[Dshield] Suejdz & Kleze anyone

KeithTarrant@spamcop.net KeithTarrant at spamcop.net
Wed Oct 23 01:35:38 GMT 2002


Oh you're right TL.  Thanks.  AOL can carry Klez.  sorry.  And as you say,
AOL is able to tell the email didn't come from the regular AOL mail tool,
and so is able to insert the "x-apparently" and the real account.

So with Klez email actually from AOL you would see an x-apparently line
with the actual AOL account (at least until some hacker thinks to fake
that too).

- Keith
----- Original Message -----
From: "Tom Liston" <tliston at premmag.com>
To: <list at dshield.org>
Sent: Tuesday, October 22, 2002 9:02 AM
Subject: Re: [Dshield] Suejdz & Kleze anyone


> I don't believe this is entirely correct, Keith.  AOL users CAN (and
> have) sent Klez.  One way of tracking the actual AOL account sending
> the email is that AOL inserts an "X-Apparently-From:" header line
> into the message.
>
> -TL
>
> On 21 Oct 2002 at 19:21, KeithTarrant at spamcop.net wrote:
>
> > By the way, AOL and regular Hotmail accounts can't send Klez.  Klez
comes with its own software for sending email and
> > contacts regular email servers to do this.  So any Klez email from AOL
or Hotmail accounts is just a result of the fake
> > randomly choosen sending address.
>
>
>
>
>





More information about the list mailing list