MMS Notification (fwd)

[Derek Kwan <dkwan () KWAN ca>]

---------- Forwarded message ----------
Date: Tue, 25 Sep 2001 10:09:22 -0700
To: Derek Kwan <dkwan () KWAN ca>
Subject: MMS Notification


        <rnieuwhof () nos com>
> --- Begin Message ---
>
>
> From: "Derek Kwan" <dkwan () KWAN ca>
>
> Date: Mon, 24 Sep 2001 18:40:43 -0400 (EDT)
>
>
>
> ---------- Forwarded message ----------
> Date: 24 Sep 2001 18:06:20 -0000
> From: bugtraq-owner () securityfocus com
> To: dkwan () KWAN ca
> Subject: Returned post for bugtraq () securityfocus com
>
> Hi! This is the ezmlm program. I'm managing the
> bugtraq () securityfocus com mailing list.
>
> I'm working for my owner, who can be reached
> at bugtraq-owner () securityfocus com.
>
> I'm sorry, your message (enclosed) was not accepted by the moderator.
> If the moderator has made any comments, they are shown below.
>
> > > > > > -------------------- >>>>>
> Hmm, strange.  Post this to vuln-dev () securityfocus com or
> focus-ms () securityfocus com.
> <<<<< -------------------- <<<<<
>
>
> [INFO] -- Virus Manager:
> This email message and any attachments have been scanned for viruses and are believed to be free of any virus.
>
> > --- Begin Message ---
> >
> >
> > From: "Derek Kwan" <dkwan () KWAN ca>
> >
> > Date: Sun, 23 Sep 2001 20:20:24 -0400 (EDT)
> >
> >
> > Today I have rebooted one of my WinME box (haven't reboot this box for
> > alteast 3 months!) because I need to replace a CPU Fan.
> >
> > After the 'operation' (a very dusty one) WinME booted as expacted and I
> > just turn off the montor and walked away.
> >
> > Then after dinner, as one my regular 'hobby' (I think I need a life) I was
> > checking my MRTG chart and logs. Noticed something from my Internal
> > network was hammering my Server. A futher study shows my freshly rebooted
> > WinME keeps requesting a "identd.cab" from my web server.
> >
> > So I went back to my WinME machine and check on ZoneAlarm (thx!) and
> > notice a process name "Microsoft Qmgr" is accessing the network, so
> > quickly I stopped the app. 
> >
> > Seems like MS Qmgr is keep requesting identd.cab from my web server for
> > the past 3 Hours (and 4 minutes 31 seconds) and have 255259 request from
> > my access_log!
> >
> > Not sure what the heck is Qmgr, and a search on Internet, found this
> > link:-
> > http://www.langa.com/newsletters/2001/2001-09-17.htm#5
> >
> > Hopefully this info is going to be helpful for someone.... 
> >
> > Gosh, if I didn't check my server, it will fill up my log disk pretty
> > quick!
> >
> > Now my question is why the heck Qmgr is looking for identd.cab from my
> > server? Hummmm....
> >
> > Derek
> >
> >  \|/ _____ \|/    ***************************************************
> >  "@'/ , . \`@"    This e-mail is send with 100% recyclable electrons.
> >  /_| \___/ |__\   ***************************************************
> >     \___U_/       Derek () KWAN ca
> >
> >
> >
> > --- End Message ---
>
> --- End Message ---