it's trivially easy to forge the headers and make the email look like it's coming from somewhere else. some clients will warn you about this because the domain of the sender doesn't match the DNS records of the sender.
-phil
On 11/24/05, Aaron Silverman <[EMAIL PROTECTED]> wrote:
Ever since yesterday I've gotten like 10 e-mails, all with the
top saying:
WARNING!!! (from md1.mail.umd.edu)
The following message attachments were flagged by the
antivirus scanner:
Attachment [2.2] mail.zip, virus infected: W32/Sober-Z.
Action taken: deleted
And the subjects are stuff like Mail_Delivery_Failed,
smtp_mail failed, smtp mail failed. The senders seem bogus
like " [EMAIL PROTECTED]" and "[EMAIL PROTECTED]" (I don't even
use hotmail!) And I have a few with subjects "Registration
Confirmation" and then one last one that is just blatant virus
talking about use attachment to download videos of Paris Hilton.
I looked up the virus and it seems to only infect Windows
systems. However, does this mean my umd mail account is
hacked, or the sent mail failed is just more virus trickery.
Maybe a bunch of servers with my address in their book got
infected? Have you guys been getting a similar surge of these
e-mails? What do you all think?
- Aaron
