[NTLUG:Discuss] is this possible

[Jeff Demel]

Nope.  Don't worry.

The sobig virus picks an address from the infected machine's address book
and uses it as the FROM address.  It is a windows-only problem.

Unfortunately, someone you know apparently got nailed, because it found your
address in their address book.


-Jeff


> -----Original Message-----
> From: discuss-bounces at ntlug.org 
> [mailto:discuss-bounces at ntlug.org] On Behalf Of fredjame
> Sent: Thursday, August 21, 2003 5:00 PM
> To: NTLUG Discussion List
> Subject: [NTLUG:Discuss] is this possible
> 
> 
> I run a Mandrake Linux 9.1 desktop, and that is where my Mozilla mail 
> client is.
> I just received an email containing the message below - 
> suggesting that 
> I sent a message containing Win32/Sobig.F.Trojan to 
> mhti at pct.edu. Beyond the fact that I don't know anyone with 
> that address and haven't 
> sent such a message, and that I know I address could easily 
> faked into a 
> message sent from almost any MS machine, is it possible for 
> this virus 
> to be using my Linux machine as a base of opperations?
> 
>  >>
> 
>    ----- The following address(es) had permanent fatal errors 
> ----- <mhti at pct.edu>; originally to mhti at pct.edu (unrecoverable error)
>   	The mail system encountered a delivery failure, code -18.
>   	This failure could be due to circumstances out of its control,
>   	please check the transcript for details
>   	  ----- Transcript of session follows -----
> Your message is being returned since it seems to contain the 
> Win32/Sobig.F.Trojan virus
> 
> --------------------------------------------------------------
> ----------
> 
> Reporting-MTA: dns; email.pct.edu
> Arrival-Date: Thu, 21 Aug 2003 16:26:55 -0500
> Original-Recipient: mhti at pct.edu
> Final-Recipient: mhti at pct.edu
> Action: failed
> Status: 5.0.0
> <<
> 
> -- 
> ...small is beautiful.
> 
> 
> 
> _______________________________________________
> https://ntlug.org/mailman/listinfo/discuss
> 
>