Educause Security Discussion mailing list archives

Re: Handling flood of returned e-mail messages due to spam with forged sender address

From: Scott Weeks <sweeks () SANDIEGO EDU>
Date: Mon, 16 Aug 2004 13:03:11 -0700

On Mon, 16 Aug 2004, Gary Flynn wrote:

Hi Gary,

:  Anyone else been through this already?

Yes


:  Did the activity stop by itself after a period of time?

No, at least at my ISP.  Not a problem here at work, so I assume there may
be a setting the email administrator can set.


:  I'm getting ready to send abuse reports to the dozens of sending
:  organizations but I'm not optimistic.

It won't help.  There's nothing they can do.  It's a virus that searches
the addressbook of the infected machine.  It has nothing to do with the
other folks, except that they're in the addressbook of the infected
machine.


:  Why would someone pick a real address of a single person to forge
:  in these messages anyway? To our knowledge, this isn't retaliatory
:  activity but I guess you never really know.

Because that's the way the virus was written.  It's not retaliatory if
it's the virus I'm describing.

scott

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Current thread:

Handling flood of returned e-mail messages due to spam with forged sender address Gary Flynn (Aug 16)
- <Possible follow-ups>
- Re: Handling flood of returned e-mail messages due to spam with forged sender address Scott Weeks (Aug 16)
- Re: Handling flood of returned e-mail messages due to spam with forged sender address Dick Jacobson (Aug 17)
- Re: Handling flood of returned e-mail messages due to spam with forged sender address Gary Flynn (Aug 17)