| Stephen Gran on 2 Mar 2004 19:35:03 -0000 |
|
Hello all, I just saw this in my mail server logs: 2004-03-02 14:02:10 1AyF9e-00046C-EV H=estokes.actionaids.org (CHIRON) [204.170.159.2] F=<plug-request@lists.phillylinux> rejected after DATA: This message contains a virus: (Worm.Bagle.E) please scan your system. 2004-03-02 14:02:11 1AyF9f-00046E-85 H=estokes.actionaids.org (CHIRON) [204.170.159.2] F=<plug-request@lists.phillylinux> rejected after DATA: This message contains a virus: (Worm.Bagle.E) please scan your system. 2004-03-02 14:02:12 1AyF9g-00046G-1I H=estokes.actionaids.org (CHIRON) [204.170.159.2] F=<plug-request@lists.phillylinux> rejected after DATA: This message contains a virus: (Worm.Bagle.E) please scan your system. as well as: 2004-03-02 14:07:48 H=estokes.actionaids.org (CHIRON) [204.170.159.2] F=<uest@lists.phillylinux.org> rejected RCPT <e@lobefin.net>: Unrouteable address 2004-03-02 14:07:48 unexpected disconnection while reading SMTP command from estokes.actionaids.org (CHIRON) [204.170.159.2] 2004-03-02 14:07:49 H=estokes.actionaids.org (CHIRON) [204.170.159.2] F=<uest@lists.phillylinux.org> rejected RCPT <e@lobefin.net>: Unrouteable address 2004-03-02 14:07:49 unexpected disconnection while reading SMTP command from estokes.actionaids.org (CHIRON) [204.170.159.2] 2004-03-02 14:07:49 H=estokes.actionaids.org (CHIRON) [204.170.159.2] F=<uest@lists.phillylinux.org> rejected RCPT <e@lobefin.net>: Unrouteable address 2004-03-02 14:07:49 unexpected disconnection while reading SMTP command from estokes.actionaids.org (CHIRON) [204.170.159.2] (sorry about the bad wrap) So somebody subscribed to PLUG has a virus. BTW - here are probably the original infected mails that started the whole thread: 2004-02-29 01:28:14 1AxKQw-0003jw-3o H=ellesmere.netisland.net (mail.netisland.net) [209.163.107.162] U=qmailr F=<plug-admin@lists.phillylinux.org> rejected after DATA: This message contains a virus: (Worm.Bagle.E) please scan your system. 2004-03-02 14:01:19 1AyF8p-00040C-HI H=ellesmere.netisland.net (mail.netisland.net) [209.163.107.162] U=qmailr F=<plug-admin@lists.phillylinux.org> rejected after DATA: This message contains a virus: (Worm.Bagle.E) please scan your system. Since the virus being sent is the same, it seems likely the source is the same. Whoever you are, you might want to clean up your system. -- -------------------------------------------------------------------------- | Stephen Gran | If you talk to God, you are praying; if | | steve@lobefin.net | God talks to you, you have | | http://www.lobefin.net/~steve | schizophrenia. -- Thomas Szasz | -------------------------------------------------------------------------- Attachment:
pgpyAwHXGJfPY.pgp
|
|