on Wed, Nov 26, 2003 at 11:20:04PM +0000, Robin Gerard (robin.jag@free.fr) wrote:
> Hello,
> microsoft sends me five spam of 160 000 bytes in my box and when I run
> host I receive the message: address not exists.
> If the adress exists I put it in my file hosts.allow but without success.
> I don't know if smtp-refuser works fine ?
>
> the strange addreses are:
>
> enzjsso@advisor.com
> mcdkm_wgoxshsqqx@technet.com
> sideduz-wzpii@updates.com
> byyyfuij-jjmckxpo@updates.microsoft.com
> retebbz_wgyrsolg@support.ms.net
>
> I can delete this spams on my server (free.fr), with telnet manualy but, is it
> possible to write a script to automate this work ?
> (perhaps perl is my friend ....?)
>
> Thanks in advance for any help and advises.
140k executable attachments? That's the Swen viral mail:
http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html
http://www.f-secure.com/v-descs/swen.shtml
http://reviews-zdnet.com.com/4520-6600_16-5078666.html
http://www.itd.umich.edu/news/2003fall/09252003a.html
http://www.google.com/search?q=swen+virus
List archives (may still be offline) have much discussion of this since
September 19, 2003, when it first appeared.
If you simply want to delete the mail, do so.
Those who use directory-based mailbox formats can use the reporting
scripts below to LART admins at the originating ISP. Note that these
are works in progress. Comments inline.
http://kmself.home.netcom.com/Download/reportSwen
http://kmself.home.netcom.com/Download/fqdn2domain
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
Bush/Cheney '04: Lies and videotape but no sex!
Attachment:
pgpWvDNNHPPgt.pgp
Description: PGP signature