Yeah, get that a lot. John Orban System Administrator The Country School www.countryschool.org
-----Original Message----- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 22, 2003 10:00 AM To: Exchange Discussions Subject: RE: Sudden influx of bogus email Two mails? You are using McAfee Ill bet. -----Original Message----- From: John Orban [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 22, 2003 6:17 AM To: Exchange Discussions Subject: RE: Sudden influx of bogus email Yeah, I'm getting the same thing, but not the strings. I'm getting bursts of emails (all generally from the same domain). Never more than an hour time span, usually about 30-40 emails. I get two emails to every recipient, both with attachments containing Klez and Exploit-MIME.gen.b, usually comes with a web page as one of the attachments. The interesting thing is that the emails are attaching our users' names to the external domain. John Orban System Administrator The Country School www.countryschool.org -----Original Message----- From: Martin Blackstone [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 22, 2003 8:22 AM To: Exchange Discussions Subject: RE: Sudden influx of bogus email It's a dictionary style spam attack. They seem to be on the rise. I get this about every other day. Sometime hundreds in the just 1 or 2 minutes. -----Original Message----- From: Dave Vantine [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 22, 2003 3:33 AM To: Exchange Discussions Subject: Sudden influx of bogus email Within the last week I have suddenly started receiving many emails to nonexistent accounts, the bulk of which are long numeric strings as seen below --------------------------------- The following recipients did not receive the attached mail. Reasons are listed with each recipient: <[EMAIL PROTECTED]> [EMAIL PROTECTED] MSEXCH:IMS:Creative Computing, Inc.:CREATCOMP:CHALLENGER 0 (000C05A6) Unknown Recipient The message that caused this notification was: --------------------------------- I have my exchange set up to notify my on NDR's which is does so I can capture any legitimate emails that may have been addressed incorrectly (e.g. [EMAIL PROTECTED] vs. [EMAIL PROTECTED]). The actual messages are spam but I don't see the purpose for the sender to send it to a bogus address, as there is little chance that this would be a legitimate email address. Am I missing something? Thanks -Dave Vantine _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
