J
John Coutts
Received 5 of these these this morning, and I still believe that these are
deliberate attempts to seed the virus using lists compiled from News Group.
They are all sent through legitimate mail servers, and 2 of them even had the
list of about 60 names CC'd instead of BBC'd. This is the mark of an
inexperienced user. A virus just doesn't do this by itself.
J.A. Coutts
Systems Engineer
MantaNet/TravPro
------------------------------------------------------------
Received: from [194.242.190.254];Thu, 17 Jul 2003 09:30:29 +0200 (07:30:29 GMT)
Received: from [195.146.194.238];Thu, 17 Jul 2003 02:30:39 CDT (07:30:39 GMT)
Return-Receipt-To: "Rouveure Michelle" <[email protected]>
Subject: RE: Look at that security patch from the M$ Corporation.
Source: <gaoland.net> via <smtpout01.etnet.fr> - listed by SpamCop
------------------------------------------------------------
Received: from [219.93.200.106]; Thu, 17 Jul 2003 14:51:13 +0800 (06:51:13 GMT)
Received: from [202.188.95.15]; Wed, 16 Jul 2003 21:51:17 HDT (06:51:17 GMT)
From: cosmokb <[email protected]>
Subject: Look at these correction security pack from M$ Corporation
Source: <tm.net.my> via <service.tm.net.my> - listed by SpamCop
----------------------------------------------------------------
Received: from [65.173.69.252]; Wed, 16 Jul 2003 12:15:49 -0700 (19:15:49 GMT)
Received: from [207.217.120.84]; Wed, 16 Jul 2003 15:22:52 EDT (19:22:52 GMT)
From: "darvince" <[email protected]>
Subject: RE: Check the pack which came from Microsoft
Source: <pa.sprint-hsd.net> via <gull.mail.pas.earthlink.net> - listed by
SpamCop
-----------------------------------------------------------------
Received: from [202.71.163.52]; Thu, 17 Jul 2003 08:24:12 +0800 (00:24:12 GMT)
Received: from [203.30.19.13]; Wed, 16 Jul 2003 19:50:45 CDT (00:50:45 GMT)
From: "John Bass" <[email protected]>
Subject: FWD: Look at that update from M$ Corporation
Source: <ophidian52.upnaway.com> via <mail.upnaway.com> - not listed by SpamCop
-----------------------------------------------------------------
Received: from [192.168.10.2]; Thu, 17 Jul 2003 03:30:52 -0400 (07:30:52 GMT)
Received: from [208.17.123.12]; Thu, 17 Jul 2003 00:36:41 PDT (07:36:41 GMT)
From: (e-mail address removed)
Subject: InterScan NT Alert
Source: <private IP> via <eagle.oceana.com> - not listed by SpamCop
-----------------------------------------------------------------
deliberate attempts to seed the virus using lists compiled from News Group.
They are all sent through legitimate mail servers, and 2 of them even had the
list of about 60 names CC'd instead of BBC'd. This is the mark of an
inexperienced user. A virus just doesn't do this by itself.
J.A. Coutts
Systems Engineer
MantaNet/TravPro
------------------------------------------------------------
Received: from [194.242.190.254];Thu, 17 Jul 2003 09:30:29 +0200 (07:30:29 GMT)
Received: from [195.146.194.238];Thu, 17 Jul 2003 02:30:39 CDT (07:30:39 GMT)
Return-Receipt-To: "Rouveure Michelle" <[email protected]>
Subject: RE: Look at that security patch from the M$ Corporation.
Source: <gaoland.net> via <smtpout01.etnet.fr> - listed by SpamCop
------------------------------------------------------------
Received: from [219.93.200.106]; Thu, 17 Jul 2003 14:51:13 +0800 (06:51:13 GMT)
Received: from [202.188.95.15]; Wed, 16 Jul 2003 21:51:17 HDT (06:51:17 GMT)
From: cosmokb <[email protected]>
Subject: Look at these correction security pack from M$ Corporation
Source: <tm.net.my> via <service.tm.net.my> - listed by SpamCop
----------------------------------------------------------------
Received: from [65.173.69.252]; Wed, 16 Jul 2003 12:15:49 -0700 (19:15:49 GMT)
Received: from [207.217.120.84]; Wed, 16 Jul 2003 15:22:52 EDT (19:22:52 GMT)
From: "darvince" <[email protected]>
Subject: RE: Check the pack which came from Microsoft
Source: <pa.sprint-hsd.net> via <gull.mail.pas.earthlink.net> - listed by
SpamCop
-----------------------------------------------------------------
Received: from [202.71.163.52]; Thu, 17 Jul 2003 08:24:12 +0800 (00:24:12 GMT)
Received: from [203.30.19.13]; Wed, 16 Jul 2003 19:50:45 CDT (00:50:45 GMT)
From: "John Bass" <[email protected]>
Subject: FWD: Look at that update from M$ Corporation
Source: <ophidian52.upnaway.com> via <mail.upnaway.com> - not listed by SpamCop
-----------------------------------------------------------------
Received: from [192.168.10.2]; Thu, 17 Jul 2003 03:30:52 -0400 (07:30:52 GMT)
Received: from [208.17.123.12]; Thu, 17 Jul 2003 00:36:41 PDT (07:36:41 GMT)
From: (e-mail address removed)
Subject: InterScan NT Alert
Source: <private IP> via <eagle.oceana.com> - not listed by SpamCop
-----------------------------------------------------------------