Welcome Guest!
 Grapevine
 Previous Message All Messages Next Message 
Re: malware email - Sobig  ia-@iankingston.com
 Oct 23, 2003 23:36 PDT 

jsampson+indexes wrote:

 The ones coming here have all had '.zlo' file endings. I don't know what
legitimate application uses/produces files with that ending. If I had a
filter that zapped email with '.zlo' attachments I would have my answer.

But in any case, when would a legitimate 'bounce' notification have an
attachment?

Because the clueless admin of the system generating the bounce has it
set up that way. Sobig's propagation was considerably aided by this
piece of stupidity, as the bounced messages went to the forged 'From'
addresses, resulting in Sobig being sent to even more people.

--
|| Ian Kingston: Editing and Typesetting ||
|| ia-@iankingston.com                    ||
 Previous Message All Messages Next Message 
  Check It Out!

  Topica Channels
 Best of Topica
 Art & Design
 Books, Movies & TV
 Developers
 Food & Drink
 Health & Fitness
 Internet
 Music
 News & Information
 Personal Finance
 Personal Technology
 Small Business
 Software
 Sports
 Travel & Leisure
 Women & Family

  Start Your Own List!
Email lists are great for debating issues or publishing your views.
Start a List Today!

© 2001 Topica Inc. TFMB
Concerned about privacy? Topica is TrustE certified.
See our Privacy Policy.