RE: SoBig and some info

[Kevin Saenz <ksaenz () spinaweb com au>]

Ok, read it on the symantec site. :)

Thanks

> SoBig contains it's own SMTP Server engine.
>
> Joe
> Codejock Software
>
> -----Original Message-----
> From: Kevin Saenz [mailto:ksaenz () spinaweb com au] 
> Sent: Thursday, August 21, 2003 5:56 PM
> To: security-basics () securityfocus com
> Subject: SoBig and some info
>
> This current strain of SoBig, seems to be smarter than before.
> it seems to be grabbing real email addresses in people's outlook
> and using those as spoof accounts. The other thing I have found
> is, if that is the case there are thousands of email servers
> that are acting as open relays. Can any one correct me if I am
> wrong, I am pretty sure this is open to some hot debate. As my question
> will be if email servers are not relaying then how can a virus transmit
> spoofed email addresses?
> I have seen emails bouncing back to me saying that an email from me is
> possibly infected and contains an executable .pif the header of the
> email from me is Outlook version 6.x. The problem with that is, emails
> 100% of the time from me are sent by Evolution, a Linux email client.
> This has been since Wed Night Australian time or Tuesday morning U.S
> time.
-- 
Regards,

Kevin Saenz
 
Spinaweb
I.T consultants
 
Ph: 02 4620 5130
Fax: 02 4625 9243
Mobile: 0418455661
Web: http://www.spinaweb.com.au


---------------------------------------------------------------------------
----------------------------------------------------------------------------