[ale] Postifx security oddities...
Jason Day
jasonday at worldnet.att.net
Wed Feb 5 10:29:12 EST 2003
On Wed, Feb 05, 2003 at 10:12:53AM -0500, Stephen Touset wrote:
> I found an email in my box this morning that said Undelivered Mail
> Returned. Unfortunately, I never sent the email. It also has, oddly
> enough, images linked to it from an old messageboard I used to frequent
> (which no longer exists). Also, attached is what appears to be a virus
> (I'm examining it in nano).
[snip]
> Now, how on Earth could this guy have used me to relay his mail?
He didn't. A common feature of most worms that propagate through the
barn-sized holes in Microsoft email products is that they send
themselves to addresses in the infected user's addressbook, and/or
masquerade as an address from the addressbook. What this means is that
someone, probably someone you know, has your email address in his or her
addressbook. This person got infected with a worm, which then proceeded
to spread by emailing itself to other hosts. Each email picked an
address from the addressbook at random to use for the From address, and
for this particular message it picked you.
Jason
--
Jason Day jasonday at
http://jasonday.home.att.net worldnet dot att dot net
"Of course I'm paranoid, everyone is trying to kill me."
-- Weyoun-6, Star Trek: Deep Space 9
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list