Bogus Email

[Thor () HammerofGod com]

Greetings:

For whatever reason, it seems that I have become the target (or masqueraded
source as the case may be) of an email prank.

Someone originating from SERVER4 (193.128.138.68 [193.128.138.68]) is
sending out the email portion of the Nimda virus with *my* email address as
the FROM.  The RIPE whois server (responsible for European addresses)
reports the netblock ownership as follows:
inetnum:      193.128.138.64 - 193.128.138.127
netname:      EEIA-NET
descr:        East of England Investment Agency Ltd
country:      GB
admin-c:      RF778-RIPE
tech-c:       RF778-RIPE
status:       ASSIGNED PA
mnt-by:       AS1849-MNT
changed:      jamesb () uk uu net 19980630
changed:      stephenb () uk uu net 19990915
source:       RIPE

I don't really know what I can do about it other than to notify you folks.
The SF newsgroups are the only email-based groups I participate in from this
box or address, so if this is malicious it is likely that you might get an
email that looks like it is from me.  Of late, I have been posting all my
content directly to the HammerOfGod website, and have not been using
attachments (I learned my lesson from the Mutex program I zipped up and sent
out...)  Besides, I would NEVER send out and .exe.  In fact, I couldn't even
if I wanted to as my mail is first filtered by my local server, and then by
2 others before it finally goes out to the world.

Sorry for any confusion, but there is not much I can do about it.

AD







----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com