| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <013a01c36790$e480e570$8f04d882@bzdrnja> From: Bojan.Zdrnja at LSS.hr (Bojan Zdrnja) Subject: SoBig.F strange problem > -----Original Message----- > From: full-disclosure-admin@...ts.netsys.com > [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of > Steve Bremer > Sent: Thursday, 21 August 2003 1:10 a.m. > To: full-disclosure@...ts.netsys.com > Subject: RE: [Full-Disclosure] SoBig.F strange problem > > > > line). But it seems to be broken in other areas, I think I'm getting > > We've noticed a few problems with it as well. We've received a few e- > mails with one of the typical Sobig subject lines, only no > attachment. The attachment headers are in the e-mail, so our MUA > thinks there is an attachment, but there is just no "body" to the > attachment. > > Either there are a few broken variants out there sending out e-mail > without the payload, or something in-between us and the sender is > stripping out the attachment. It isn't our AV system, since it would > quarantine the entire message. > > Has anyone else experienced this? I can confirm this. I can see same thing here, but only a small number of e-mails. I believe something in-between me and the sender is stripping out attachments, as you said, but incorrectly so we're receiving those messages without the attachment. I probably don't have to mention specially all those MTA's which are sending notifications back to (faked) senders. OTOH, e-mail system stopped ~30.000 Sobig.F viruses in last 12 hours - it's not bad. Regards, Bojan Zdrnja
Powered by blists - more mailing lists