StealthMode - You've said you want to drop the issue, but you also have some misconceptions that really ought to be addressed. If you want the conversation to end with this email, so be it.
> My network is clean, I can guarantee that. Since we already know that the "from" field of the email is being spoofed, it's already been concluded that the state of your network has no bearing on the worm's ability to specify you as a sender. Your email address--a simple byte string--only needs to be present on an infected machine. > Like I said check the header, and thanks, because your reply confirms it > is someone specifically spoofing emails, and not a worm (worms dont pick > up on addresses IN an email, only ones FROM an emails FROM area). So worms like W32/[EMAIL PROTECTED] that are sophisticated enough to pack their own SMTP engines and scan hard drives to harvest addresses are somehow unable to look at email content, even though that information is usually stored on hard drives? Where are you getting your information from? Check McAfee or Symantec's virus information sites for information on what modern worms are programmed to do. Take a look at Symantec's step-by-step list of the worm's actions in particular. http://securityresponse.symantec.com/avcenter/venc/data/[EMAIL PROTECTED] http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=125089 > Lastly, no emails were spoofed to this list in my name, however to > individuals they were. What does that tell you? It tells me that the worm hasn't sent anything to the list using your email address in the "from" field. Since the contaminated message was sent to the list was on the 12th and you began your recent posts here almost 24 hours afterward, that doesn't exactly shock me. Karl XP-Cagey _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders
