[98328] in North American Network Operators' Group
RE: Gwd: crypted document
daemon@ATHENA.MIT.EDU (Jason J. W. Williams)
Thu Aug 2 23:13:44 2007
Date: Thu, 2 Aug 2007 20:51:10 -0600
In-Reply-To: <20070803022228.GB793805@hiwaay.net>
From: "Jason J. W. Williams" <williamsjj@digitar.com>
To: "Chris Adams" <cmadams@hiwaay.net>, <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
Hi Guys,
It seems to me a lot of virus scanners picked up this behavior in the
days of the "I Love You" and Melissa viruses, when virii tended to
infect documents rather than be self-propagating worms. We haven't lived
in a world where its likely a legitimate sender is unwittingly sending
infected documents for awhile. It'd be nice if the AV/MTA vendors would
take this feature out, or AV the message before they accept the DATA
section and leave it to the sending mail server to bounce it.
-J
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of
Chris Adams
Sent: Thursday, August 02, 2007 8:22 PM
To: nanog@merit.edu
Subject: Re: Gwd: crypted document
Once upon a time, Hex Star <hexstar@gmail.com> said:
> Why would someone in the ISP industry try to spread a virus?
Ironically I
> suppose a ISP admin may have their own computer infected... :P
Why would someone assume that the sender in a virus email is valid?
Also, I want to thank all those with auto-responders that respond to
list email for letting me know about this message to NANOG.
--=20
Chris Adams <cmadams@hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
!SIG:46b294c9156537812920785!
