| From: | Curt Sampson <cjs(at)cynic(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Christopher Kings-Lynne <chriskl(at)familyhealth(dot)com(dot)au>, <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Virus Emails |
| Date: | 2002-07-28 09:06:12 |
| Message-ID: | Pine.NEB.4.44.0207281804220.527-100000@angelic.cynic.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sat, 27 Jul 2002, Tom Lane wrote:
> One of the nastier aspects of the Klez virus....
>
> However, even a trivial look at the detail mail headers (Received: etc)
> will convince you that the spam did not originate from the claimed
> "From:" address. If you care to post a few sets of complete headers,
> we can probably triangulate pretty quickly on the virus-infected loser
> who's originating these messages.
It appears to me that the envelope sender is not forged by Klez.H,
assuming that that's the virus I'm getting all the time. So you
could check for the "Return-Path:" header, or maybe "From " (note:
no colon) if you're using a Berkeley-mailbox style system, and find
out the e-mail address of the real sender.
cjs
--
Curt Sampson <cjs(at)cynic(dot)net> +81 90 7737 2974 http://www.netbsd.org
Don't you know, in this new Dark Age, we're all light. --XTC
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Luis Alberto Amigo Navarro | 2002-07-28 10:22:53 | Re: Question about LWLockAcquire's use of semaphores instead of spinlocks |
| Previous Message | Curt Sampson | 2002-07-28 09:02:44 | Re: tuple concurrently updated |