nanog mailing list archives
Odd spam / virus - comments ?
From: "Peter Galbavy" <peter.galbavy () knowtion net>
Date: Tue, 26 Mar 2002 10:05:07 -0000
OK - As a knowledgeable bunch, maybe you lot can give me pointers. A customer / friend phoned me last night saying that I sent him a virus by e-mail. Now, I am far more careful than that - at least I hope. It turned out that it wasn't me, but a forgery. Now, that is not unusual, but what is that the recipient is someone I know. I have come up with the following theories: 1. Clever virus distributor. Someone has e-mail address lists and is looking up MX records for senders and recipients and then matching the two, on the assuption that the MX for the recipient will accept mail from someone whose mail transits the same system, and that there may be a level of 'trust' in the recipient for a sender who uses the same MX relays. 2. Accident. It is just bizarre that someone is forging mail from me to someone I know. But then I would be getting many more complaints from complete strangers. I am not. Anyone seen 1. in active use ? Headers below - nothing confidential AFAIK - apart from e-mail addresses that are already 'public'. Peter Return-path: <peter.galbavy () knowtion net> Envelope-to: jason () somadata com Delivery-date: Mon, 25 Mar 2002 16:56:14 +0000 Received: from acba293e.ipt.aol.com ([172.186.41.62] helo=Xvfem) by mailstore-1.mail.knowledge.com with smtp (Exim 3.33 #1) id 16pXl2-00003E-00 for jason () somadata com; Mon, 25 Mar 2002 16:55:45 +0000 From: peter.galbavy <peter.galbavy () knowtion net> To: jason () somadata com Subject: Introduction on ADSL MIME-Version: 1.0 Content-Type: multipart/alternative; boundary=Sy82oU85e2CI78a2nsl20 Message-Id: <E16pXl2-00003E-00 () mailstore-1 mail knowledge com> Date: Mon, 25 Mar 2002 16:55:45 +0000 Status:
Current thread:
- Odd spam / virus - comments ? Peter Galbavy (Mar 26)
- <Possible follow-ups>
- Re: Odd spam / virus - comments ? Steven M. Bellovin (Mar 26)
- Re: Odd spam / virus - comments ? Valdis . Kletnieks (Mar 26)