Re: Swen Really Sucks

["Kye Lewis" <kye () lewislan id au>]

[..]

> So, has anyone actually sent mail to an envelope sender to see if
> they're actually infected? Or is it possible this thing just likes to
> fake the same sender for all outgoing messages?

Seeing that I have a collection of around 2000 unique and believable
return-paths from this virus, it seems quite likely that they're legitimate.

I have also recieved a few emails forwarded through from the sender's mail
servers informing me that I have been sent a virus.
And, as was said, the email addresses in the return path, and the servers
that the mail travels through to get here, do indeed link together.

That evidence linked together provides a pretty strong case that they're not
faked.

- Kye Lewis
<kye -at- lewislan- dot- id -dot- au >

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html