lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <OF638322D1.9A5C194F-ON48256E61.0020CF8D@int.csc.com.au> From: tcleary2 at csc.com.au (tcleary2@....com.au) Subject: viruses being sent to this list John Sage said: >What does this tell us? Virii are getting out via the list; whether >they are being transmitted inadvertently or deliberately is still open >to question... .....and on that very topic, I'm getting bounces where the headers seem valid, containing old posts of mine to FD from the mailer-daemons of very reputable sources, containing virus scanner responses ( and viruses ) that get caught by our scanners. It seems that either: a) A worm is sending mails as if from an FD poster and as if the headers were from the list, using valid addresses and valid/spoofed received headers from old emails found on cracked machines. or b) The worms are being forwarded via the list with apparently valid subscriber details, as should be happening for an unmoderated list. I vote the list is not responsible. I say this because my email address is not subscribed to FD. Ergo, the list can't have sent the messages I'm getting responses to, unless the moderator has been sending out my old posts, again. I think this is conclusive? Regards, tom. ---------------------------------------------------------------------------------------- "In IT, acceptable solutions depend upon humans - Computers don't negotiate." ---------------------------------------------------------------------------------------- This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. ----------------------------------------------------------------------------------------
Powered by blists - more mailing lists