nanog mailing list archives
RE: in case nobody else noticed it, there was a mail worm released today
From: "Wojtek Zlobicki" <wojtekz () idirect com>
Date: Mon, 26 Jan 2004 21:01:17 -0500
The worm is being talked about on news.com and all the major virus vendors already have advisories on their websites. The worm in my case masqueraded as a Mailer Daemon bounce. Source email address appeared to be valid and matching a domain of a website I visited recently (but have not for a long time). Anyone know the worm generates the sending domain. -----Original Message----- From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of Paul Vixie Sent: Monday, January 26, 2004 8:52 PM To: nanog () merit edu Subject: in case nobody else noticed it, there was a mail worm released today my copies (500 or so, before i filtered) are in a ~7MB gzip'd mailbox file called http://sa.vix.com/~vixie/mailworm.mbox.gz (plz don't fetch that unless you need it for comparison or analysis). there's a high degree of splay in the smtp/tcp peer address, and the sender is prepared to try backup MX's if the primary rejects it, though it appears to try the MX's in priority order.
Current thread:
- in case nobody else noticed it, there was a mail worm released today Paul Vixie (Jan 26)
- Re: in case nobody else noticed it, there was a mail worm released today Suresh Ramasubramanian (Jan 26)
- Re: in case nobody else noticed it, there was a mail worm released today Mike Tancsa (Jan 26)
- Re: in case nobody else noticed it, there was a mail worm released today Scott Weeks (Jan 27)
- Re: in case nobody else noticed it, there was a mail worm released today Alexei Roudnev (Jan 28)
- Re: in case nobody else noticed it, there was a mail worm released today Scott Francis (Jan 28)
- Re: in case nobody else noticed it, there was a mail worm released today jon bennett (Jan 28)
- Re: in case nobody else noticed it, there was a mail worm released today Scott Weeks (Jan 27)
- RE: in case nobody else noticed it, there was a mail worm released today Wojtek Zlobicki (Jan 26)
- Message not available
- RE: in case nobody else noticed it, there was a mail worm released today Timo Janhunen (Jan 26)
- RE: in case nobody else noticed it, there was a mail worm released today David Luyer (Jan 27)
- RE: in case nobody else noticed it, there was a mail worm released today Timo Janhunen (Jan 26)
- <Possible follow-ups>
- Re: in case nobody else noticed it, there was a mail worm released today Brent_OKeeffe (Jan 28)
- Re: in case nobody else noticed it, there was a mail worm released today David Lesher (Jan 28)
- Re: in case nobody else noticed it, there was a mail worm released today Roger Marquis (Jan 28)
- RE: in case nobody else noticed it, there was a mail worm released today Vivien M. (Jan 28)
- RE: in case nobody else noticed it, there was a mail worm released today jon bennett (Jan 28)
- RE: in case nobody else noticed it, there was a mail worm released today Roger Marquis (Jan 28)
- RE: in case nobody else noticed it, there was a mail worm released today Vivien M. (Jan 28)
- MS is vulnerable doug (Jan 29)
- RE: in case nobody else noticed it, there was a mail worm released today Vivien M. (Jan 28)