[Dshield] Friendgreetings.com mass emailer
keithtarrant at spamcop.net
Fri Oct 25 20:26:11 GMT 2002
Very good point Russell.
If Opaserv had an EULA saying the it would "increase the rate of
communications with other computers on the Interenet" would that mean
Opaserv wasn't malicious?
----- Original Message -----
From: "Russell Washington" <russ.washington at vaultsentry.com>
To: <list at dshield.org>
Sent: Friday, October 25, 2002 10:09 AM
Subject: RE: [Dshield] Friendgreetings.com mass emailer
> Craig nailed it, that's the one. Symantec now has a doc up too:
> Truth is that these companies can call it non-malicious all they want.
> Anything that masquerades itself as coming from someone else to
> propagation and mail-bombs contact lists is definitely treading in
> wormspace... and I'll bet this thing does a lot more than what the EULA
> authorizes although I have nothing to back that up. We're thinking over
> here that the email addresses it pulls are probably getting culled for
> resale and reuse.
> But that's another discussion. For anyone looking to extract this thing
> from their systems, good luck. We're nuking the two boxes we found it
> because we can't verify their integrity.
> "It's not a virus, it's not a worm... because it has a EULA" :)
> -----Original Message-----
> From: Tom Liston [mailto:tliston at premmag.com]
> Sent: Friday, October 25, 2002 6:47 AM
> To: list at dshield.org
> Subject: Re: [Dshield] Friendgreetings.com mass emailer
> Could it be something like this?
> On 24 Oct 2002 at 15:02, Russell Washington wrote:
> > We've been researching an item that "landed" in an end-user's inbox
> > this morning. Given the lack of information on this mass emailer I
> > thought I should get some more seasoned eyes on it. Here's the dump
> > of information I have to date. Symantec is aware of this item but (at
> > least when we talked
> ---- >8 ---- Snip!
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
More information about the list