[Dshield] 1.txt emails again

Bruce ecarew2531 at rogers.com
Tue Aug 9 01:32:06 GMT 2005


Received 1.txt emails with executable attachments today.  Many people 
believe these emails are originating from Bagle infected computers around 
the world.  I'm trying to develop a spam filter and considering a number of 
possibilities such as mime boundaries.   Are the mime boundary divisions 
consistent with these emails?  The one's I've received have a boundary 
containing:

  ousbdhimxrpjhhuwpqkl

Can this be used for a reliable spam filter signature?

Thanks,

Bruce



More information about the list mailing list