other virus damages/costs.....(hello skynet.be ?)

• Previous message (by thread): What happened to dot pro... (BTW)
• Next message (by thread): other virus damages/costs.....(hello skynet.be ?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Looking at my disk stats, my mail storage spool has grown by 15% in the 
past week not due the deluge of viruses which I can block and reject, but 
in large part to those idiotic "Hi, I am sorry in a happy idiotic way to 
inform you that the message you sent has a virus" messages....  As almost 
all of them forge their email address, what is the point of warning the 
"sender."  Even better, I wake up this am to 285 (and growing) messages 
below telling me that someone at skynet is trying to send me a virus 
message and it cc's 64 other people.  Nice.


         ---Mike

>From: "Skynet Mail Protection" <support at skynet.be>
>To: gbs-vossem at pi.be
>To: timofeev at granch.ru
>To: chris at aims.com.au
>To: dcs at newsguy.com
>To: imp at harmony.village.org
>To: ted at ness.plymouth.edu
>To: deepak at ai.net
>To: bmilekic at technokratis.com
>To: randy at psg.com
>To: sthaug at nethelp.no
>To: shelton at sentry.granch.ru
>To: danny_j_mitzel at yahoo.com
>To: tinguely at web.cs.ndsu.nodak.edu
>To: charon at hell.gr
>To: jesper at skriver.dk
>To: anandfranklin at hotmail.com
>To: nascar24 at home.nl
>To: c.prevotaux at hexanet.fr
>To: reichert at numachi.com
>To: andy at tecc.co.uk
>To: provos at citi.umich.edu
>To: rtek at dolfijntje.nl
>To: jack_xiao99 at hotmail.com
>To: mark.blackman at netscalibur.co.uk
>To: gunther at aurora.regenstrief.org
>To: s_bschmi at ira.uka.de
>To: vova at express.ru
>To: vlad at ariel.phys.wesleyan.edu
>To: lord at 4jon.com
>To: assar at freebsd.org
>To: peter.jeremy at alcatel.com.au
>To: chaegle at mediaone.net
>To: brad at wcubed.net
>To: ewiz at mail.dotcom.fr
>To: freedom at csie.nctu.edu.tw
>To: oberman at es.net
>To: wes at softweyr.com
>To: julian at elischer.org
>To: iedowse at maths.tcd.ie
>To: sroberts84 at hotmail.com
>To: maddave at suxx.eu.org
>To: ambrisko at ambrisko.com
>To: ari at suutari.iki.fi
>To: bonnetf at plonk.esiee.fr
>To: lucky at land3.nsu.ru
>To: ume at freebsd.org
>To: crewking at buckeye-express.com
>To: bright at sneakerz.org
>To: tlambert at primenet.com
>To: gwford at home.com
>To: vlad at infonet.com.ua
>To: freebsd-lists-for-dayan-only-owner at egroups.co.uk
>To: kimch at etri.re.kr
>To: chris at calldei.com
>To: peter at guest-tek.com
>To: sudish at corp.earthlink.net
>To: peter at wemm.org
>To: cristjc at earthlink.net
>To: yar at freebsd.org
>To: shalunov at internet2.edu
>To: mike at sentex.net
>To: roy at its-sby.edu
>To: kjc at csl.sony.co.jp
>To: seichert at coopcomp.com
>Subject: Skynet Mail Protection scan results
>Date: Mon, 02 Feb 2004 12:09:44 +0100
>Importance: high
>X-Mailer: ravmd/8.4.2
>X-RAVMilter-Version: 8.4.3(snapshot 20030212) (september.skynet.be)
>X-Virus-Scanned: by amavisd-new
>X-Spam-Flag: YES
>X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on
>         spamscanner4.sentex.ca
>X-Spam-Level: *****
>X-Spam-Status: Yes, hits=5.7 required=5.1 tests=MAILTO_TO_SPAM_ADDR,
>         MISSING_MIMEOLE,MISSING_OUTLOOK_NAME,TW_JN,X_PRIORITY_HIGH,
>         X_PRI_MISMATCH_HI autolearn=no version=2.63
>X-Spam-Report:
>         *  0.5 X_PRIORITY_HIGH Sent with 'X-Priority' set to high
>         *  0.1 TW_JN BODY: Odd Letter Triples with JN
>         *  1.1 MAILTO_TO_SPAM_ADDR URI: Includes a link to a likely 
> spammer email
>         *  1.2 MISSING_MIMEOLE Message has X-MSMail-Priority, but no 
> X-MimeOLE
>         *  2.8 X_PRI_MISMATCH_HI 'X-Priority' does not match 
> 'X-MSMail-Priority'
>         *  0.1 MISSING_OUTLOOK_NAME Message looks like Outlook, but isn't
>
>
>
>-----------------------
>This e-mail is generated by Skynet Mail Protection to warn you that the e-mail
>sent by gbs-vossem at pi.be to timofeev at granch.ru, chris at aims.com.au, 
>dcs at newsguy.com, imp at harmony.village.org, ted at ness.plymouth.edu, 
>deepak at ai.net, bmilekic at technokratis.com, randy at psg.com, 
>sthaug at nethelp.no, shelton at sentry.granch.ru, danny_j_mitzel at yahoo.com, 
>tinguely at web.cs.ndsu.nodak.edu, charon at hell.gr, jesper at skriver.dk, 
>anandfranklin at hotmail.com, nascar24 at home.nl, c.prevotaux at hexanet.fr, 
>reichert at numachi.com, andy at tecc.co.uk, provos at citi.umich.edu, 
>rtek at dolfijntje.nl, jack_xiao99 at hotmail.com, 
>mark.blackman at netscalibur.co.uk, gunther at aurora.regenstrief.org, 
>s_bschmi at ira.uka.de, vova at express.ru, vlad at ariel.phys.wesleyan.edu, 
>lord at 4jon.com, assar at freebsd.org, peter.jeremy at alcatel.com.au, 
>chaegle at mediaone.net, brad at wcubed.net, ewiz at mail.dotcom.fr, 
>freedom at csie.nctu.edu.tw, oberman at es.net, wes at softweyr.com, 
>julian at elischer.org, iedowse at maths.tcd.ie, sroberts84 at hotmail.com, 
>maddave at suxx.eu.org, ambrisko at ambrisko.com, ari at suutari.iki.fi, 
>bonnetf at news.esiee.fr, lucky at land3.nsu.!
>  ru, ume at freebsd.org, crewking at buckeye-express.com, bright at sneakerz.org, 
> tlambert at primenet.com, gwford at home.com, vlad at infonet.com.ua, 
> freebsd-lists-for-dayan-only-owner at egroups.co.uk, kimch at etri.re.kr, 
> chris at calldei.com, peter at guest-tek.com, sudish at corp.earthlink.net, 
> peter at wemm.org, cristjc at earthlink.net, yar at freebsd.org, 
> shalunov at internet2.edu, mike at sentex.net, roy at its-sby.edu, 
> kjc at csl.sony.co.jp, seichert at coopcomp.com is infected with virus: 
> Win32/Swen.A at mm.
>Deze e-mail is gegenereerd door Skynet Mail Protection om u te waarschuwen dat
>de e-mail gestuurd door gbs-vossem at pi.be naar timofeev at granch.ru, 
>chris at aims.com.au, dcs at newsguy.com, imp at harmony.village.org, 
>ted at ness.plymouth.edu, deepak at ai.net, bmilekic at technokratis.com, 
>randy at psg.com, sthaug at nethelp.no, shelton at sentry.granch.ru, 
>danny_j_mitzel at yahoo.com, tinguely at web.cs.ndsu.nodak.edu, charon at hell.gr, 
>jesper at skriver.dk, anandfranklin at hotmail.com, nascar24 at home.nl, 
>c.prevotaux at hexanet.fr, reichert at numachi.com, andy at tecc.co.uk, 
>provos at citi.umich.edu, rtek at dolfijntje.nl, jack_xiao99 at hotmail.com, 
>mark.blackman at netscalibur.co.uk, gunther at aurora.regenstrief.org, 
>s_bschmi at ira.uka.de, vova at express.ru, vlad at ariel.phys.wesleyan.edu, 
>lord at 4jon.com, assar at freebsd.org, peter.jeremy at alcatel.com.au, 
>chaegle at mediaone.net, brad at wcubed.net, ewiz at mail.dotcom.fr, 
>freedom at csie.nctu.edu.tw, oberman at es.net, wes at softweyr.com, 
>julian at elischer.org, iedowse at maths.tcd.ie, sroberts84 at hotmail.com, 
>maddave at suxx.eu.org, ambrisko at ambrisko.com, ari at suutari.iki.fi, 
>bonnetf at news.esiee.fr!
>  , lucky at land3.nsu.ru, ume at freebsd.org, crewking at buckeye-express.com, 
> bright at sneakerz.org, tlambert at primenet.com, gwford at home.com, 
> vlad at infonet.com.ua, freebsd-lists-for-dayan-only-owner at egroups.co.uk, 
> kimch at etri.re.kr, chris at calldei.com, peter at guest-tek.com, 
> sudish at corp.earthlink.net, peter at wemm.org, cristjc at earthlink.net, 
> yar at freebsd.org, shalunov at internet2.edu, mike at sentex.net, 
> roy at its-sby.edu, kjc at csl.sony.co.jp, seichert at coopcomp.com geinfecteerd 
> is met Win32/Swen.A at mm.
>Ce mail est généré par Skynet Mail Protection afin de vous prévenir que 
>l'e-mail envoyé par gbs-vossem at pi.be à timofeev at granch.ru, 
>chris at aims.com.au, dcs at newsguy.com, imp at harmony.village.org, 
>ted at ness.plymouth.edu, deepak at ai.net, bmilekic at technokratis.com, 
>randy at psg.com, sthaug at nethelp.no, shelton at sentry.granch.ru, 
>danny_j_mitzel at yahoo.com, tinguely at web.cs.ndsu.nodak.edu, charon at hell.gr, 
>jesper at skriver.dk, anandfranklin at hotmail.com, nascar24 at home.nl, 
>c.prevotaux at hexanet.fr, reichert at numachi.com, andy at tecc.co.uk, 
>provos at citi.umich.edu, rtek at dolfijntje.nl, jack_xiao99 at hotmail.com, 
>mark.blackman at netscalibur.co.uk, gunther at aurora.regenstrief.org, 
>s_bschmi at ira.uka.de, vova at express.ru, vlad at ariel.phys.wesleyan.edu, 
>lord at 4jon.com, assar at freebsd.org, peter.jeremy at alcatel.com.au, 
>chaegle at mediaone.net, brad at wcubed.net, ewiz at mail.dotcom.fr, 
>freedom at csie.nctu.edu.tw, oberman at es.net, wes at softweyr.com, 
>julian at elischer.org, iedowse at maths.tcd.ie, sroberts84 at hotmail.com, 
>maddave at suxx.eu.org,!
>   ambrisko at ambrisko.com, ari at suutari.iki.fi, bonnetf at news.esiee.fr, 
> lucky at land3.nsu.ru, ume at freebsd.org, crewking at buckeye-express.com, 
> bright at sneakerz.org, tlambert at primenet.com, gwford at home.com, 
> vlad at infonet.com.ua, freebsd-lists-for-dayan-only-owner at egroups.co.uk, 
> kimch at etri.re.kr, chris at calldei.com, peter at guest-tek.com, 
> sudish at corp.earthlink.net, peter at wemm.org, cristjc at earthlink.net, 
> yar at freebsd.org, shalunov at internet2.edu, mike at sentex.net, 
> roy at its-sby.edu, kjc at csl.sony.co.jp, seichert at coopcomp.com est infecté 
> par le virus : Win32/Swen.A at mm.
>
>Please contact your system administrator for further information.
>Gelieve uw systeembeheerder te contacteren voor meer informatie.
>Veuillez contacter votre administrateur système pour de plus amples 
>informations.
>
>If you are the sender:
>Indien u de zender bent:
>Si vous êtes l'expéditeur:
>-------------------
>The scanned e-mail has your address in the <From> header field. Either your
>computer is infected or someone's computer having your e-mail address in
>the address book has been infected.
>De gescande e-mail heeft uw adres in het <From> veld.  Dat betekent dat ofwel
>jouw computer geinfecteerd is, ofwel dat iemand is geinfecteerd, die jouw 
>e-mail
>adres in zijn/haar adresboek heeft.
>Le mail scanné contient votre adresse e-mail dans son en-tête <De>.
>Soit votre ordinateur est infecté soit votre adresse e-mail est reprise dans
>le carnet d'adresse d'un ordinateur infecté.
>
>If you are the receiver:
>Indien u de bestemmeling bent:
>Si vous êtes le destinataire:
>---------------------
>Please contact the sender: most likely he/she doesn't know he/she has a 
>computer virus.
>Gelieve de zender te contacteren: hoogst waarschijnlijk weet hij/zij niet 
>dat hij/zij
>geinfecteerd is met een computer virus.
>Veuillez contacter l'expéditeur: le plus souvent, il/elle ne sait pas que son
>ordinateur est infecté.
>
>Actions taken for the infected files:
>Ondernomen actie voor de geinfecteerde bestanden:
>Actions prises pour les fichiers infectés:
>-------------------------------------
>
>
>The infected file was saved to quarantine with name: 
>1075720184-RAVi12B9bAP025868.
>The file (part0004:Update.exe) attached to mail (with subject:net critical 
>upgrade) sent by gbs-vossem at pi.be to timofeev at granch.ru, 
>chris at aims.com.au, dcs at newsguy.com, imp at harmony.village.org, 
>ted at ness.plymouth.edu, deepak at ai.net, bmilekic at technokratis.com, 
>randy at psg.com, sthaug at nethelp.no, shelton at sentry.granch.ru, 
>danny_j_mitzel at yahoo.com, tinguely at web.cs.ndsu.nodak.edu, charon at hell.gr, 
>jesper at skriver.dk, anandfranklin at hotmail.com, nascar24 at home.nl, 
>c.prevotaux at hexanet.fr, reichert at numachi.com, andy at tecc.co.uk, 
>provos at citi.umich.edu, rtek at dolfijntje.nl, jack_xiao99 at hotmail.com, 
>mark.blackman at netscalibur.co.uk, gunther at aurora.regenstrief.org, 
>s_bschmi at ira.uka.de, vova at express.ru, vlad at ariel.phys.wesleyan.edu, 
>lord at 4jon.com, assar at freebsd.org, peter.jeremy at alcatel.com.au, 
>chaegle at mediaone.net, brad at wcubed.net, ewiz at mail.dotcom.fr, 
>freedom at csie.nctu.edu.tw, oberman at es.net, wes at softweyr.com, 
>julian at elischer.org, iedowse at maths.tcd.ie, sroberts84 at hotmail.com, 
>maddave at suxx.eu.org!
>  , ambrisko at ambrisko.com, ari at suutari.iki.fi, bonnetf at news.esiee.fr, 
> lucky at land3.nsu.ru, ume at freebsd.org, crewking at buckeye-express.com, 
> bright at sneakerz.org, tlambert at primenet.com, gwford at home.com, 
> vlad at infonet.com.ua, freebsd-lists-for-dayan-only-owner at egroups.co.uk, 
> kimch at etri.re.kr, chris at calldei.com, peter at guest-tek.com, 
> sudish at corp.earthlink.net, peter at wemm.org, cristjc at earthlink.net, 
> yar at freebsd.org, shalunov at internet2.edu, mike at sentex.net, 
> roy at its-sby.edu, kjc at csl.sony.co.jp, seichert at coopcomp.com
>is infected with virus: Win32/Swen.A at mm.
>The mail was not delivered because it contained dangerous code.
>
>------------------------
>this is a copy of the e-mail header:
>
>
>
>RAV AntiVirus for Linux i386 version: 8.4.2 (snapshot-20030212)
>
>Scan engine 8.11 for i386.
>Last update: Mon, 02 Feb 2004 04:36:04 +01
>Scanning for 89407 malwares (viruses, trojans and worms).

--------------------------------------------------------------------
Mike Tancsa,                          	          tel +1 519 651 3400
Sentex Communications,     			  mike at sentex.net
Providing Internet since 1994                    www.sentex.net
Cambridge, Ontario Canada			  www.sentex.net/mike

• Previous message (by thread): What happened to dot pro... (BTW)
• Next message (by thread): other virus damages/costs.....(hello skynet.be ?)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]