Gwd: crypted document
Jason J. W. Williams
williamsjj at digitar.com
Fri Aug 3 02:51:10 UTC 2007
It seems to me a lot of virus scanners picked up this behavior in the
days of the "I Love You" and Melissa viruses, when virii tended to
infect documents rather than be self-propagating worms. We haven't lived
in a world where its likely a legitimate sender is unwittingly sending
infected documents for awhile. It'd be nice if the AV/MTA vendors would
take this feature out, or AV the message before they accept the DATA
section and leave it to the sending mail server to bounce it.
From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On Behalf Of
Sent: Thursday, August 02, 2007 8:22 PM
To: nanog at merit.edu
Subject: Re: Gwd: crypted document
Once upon a time, Hex Star <hexstar at gmail.com> said:
> Why would someone in the ISP industry try to spread a virus?
> suppose a ISP admin may have their own computer infected... :P
Why would someone assume that the sender in a virus email is valid?
Also, I want to thank all those with auto-responders that respond to
list email for letting me know about this message to NANOG.
Chris Adams <cmadams at hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
More information about the NANOG