[Dshield] "Your IP was logged" Spam/Virus
Freek de Kruijf
f.de.kruijf at hetnet.nl
Tue Nov 22 16:31:38 GMT 2005
Op dinsdag 22 november 2005 13:38, schreef Jean-Pierre Schwickerath:
> > Someone at work got one claiming to be from the CIA, but I didn't get
> > to see if there were any attachments before they trashed the message.
> > Just my US$0.02.
> I'm seeing all kind of things around here: FBI, CIA, BKA and now new,
> ebay and RTL...
> Most of it is blocked thanks to dial-up RBL, the rest because the
> destination address is invalid. What is left is mostly delayed by
> greylisting. There's just a few that come through ISPs outgoing mail
> relay and which are catched by the antivirus scanner. However it's very
> But this is a perfect example of if the forged domain holders had
> published tight SPF-record, I would have had much less trouble ;-)
Even in The Netherlands we recieved the CIA spam/virus (Sober-U), including
two variants, one from info at ptt-post.nl, Subject: Your Password, and from
info at hotmail.com, Subject: smtp mail failed.
More information about the list