[ale] Virus and email header question
John Clark
shogun at 12ftguru.com
Sat May 1 11:04:01 EDT 2004
I have been getting repeated virus emails from, ostensibly from one of my
customers. The kicker is, she's a mac user and the viruses being sent are
of the PC variety. Given that I use Macs and Linux I am not terribly
troubled about the virus part.
However, two things concern me. First, the subject lines are all in
regards to site updates. This could mean that they have simply done their
homework and know that I host a site for her. The other thing is the headers:
------------------ RFC822 Header Follows ------------------
Return-Path: <cvaleallen at earthlink.net>
Delivered-To: 8-shogun at 12ftguru.com
Received: (qmail 475 invoked from network); 1 May 2004 13:13:21 -0000
Received: from node-c-0aaa.a2000.nl (HELO f3f9i9.net) (62.194.10.170)
by server1.jimmyether.com with SMTP; 1 May 2004 13:13:21 -0000
Date: Sat, 01 May 2004 14:12:25 +0100
To: "Shogun" <shogun at 12ftguru.com>
From: "Cvaleallen" <cvaleallen at earthlink.net>
Subject: New changes
Message-ID: <aniaydeskbfpuqtvssn at 12ftguru.com>
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="--------xjrwavboogldmvoysdxf"
-----------------------------------------------------------
If I read this correctly, it's being generated and sent from my server.
Currently the server is set to send mail only with a password and a full
email address. Can someone point me in the right direction to figure out
what is wrong and close whatever access is being used?
Thanks,
John Clark
shogun at 12ftguru.com
More information about the Ale
mailing list