In message <p05200f04bb680320c606@[64.202.132.204]>, David Diaz writes:
Spam may be off topic but in this case relevant. Has anyone else noticed bounced emails that appear to have origionated from their nanog email boxes and contain viruses?
Obviously some bot has gone threw the nanog list and is now forging headers such that they appear to come from those addresses, and they are attaching viruses.
The IP address (which may or may not be accurate) appears to be [195.157.87.253].
Has anyone else noticed this recently?
I've gotten hundreds of such bounce messages today. Only a few have Received: lines, but those have differed. I don't know for sure if it's the nanog list, since I don't use a different email address for it. --Steve Bellovin, http://www.research.att.com/~smb
On Tue, 19 Aug 2003, Steven M. Bellovin wrote:
I've gotten hundreds of such bounce messages today. Only a few have Received: lines, but those have differed. I don't know for sure if it's the nanog list, since I don't use a different email address for it.
I suspect it's the list archives. Speaking to customers who are seeing similar problems with bounces, the pattern of addresses used suggest that those addresses have been havested from their websites. Rich
participants (2)
-
Steven M. Bellovin
-
variableļ¼ ednet.co.uk