Klez at it again
David A. Bandel
david
Mon May 17 11:30:46 PDT 2004
On Thu, 2 May 2002 20:15:15 -0400 (EDT)
begin Gerry Doris <gerry at dorfam.ca> spewed forth:
> On Thu, 2 May 2002, David A. Bandel wrote:
>
> > Folks,
> >
> > Please review the mail headers, someone on one of these lists has
> > Klez. This is not really bounce message: 1. No Windoze here (much
> > less Outhouse) 2. I don't think I know this e-mail address
> >
> > The Return-Path has most certainly been altered. But we can say that
> > it originated on comcast.net:
>
> snip....
> >
> > Subject: Undeliverable mail--"Troubleshooting"
> >
>
> David, are you sure that it came from these lists? I'm subscribed to
> them too and I don't remember seeing any messages with the subject
> "Troubleshooting".
The message came direct to me, but since I don't recognize the
icomcast.net address in the header, I suspect someone either currently or
previously subscribed to a list I was on has the virus. Could be anyone,
but I thought I'd start with the two lists I'm most active on.
Klez headers are always altered (Return-Path:, Subject:, From:), but Klez
can't alter what the mail servers put on the messages. So it definitely
came from someone using comcast.net. That's about all we can say for the
moment (and be correct).
Ciao,
David A. Bandel
--
Focus on the dream, not the competition.
-- Nemesis Racing Team motto
More information about the Linux-users
mailing list