[ale] Klez question
Irv Mullins
irvm at ellijay.com
Tue Aug 6 09:43:27 EDT 2002
On Monday 05 August 2002 04:35 pm, you wrote:
> On Mon, 2002-08-05 at 11:51, Irv Mullins wrote:
> > I've been getting lots of Klez e-mails.
> > I realize that the from: is always forged. However, several of
> > the e-mails have something in common (aside from being
> > sent by Outlook Express;) -
>
> The return-path is the real sender of Klez mails.
Thanks. What puzzled me was that I have four virus mails,
from 4 different persons, according to the return-path, but all
4 contain a line
X-Apparently-From: xxx at aol.com
where xxx is the real name of an actual person.
That person has a very unusual name (probably only
one in the US) - and - has corresponded with us via e-mail
previously. None of the four named in the return-paths have
ever had reason to contact us, therefore would be unlikely to
have our address in their addressbooks. That is what makes
me suspicious that the return-path may also be forged, and
that the real source is xxx.
Any thoughts?
Thanks,
Irv
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list