[Samba] WARNING. You tried to send a potential virus or unauthorised code

Thomas Spuhler thomas at btspuhler.com
Fri Jan 30 04:28:34 GMT 2004 

I am amazed how many sysadmin still haven't gotten it. Viruses use fake
e-mail sender addresses and such messages need to be turned off in the
antivirus software. I know those free ads sent by the antivirus software
are nice for the vender but should be considered spam

Tom



On Mon, 2004-01-26 at 09:35, Joe Cipale wrote:
> "TIZIE, Francois" wrote:
> > 
> > I guess this email is sent to any subscriber.
> > As far as I am concerned, I have never sent anything, because until today I did not have any time to send responses or requests for help, etc.
> > Please do consider the content of your email which can sometimes be ambiguous.
> > 
> > 
> > 
> > Regards
> > 
> > François T.
> > SAP GLOBAL IT FRANCE
> > SAP Internal IT Support
> > 
> > T   +33 1 55 30 23 57 (internal 2357)
> > M   +33 6 03 53 03 95 (internal 62357)
> > F   +33 1 55 30 20 33
> > mailto:francois.tizie at sap.com
> > 
> > -----Original Message-----
> > From: samba-bounces+francois.tizie=sap.com at lists.samba.org [mailto:samba-bounces+francois.tizie=sap.com at lists.samba.org] On Behalf Of alert at notification.star.net.uk
> > Sent: mardi 27 janvier 2004 12:40
> > To: samba at samba.org
> > Subject: [Samba] WARNING. You tried to send a potential virus or unauthorised code
> > 
> > The Star Internet anti-virus service, powered by MessageLabs,
> > discovered a possible virus or unauthorised code (such as a joke
> > program or trojan) in an email sent by you.
> > 
> > This email has now been quarantined and was not delivered.
> > 
> > Please read this whole email carefully. It explains what has happened
> > to your email, which suspected virus has been caught, and what to do if
> > you need help.
> > 
> > To help identify the email:
> > 
> > The message sender was
> >     samba at samba.org
> > 
> > The message was titled 'Mail Delivery System'
> > The message date was Tue, 27 Jan 2004 11:40:06 +0000
> > The message recipients were
> >     paulh at harlequin.co.uk
> > 
> > The virus or unauthorised code identified in the email is: >>> W32/MyDoom.A in '569029_2X_PM4_EMS_MA-OCTET=2DSTREAM__readme.scr'
> > 
> > Some viruses forge the sender address.
> > 
> > The message was diverted into the virus holding pen on
> > mail server server-7.tower-1.messagelabs.com (id 569029_1075203607) and will be held for 30 days before being
> > destroyed.
> > 
> > For more information please visit
> > http://www.star.net.uk/Support/Faq/FAQ.asp
> > 
> > If you sent the email from a corporate network, please contact your IT
> > Helpdesk or Support Department for assistance. They will be able to
> > help you disinfect your workstation.
> > 
> > If you would like further information on how to subscribe to the Star
> > Internet anti-virus service, a proactive anti-virus service working
> > around the clock, around the globe, please complete our enquiry form
> > 
> > Star Internet is a business to business service provider. If you are a
> > home user you should contact your anti-virus software vendor or obtain
> > help from http://www.star.net.uk/Support/Faq/FAQ.asp
> > 
> > ________________________________________________________________________
> > This email has been scanned for all viruses by the MessageLabs Email
> > Security System. For more information on a proactive email security
> > service working around the clock, around the globe, visit
> > http://www.messagelabs.com
> > ________________________________________________________________________
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  http://lists.samba.org/mailman/listinfo/samba
> 
> My guess is that someone in the group is using a winblows machine (i.e.
> Outhouse Express) mail client. They have now become infected. The virus
> is accessing the address book and sending out spew-o-grams on a routine
> basis.
> If you look at the McAfee website, this virus that is making the rounds
> has the potential to create a 'backdoor' for hackers.
> 
> Joe Cipale
> -- 
> #----------------------------------------------------------#
> #                   Penguinix Consulting                   #
> #----------------------------------------------------------#
> #            Software development, QA and testing.         #
> #                Linux support and training.               #
> #                "Don't fear the penguin!"                 #
> #----------------------------------------------------------#
> # Registered Linux user: #309247     http://counter.li.org #
> #----------------------------------------------------------#

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040129/d60e9db8/attachment.bin

More information about the samba mailing list