Rick Simon said:
That particular address or any email address formulated in a similar
manner?
--
Rick Simon (e-mail address removed)
Include "spam(trap)key" somewhere in the
body of any email to avoid spam filters.
Thanks for the 400+ Swen email addresses that an ISP blocked then sent a
notification to you as the "sender". The infection apparently does not
include Usenet, as there were no munged addresses. You satisfied my
curiosity as to whether Swen takes addresses other than To or From. The
vast majority looked like message IDs
(200109141635.f8egz9y14005-AT-qs86.pair.com). I noticed that the virus not
only used you as the From, but also included you in the To (That's cold). I
hope you were able to track down who it was, or at least get the flood to
stop. If not, I'll offer my thoughts, such as they are:
The infected user may have an (Web Site) account at Yahoo because of the
following addresses - <bizex-billing-AT-yahoo-inc.com>,
<bizex200-AT-yahoo-inc.com>, <my-register-AT-yahoo-inc.com>, and is
receiving mail because of it (billing problem?).
The Address Book entries appear to be the following:
bobsbuckskins-AT-peoplepc.com, edge-AT-usmo.com, dwagner-AT-foxberry.net,
ccason-AT-nemr.net, rio-AT-centurytel.net, mead-AT-midwest.net,
allaqhorses-AT-aol.com, bridarfarm-AT-aol.com, mandymackey-AT-hotmail.com,
trueblueacres-AT-hotmail.com, frstrlty-AT-iowatelecom.net,
hollanddunn-AT-netconx.net, snidercattle-AT-hotmail.com,
terry.powell-AT-gateway.net,
qtrhorse2000-AT-yahoo.com,slidinb-AT-iowatelecom.net,
sharpvalleyfarm-AT-yahoo.com.
Do you know someone who is an animal enthusiast?
I can now understand why people are getting "hundreds" of these mails.
Considering the bounced message IDs which could be coupled with the Usenet
munged addresses, and Swen sending on restart/connect which starts the
process all over.
Thanks again, and Good Luck,
--
~~~~~~~~~~~~~~~~~~
Dave McAuliffe
<Central Mass> USA
To Email-
Replace: mailinator.com
with: email.com
~~~~~~~~~~~~~~~~~~
