From: Mike Ayers (firstname.lastname@example.org)
Date: Mon Apr 12 2004 - 12:35:27 EDT
> From: email@example.com [mailto:firstname.lastname@example.org]On
> Behalf Of Stefan Persson
> Sent: Monday, April 12, 2004 6:47 AM
> email@example.com wrote:
> > classroom test of you?
I searched my archives of the Unicode list, and could not find this
phrase. I suspect the email in question wasn't an actual list email (or
maybe I just didn't get it).
> This mail (containing a virus: shower_response.exe) was sent to me
> through firstname.lastname@example.org:
> Received: from 184.108.40.206 (EHLO unicode.org) (220.127.116.11)
> by mta150.mail.dcn.yahoo.com with SMTP; Fri, 09 Apr 2004
> 05:17:31 -0700
> Received: from sarasvati.unicode.org (localhost.localdomain
> by unicode.org (8.11.6/8.11.6) with ESMTP id i39BupS08634;
> Fri, 9 Apr 2004 07:56:51 -0400
> Received: with ECARTIS (v1.0.0; list unicode); Fri, 09 Apr
> 2004 07:56:50
> -0400 (EDT)
> Received: from unicode.org (slkcapanas11poola155.slkc.uswest.net
> by unicode.org (8.11.6/8.11.6) with ESMTP id i39BunS08623
> for <email@example.com>; Fri, 9 Apr 2004 07:56:49 -0400
You have not included the full set of headers here. It is common
practice for spammers and virus propogaters (yes, there are people who
deliberately spread infection, apparently as a hobby) to prepend fake
pathing information to hide the start of the real transfers. It is also now
common to use stolen IDs, such as mailing lists or individuals, in the
> Is there no kind of filter that sorts out viruses from the list?
I believe so, but I am not authoritative on the subject.
This archive was generated by hypermail 2.1.5 : Mon Apr 12 2004 - 13:17:50 EDT