On Wed, Aug 06, 2003 at 07:21:44AM -0400, Nolan Penney wrote:
>
> Yes, my post was a tongue in cheek post. Truly, I am aware that viruses
> and worms are not capable of reaching out of my computer screen and
> flipping on mechanical switches (rolling of the eyes).
>
> About the safety of majordomo, don't count on it. I've had several
> infected messages have come through it.
No one does. Its demime that team.net is using to filter out MIME.
I use it on the lists I run as well, and I have
yet to see it let a MIME attachment through.
Of course as you point out some malware
does not spread through attachments. But the
vast majority of it does.
> It's a funny worm that's picked up my address and the shop-talk
> address. Seems to rotate slowly through a list of names. Currently,
> I'm getting fake messages of the same type from Kelowna instead of me or
> shop-talk. In fact, I'm not sure it's a worm at all. The messages I've
> checked were all coming from the isp 142.173.55.61. But it's through a
> series of relays.
Mail nearly always goes through a series of relays.
Some of them are even real. :-)
Spammers often use fake Received: lines to attempt to
prevent tracking.
The IP address 142.173.55.61 points to
akge29hfy42t4.bc.hsia.telus.net. Telus.net is a large Canadian ISP.
That address is a dynamically-named dial-up.
I've received spam, mail, and worms from varying sources in
their network.
I didn't bother to save any of the "Nolan Penney" worms.
If I get another I'll look at it and see what I can figure out.
Eric
/// unsubscribe/change address requests to majordomo@autox.team.net or try
/// http://www.team.net/mailman/listinfo
/// Archives at http://www.team.net/archive/shop-talk
|