[OT] Might this be a symptom of a virus/worm?

To: debian-user@lists.debian.org
Subject: [OT] Might this be a symptom of a virus/worm?
From: Pigeon <jah.pigeon@ukonline.co.uk>
Date: Sat, 15 May 2004 00:13:23 +0100
Message-id: <[🔎] 20040514231323.GM29306@schnellbox.pigeonloft>

I have received an email from the
progressivemusicforum@yahoogroups.com mailing list, to which I am
subscribed. The originator of the email has sent it to a large number
of recipients, as shown in the To: header - legitimately, not as spam,
but there are two spurious entries in the list:

Chipster@schnellbox.pigeonloft
Robert@schnellbox.pigeonloft

"schnellbox.pigeonloft" is an internal hostname of mine, obviously not
routable from "the outside". It is the box from which I post to the
progressivemusicforum list. I don't have users named "Chipster" or
"Robert". There is nothing in my exim logs relating to "Chipster" or
"Robert" and chkrootkit says nothing untoward is on any of my machines.

I am guessing that the guy who sent out the email in question may be
infected with some kind of virus which has found
"@schnellbox.pigeonloft" in the Message-Id: headers of my posts to
progressivemusicforum and added spurious user names to them which have
somehow found their way into the sender's list of recipients for the
email.

Googling for chipster robert virus doesn't throw up anything about a
virus that uses these fake names; does anyone on here recognise this
as possible viral behaviour? I've warned the sender just in case. The
full email is attached.

-- 
Pigeon

Be kind to pigeons
Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F

From sentto-11332485-2524-1084495284-bjh=pigeon.dyndns.org@returns.groups.yahoo.com Fri May 14 01:42:39 2004
Return-path: <sentto-11332485-2524-1084495284-bjh=pigeon.dyndns.org@returns.groups.yahoo.com>
Envelope-to: pigeon@schnellbox.pigeonloft
Received: from pigeon by schnellbox.pigeonloft with local (Exim 3.35 #1 (Debian))
	id 1BOQmd-0003dB-00
	for <pigeon@schnellbox.pigeonloft>; Fri, 14 May 2004 01:42:39 +0100
Received: from nestie.pigeonloft ([192.168.1.2] ident=mail)
	by schnellbox.pigeonloft with esmtp (Exim 3.35 #1 (Debian))
	id 1BOQmd-0003cw-00
	for <bjh@schnellbox.pigeonloft>; Fri, 14 May 2004 01:42:39 +0100
Received: from [66.218.66.66] (helo=n11.grp.scd.yahoo.com)
	by nestie.pigeonloft with smtp (Exim 3.35 #1 (Debian))
	id 1BOQmc-0006fL-00
	for <bjh@pigeon.dyndns.org>; Fri, 14 May 2004 01:42:38 +0100
X-eGroups-Return: sentto-11332485-2524-1084495284-bjh=pigeon.dyndns.org@returns.groups.yahoo.com
Received: from [66.218.66.31] by n11.grp.scd.yahoo.com with NNFMP; 14 May 2004 00:41:25 -0000
X-Sender: billyfox@soundscapes.us
X-Apparently-To: progressivemusicforum@yahoogroups.com
Received: (qmail 98714 invoked from network); 14 May 2004 00:41:23 -0000
Received: from unknown (66.218.66.172)
  by m25.grp.scd.yahoo.com with QMQP; 14 May 2004 00:41:23 -0000
Received: from unknown (HELO newmx3.fast.net) (209.92.1.33)
  by mta4.grp.scd.yahoo.com with SMTP; 14 May 2004 00:41:22 -0000
Received: (qmail 3635 invoked from network); 14 May 2004 00:41:15 -0000
Received: from unknown (HELO soundscapes.us) ([209.60.99.38]) (envelope-sender <billyfox@soundscapes.us>)
          by newmx3.fast.net (qmail-ldap-1.03) with SMTP
          for <dg@dominicgaudious.com>; 14 May 2004 00:41:15 -0000
Message-ID: <40A41589.3060500@soundscapes.us>
User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.5) Gecko/20031007
X-Accept-Language: en-us, en
To: Dominic Gaudious <DG@dominicgaudious.com>, 
 Hudson Valley Records <Spotmuse@aol.com>,
 Kathleen Monahan <kdmpromo@earthlink.net>, 
 musik international <radio@musikinternational.com>,
 Narada <friends@narada.com>, 
 "New Earth Records (Laurie Cummins)" <intlsales@newearthrecords.com>,
 Spotted Peccary <jj@spottedpeccary.com>, 
 Virtue Records <virtuerec@aol.com>,
 Wendy Spotz <wendy_s@springhillmedia.com>, 
 Bret Adams <BACHIPSTER@aol.com>,
  Chipster@schnellbox.pigeonloft, 
	Curtis Reid <info@curtis-reid.com>, 
 "Denis J. Lanza" <voxman@snet.net>,
 e-Prog <e-Prog@yahoogroups.com>, Flower Kings <flowerkings@foxtrot.se>, 
 Gary Davis <artshop@artist-shop.com>,
 Grace <WhtDoveOrg@aol.com>, Hellmut Hattler <hh@hellmut-hattler.de>, 
 Jen Graham <radio@metalblade.com>,
 John Galgano <Izzeo@aol.com>, Musea Data <museadata@wanadoo.fr>, 
 PMS <progressivemusicsociety@yahoogroups.com>,
 "progdj@yahoogroups.com" <progdj@yahoogroups.com>, 
 "progressivemusicforum@yahoogroups.com" <progressivemusicforum@yahoogroups.com>,
  Robert@schnellbox.pigeonloft, 
	Thoughts Yahoogroup <thoughts2@yahoogroups.com>, 
 billyfox@soundscapes.us
X-eGroups-Remote-IP: 209.92.1.33
From: Bill Fox <billyfox@soundscapes.us>
X-Yahoo-Profile: ultramusicman
MIME-Version: 1.0
Mailing-List: list progressivemusicforum@yahoogroups.com; contact progressivemusicforum-owner@yahoogroups.com
Delivered-To: mailing list progressivemusicforum@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:progressivemusicforum-unsubscribe@yahoogroups.com>
Date: Thu, 13 May 2004 20:40:41 -0400
Subject: [progressivemusicforum] Afterglow Playlist for May 13, 2004
Reply-To: progressivemusicforum@yahoogroups.com
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Footer-Stripped: yes
Status: RO
Content-Length: 3983
Lines: 103

http://soundscapes.us/afterglow/playlists/2004/040513.html

Afterglow is where I present an eclectic mix of genres with an emphasis on
Progressive Rock.

If you or your band have a version of the Genesis song, Afterglow, send 
it to me
and I will consider using it to start the program.  If I use it, the 
band gets a
link on the Afterglow web site!

I also host The AM/FM Show every other Saturday morning and will be there on
Saturday, May 15.

                    Show #92                    May 13, 2004

8:00 am (Phase I: An Eclectic Mix of Genres)

ARTIST                  TRACK                    ALBUM (label)
======================= ======================== 
===============================
Acoustic Moods          Afterglow                none (none)
Deuter                  The Source               Earth Blue (New Earth)
John Adorney            Always                   Waiting for the Moon (Ever
                                                   Sound)
Mary Martin Stockdale   Spider's Web             Timeless (Scorpiano)
Peter Sterling          La Rosa De Amor          Harp Dreams (Harp Magic)

8:30 am (Phase II: Progressive Rock)

ARTIST                  TRACK                    ALBUM (label)
======================= ======================== 
===============================
Kansas                  Can I Tell You           Kansas (Epic)
Kansas                  Song for America         Song for America (Epic)
Proto-Kaw               Theophany                Before Became After 
(InsideOut)

9:00 am (More Phase II: Progressive Rock)

ARTIST                  TRACK                    ALBUM (label)
======================= ======================== 
===============================
Seventh Key             Sin City                 The Raging Fire (InsideOut)
Motherjane              Questions                Insane Biography (Kan&Will)
Frogg Cafe              Creatures                Creatures (none)
Enchant                 Living in a Movie        Tug of War (InsideOut)

9:30 am

 * = exerpt
VA = Various Artists (compilation)

Bill
==========================================================================================================
Host of Afterglow every Thursday at 8:00 am (GMT-5:00).
Phase 1: Mixed bag of acoustic, electric, pop, or New Age.
Phase 2: Progressive rock from past masters to comtemporary releases.
Web Site - http://soundscapes.us/afterglow
Listen on-line to WMUH Allentown, 91.7 FM at 
http://www.muhlenberg.edu/wmuh  and click the REAL AUDIO link
or go directly to http://192.104.181.184:8080/ramgen/encoder/live.rm
==========================================================================================================
The progdj list is the central clearing house for radio playlists of 
Progressive Rock programs.   Tired of
joining dozens of mailing lists to post playlists or track airplay?   
The progdj list solves that problem.

The progdj list is the place to go in order to see  playlists  and  CD  
and  concert  reviews  by  DJs  of
progressive rock-friendly radio programs.    Anyone interested in seeing 
playlists can join.   There is NO
SPAM because I keep the spammers out before the members ever see any 
hint of it.

The progdj list is for DJs (obviously!) and band members, record label 
personnel, promoters, managers, and
anyone else interested in seeing what gets played on the air.   Need to 
find who is playing  prog  on  the
radio?  Go to the progdj list.

To  join,   go  to  http://groups.yahoo.com/group/progdj  and  click  
on  the  [Join  This  Group!]  link.
==========================================================================================================





 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
     http://groups.yahoo.com/group/progressivemusicforum/

<*> To unsubscribe from this group, send an email to:
     progressivemusicforum-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
     http://docs.yahoo.com/info/terms/

Attachment: pgp3QEHB04jea.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: [OT] Might this be a symptom of a virus/worm?
  - From: Roberto Sanchez <rcsanchez97@yahoo.es>
- Re: [OT] Might this be a symptom of a virus/worm?
  - From: "Karsten M. Self" <kmself@ix.netcom.com>

Prev by Date: Re: fax && xDSL
Next by Date: Linux 2.6 and modutils
Previous by thread: Re: Some errors at boot and shutdown.
Next by thread: Re: [OT] Might this be a symptom of a virus/worm?
Index(es):
- Date
- Thread