Educause Security Discussion mailing list archives
Re: spoofed addresses?
From: Gary Flynn <flynngn () JMU EDU>
Date: Fri, 30 Apr 2004 17:50:56 -0400
Barros, Jacob wrote:
Please tell me I'm not the only oneā¦ We're getting a LOT of NDR's and blocked message receipts from different hosts and all sorts of weird things. Typically they are messages carrying viruses circulating with our email addresses in the 'from' field. See (scrubbed) message threads below.
Hi Jacob, This happens with every new wave of worms. We've got information up on our web site because people get concerned about it so often: http://www.jmu.edu/computing/security/index.shtml#msg I'm fairly comfortable telling our people that its not likely coming from them because we block port 25, forcing mail through official mail servers and scan virus logs on those for infected systems in our address space. Of course, if its a new one that our AV doesn't detect, some may leak out. Gary Flynn Security Engineer James Madison University ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- spoofed addresses? Barros, Jacob (Apr 30)
- <Possible follow-ups>
- Re: spoofed addresses? Brent Sweeny (Apr 30)
- Re: spoofed addresses? Craig W. Drake (Apr 30)
- Re: spoofed addresses? Gary Flynn (Apr 30)
- Re: spoofed addresses? Bruggeman, John (May 01)