|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
it might be a case of the klez virus -- someone, who may know someone who
knows you, has this virus, and the klez sent a fake e-mail to someone who
knows someone who knows this guy and happens to be in russia (or at least
uses a russian server).
wow, that makes almost no sence at all, but, I think the idea is there.
Someone has an outdated entry in a contact list most likely.
-b
-----Original Message-----
From: plug-admin@lists.phillylinux.org
[mailto:plug-admin@lists.phillylinux.org]On Behalf Of Martin DiViaio
Sent: Sunday, 29 September 2002 10:26 PM
To: plug@lists.phillylinux.org
Subject: Re: [PLUG] spoofing
It looks like someone sent something with your email address in the From:
line. The mail server having the problem (correctly) sent you and the
"identified sender" a copy of the bounce message if they were different.
On the 29th day of September in the year 2002 you wrote:
> Date: Sun, 29 Sep 2002 20:46:47 -0400
> From: Arthur S. Alexion <arthur@alexion.com>
> To: plug@lists.phillylinux.org
> Subject: [PLUG] spoofing
>
> Can someone familiar with this look at the following returned headers.
> Has someone from Russia compromised my system, or just coopted my
> identity?
>
> Art
>
> ---------- Forwarded Message (Originally from Mail Delivery Subsystem)
> ----------
>
> Subject: Returned mail: Local configuration error
> Date: Sat, 28 Sep 2002 05:33:04 +0400 (MSD)
> From: Mail Delivery Subsystem <MAILER-DAEMON@semikar.donpac.ru>
> To: postmaster@semikar.donpac.ru
>
> The original message was received at Sat, 28 Sep 2002 05:33:03 +0400
> (MSD) from silmaril.donpac.ru [195.161.172.248]
>
> ----- The following addresses had permanent fatal errors -----
> <and@smkr.ru>
>
> ----- Transcript of session follows -----
> 554 MX list for smkr.ru points back to semikar.donpac.ru
> 554 <and@smkr.ru>... Local configuration error
>
> ----- Original message follows -----
>
> Return-Path: <arthur@alexion.com>
> Received: from silmaril.donpac.ru (silmaril.donpac.ru
> [195.161.172.248]) by semikar.donpac.ru (8.9.3/8.9.3/-) with ESMTP id
> FAA82770
> for <and@smkr.ru>; Sat, 28 Sep 2002 05:33:03 +0400 (MSD)
> (envelope-from arthur@alexion.com)
> From: arthur@alexion.com
> Received: from donpac.ru (alb-66-24-199-116.nycap.rr.com
> [66.24.199.116]) by silmaril.donpac.ru (8.11.3/8.11.3/cae2.2.0.4) with
> SMTP id g8S01PS40413 for <and@smkr.ru>; Sat, 28 Sep 2002 04:01:29
> +0400 (MSD)
> (envelope-from arthur@alexion.com)
> Date: Fri Sep 27 19:00:36 2002
> To: and@smkr.ru
> Subject: Äåëîâîå ïðåäëîæåíèå
> Mime-Version: 1.0
> Content-type: text/plain; charset="windows-1252"
> Message-ID: <1364@know.de>
> X-Logged: Logged by silmaril.donpac.ru as g8S01PS40413 at Sat Sep 28
> 04:01:29 2002
>
>
>
>
> Äîáðîãî âðåìåíè ñóòîê!
>
> Â íàñòîÿùåå âðåìÿ ÎÎÎ "Àðìàâèðñêèé Ìÿñîêîñáèíàò" èìååò âîçìîæíîñòü
> ïîñòàâêè ìÿñíûõ êîíñåðâîâ ñî ñêëàäà â ã. Àðìàâèð, Êðàñíîäàðñêîãî êðàÿ,
> «Êàøà Ãóáåðíàòîðñêàÿ ñ ãîâÿäèíîé ãðå÷íåâàÿ», ìàññîé íåòòî 340ã., ïî
> öåíå 8 ðóá. 50 êîï çà áàíêó. Ñåðòèôèêàò ñîîòâåòñòâèÿ ïðèëàãàåòñÿ.
> Êîëè÷åñòâî è ñðîêè ïîñòàâêè äîëæíû áûòü ñîãëàñîâàíû äîïîëíèòåëüíî.
>
> Êîíòàêòíûå òåëåôîíû:
>
> +7-861-37-5-53-11, +7-902-485-05-47
>
> Email:
>
> contact@kingarthurmail.com
>
> Áóäåì ðàäû, åñëè íàøå ïðåäëîæåíèå Âàñ çàèíòåðåñîâàëî.
>
> -------------------------------------------------------
>
>
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
_________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce
General Discussion -- http://lists.netisland.net/mailman/listinfo/plug
|
|