[Dshield] Polish Baloney

Ed Truitt ed.truitt at etee2k.net
Wed Oct 22 20:44:01 GMT 2003



>  What follows is an email I recieved that says that
> my computer is sending infected emails to everyone 
> in my address book.
> First of all I don't have an address book. And
> second of all there is no email program installed 
> on my machine.
[SNIP]
> If someone with my email addy in their address book is
> guilty, how can I find out who it is so I can tell them?
> Thanks in advance.             Mel.  
[SNIP]
> This e-mail is generated by the krypton.azoty.pulawy.pl mail server to
> warn you that the e-mail
> sent by <not disclosed> to <not disclosed> is infected with virus: 
Win32/Bugbear.B at mm.
[SNIP]

Some people consider this spam.  It is an auto-notify being sent out by 
an email A/V product (in this case, RAV).  Somebody had Bugbear.  IIRC, 
this is one of the email-borne virii that spoofs the "From:" address by 
using one it finds in an address book, or in a browser cache, which 
causes the A/V programs to drive us all nuts with bogus warnings.

There is probably not much you can do, except to filter on these.

-- 
Cheers,
Ed Truitt
PGP fingerprint:  5368 D25E 468C A250 9833  CCD6 DBAE 9C25 02F9 0AB9
http://www.etee2k.net
http://www.bsatroop148.org

"Note to spammers:  my 'delete' key is connected to YOUR ISP.
 Also, if you send me UCE, I reserve the right to post your spew
on my Web site, with the appropriate color commentary, so that
others may have a good laugh at your expense."




More information about the list mailing list