[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Earthlink and Swen



On Thu, 04 Dec 2003 22:56:59 -0800, Ross Boylan wrote:

> On Thu, Dec 04, 2003 at 03:08:23PM -0500, Paul Morgan wrote:
> ...
>> I have all services locked down to localhost; my only connections to
>> the outside world are mail, news via nntpcached, web via squid... I run
>> Apache but it too is locked down to localhost.  My mail is run through my
>> ISP's (earthlink's) virus and spam filters before I get it (otherwise I'd
>> be getting like 10 Svens per day). I do see, from time to time, Apache
>> refusing connections attempts which are generally attacks by Windoze worms.
> 
> I had a long talk with earthlink a month or two ago in which they told
> me they were not filtering out swen (and they certainly weren't; I got
> a ton).  Soon after that, I did see some swen-like stuff in their spam
> filter for my account (but I also saw plenty still coming at me).
> 
> What's your basis for saying they are filtering out swen, rather than
> that you're just getting less swen?

I have no idea why you are attacking my veracity.  My statement is fact.

>From - Fri Dec  5 15:57:48 2003
X-UIDL: 1asa4W2Al3NZFop0
X-Mozilla-Status: 0001
X-Mozilla-Status2: 08000000
Status:  U
Return-Path: <transp@bancorp.ru>
Received: from mail.telebit.ru ([217.107.81.59])
	by coot (EarthLink SMTP Server) with ESMTP id 1asa4W2Al3NZFop0
	Thu, 4 Dec 2003 23:08:41 -0800 (PST)
Received: from [81.25.172.123] (HELO qivz)
  by mail.telebit.ru (CommuniGate Pro SMTP 4.1.6)
  with SMTP id 3349026; Fri, 05 Dec 2003 10:07:59 +0300
FROM: "Email System" <webrobot@microsoft.com>
TO: "Mail Receiver" <client@yourserver.com>
SUBJECT: Failure Letter
Mime-Version: 1.0
Content-Type: multipart/alternative;
	boundary="tkvyqd"
Date: Fri, 05 Dec 2003 10:08:00 +0300
Message-ID: <auto-000003349026@mail.telebit.ru>
X-ELNK-AV: 1

--tkvyqd
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable

<HTML>You currently have EarthLink Virus Blocker powered by Symantec enabled.<br>The following attachments were infected and have been repaired:<br><br>No attachments are in this category.<br>
<br>The following infected attachments were deleted:<br><br>1. fdbq.exe: W32.Swen.A@mm<br>
<br>------------ Original message text follows ------------<br><br>

<HEAD></HEAD>
<BODY>
<iframe src=3D"cid:bbhhysgma" height=3D0 width=3D0></iframe>
<BR><BR>Hi.
<BR>This is the qmail program<BR>
<BR><BR><BR>Undeliverable to <B>bwjkue@microsoft.com</B>
</BODY></HTML>

--tkvyqd
Content-Type: text/plain;
	name="DELETED0.TXT"
Content-Transfer-Encoding: base64
Content-Id: <bbhhysgma>

ZmlsZSBhdHRhY2htZW50OiBmZGJxLmV4ZQ0KDQpUaGUgZmlsZSBhdHRhY2hlZCB0byB0aGlz
IGVtYWlsIHdhcyByZW1vdmVkIGJlY2F1c2UgaXQgaXMgaW5mZWN0ZWQgd2l0aCB0aGUgVzMy
LlN3ZW4uQUBtbSB2aXJ1cy4NCg==
--tkvyqd--

-- 
....................paul

"The number of UNIX installations has grown to 10, with more expected."
(The UNIX Programmer's Manual, 2nd Edition, June 1972)




Reply to: