| Chad Waters on 13 Apr 2004 19:47:01 -0000 |
|
Well without the original headers it's hard to be certain, but most likely you are an innocent bystander whose email address was spoofed. http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky.q@mm.html -C On Tue, Apr 13, 2004 at 03:19:56PM -0400, Michael Lazin wrote: > I received this curious message today. It looks like a virus was sent > to Japan from my mail server. If anyone could tell me what is going on > it would be greatly appreciated. I am scanning my primary computer for > viruses now. It is a mac running os x. My mail server is a > sparcstation running Solaris 9. It has no virus protection, but I have > never heard of any Solaris viruses. > > Thanks, > > Michael > > Begin forwarded message: > > >From: Mail Delivery Subsystem > ><MAILER-DAEMON@fukudagw.hongo.fukuda.co.jp> > >Date: Tue Apr 13, 2004 11:23:54 AM US/Eastern > >To: <michael@lazinweb.homelinux.net> > >To: postmaster@fukudagw.hongo.fukuda.co.jp > >Subject: Returned mail: Too many hops 27 (25 max): from > ><michael@lazinweb.homelinux.net> via localhost.localdomain, to > ><09044@wa106.fukuda.co.jp> > > > >The original message was received at Wed, 14 Apr 2004 00:23:54 +0900 > >from localhost.localdomain [127.0.0.1] > > > > ----- The following addresses had permanent fatal errors ----- > ><09044@wa106.fukuda.co.jp> > > > > ----- Transcript of session follows ----- > >554 Too many hops 27 (25 max): from <michael@lazinweb.homelinux.net> > >via localhost.localdomain, to <09044@wa106.fukuda.co.jp> > >Reporting-MTA: dns; fukudagw.hongo.fukuda.co.jp > >Received-From-MTA: DNS; localhost.localdomain > >Arrival-Date: Wed, 14 Apr 2004 00:23:54 +0900 > > > >Final-Recipient: RFC822; 09044@wa106.fukuda.co.jp > >Action: failed > >Status: 5.4.6 > >Last-Attempt-Date: Wed, 14 Apr 2004 00:23:54 +0900 > > > >From: michael@lazinweb.homelinux.net > >Date: Tue Apr 13, 2004 11:17:09 AM US/Eastern > >To: 09044@wa106.fukuda.co.jp > >Subject: Error (09044@wa106.fukuda.co.jp) > > > > > >------------------ Virus Warning Message (on fukudagw) > > > >Found virus WORM_NETSKY.Q in file data.eml > > > >.scr (in data6306.zip) > >The uncleanable file is deleted. > > > >--------------------------------------------------------- > > > >Mail Delivery System - This mail contains binary characters > > > >------------- failed message ------------- > >B|6?UC~*I$I;k~D?__CU?Jr+U_GZTb+_$nF)+bjtj'#>_$ > >rgPB+.yxJDAF:n'Kl)#SWl+off&gu#07wb+2BCX&6xZuY > >v$2VDu63*m5&?ZX?.*MW?lLNy6>#1roc?I0;6Q5rSSyD > >O8y;+0JV_&E9(?o7&Q:Rta;jQ?wad-hJ'Qk > > > >Received message has been attached. > > > > > >------------------ Virus Warning Message (on fukudagw) > > > >data6306.zip is removed from here because it contains a virus. > > > >--------------------------------------------------------- > > > > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug Attachment:
signature.asc
|
|