> > > On Fri, 27 Jun 2003, Andrew C. Oliver wrote: > > > Date: Fri, 27 Jun 2003 11:26:04 -0400 > > From: Andrew C. Oliver <[EMAIL PROTECTED]> > > Reply-To: Jakarta General List > > <[EMAIL PROTECTED]> To: Jakarta General List > > <[EMAIL PROTECTED]> Subject: Re: Proposal: > Jakarta should protect community email addresses > > > I'd be all of this if it would make a difference, > > unfortunately you're barking up the wrong tree. I'm > > getting that virus/attachment to every email address I > have just about. I think it looks locally (user address > > book, etc). > > That is exactly what happens with this particular worm. > If your address is in the address book of someone who gets > infected, not only do *you* start to receive the messages, > messages with forged "from" headers with your name on them > also go out. Then, the volume of messages is made worse > by all of those "helpful" spam filters that catch the fact > that the virus is included, and return a notification to > the (forged) sender. > Obscuring email addresses in the archives would have zero > impact on this particular problem. >
Scrubbing the archives will not help. I agree that these things search locally. However I have noticed something about the ones I gotten. I don't know many people who use LookOut! So it's pretty rare for me to get hit by mail works that use the address book. That changed with Klez.H last May and has continued with SoBig. These also search local text files. A long while ago I contributed a task to Ant. My name and email are in the author tag, and thus in the the java doc. A significant majority of the mail worms I get have forged addresses from other people who appear in author tags in the Ant source tree. [At one time it was better than 95%, but keeping track got too time consuming.] So, I've been conculding that most of what I get is from the java doc for Ant. Might it perhaps make sense to scrub or obsucure email addresses from the author tags? I've been seriously considering submitting a patch to remove mine. I keep putting if off, since it will not do anything about the distributions that are out there. But if I'd done it back when Klez first hit me, I might not care about the latest SoBig wave. Drew --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
