sobig.f virus also sending to message id addresses
mark david mcCreary
mdm at INTERNET-TOOLS.COM
Sat Aug 23 00:53:56 IST 2003
For what's it worth.
I can see lots of sobig.f virus coming to the email address that was
in an outgoing message-id. In my case these are email messages from
a mailing list, sent to multiple recipients. That is, not only is
sobig.f scanning address books, but also the in-box of emails, for
anything that looks like an email address.
In my case these message id's always start with a constant, and I
have tweaked Exim 4 to drop connections to these receipient
addresses. That helps keep the load off the machine as I do not have
to scan those messages for virus.
mark
More information about the MailScanner
mailing list