Actually, the attached message was sent from a computer infected with a
virus. There is an unusually high number of messages that fit
symantec's description of some worms out there today. My best guess is
it is one of these two worms.
http://securityresponse1.symantec.com/sarc/sarc.nsf/html/[EMAIL PROTECTED]
html
http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.kickin.
[EMAIL PROTECTED]
Joe
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 19, 2003 8:23 AM
To: [EMAIL PROTECTED]
Subject: [PHP-DB] [SPAM?] [PHP-DB] Re: That movie
This mail is probably spam. The original message has been attached
along with this report, so you can recognize or block similar unwanted
mail in future. See http://spamassassin.org/tag/ for more details.
Content preview: Please see the attached file for details. -- PHP
Database Mailing List (http://www.php.net/) To unsubscribe, visit:
http://www.php.net/unsub.php [...]
Content analysis details: (5.20 points, 5 required)
NO_REAL_NAME (0.8 points) From: does not include a real name
INVALID_DATE (0.6 points) Invalid Date: header (not RFC 2822)
RAZOR2_CHECK (2.1 points) Listed in Razor2, see
http://razor.sf.net/
DATE_IN_PAST_06_12 (0.8 points) Date: is 6 to 12 hours before
Received:
date
MISSING_MIMEOLE(0.5 points) Message has X-MSMail-Priority, but no
X-
MimeOLE
MIME_BOUND_NEXTPART (0.4 points) Spam tool pattern in MIME boundary
The original message did not contain plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam. If you wish to view
it, it may be safer to save it to a file and open it with an editor.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
