerned that my mail server is used to spread
> virus mails. Should
> I move to something safer than AUTH with its clear
> password transfer?
> Any ideas? Thanks!
>
> Holger
>
>
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug
__________________________________
Do you Yahoo!?
Yahoo! Calendar - Free online calendar with sync to Outlook(TM).
http://calendar.yahoo.com
More information about the PLUG
mailing list