|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
(OT & not) Virus patterns
From: SysAdmin (postlist
softi.com)
Date: Thu Sep 25 2003 - 02:35:02 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
So, I've been pretty successful not being impacted by the flood of viruses
that has affected everyone on this list. I owe a lot of that "not being
affected" to the helpful suggestions offered by a number of people here
that helped me configure some useful blocking strategies. So, thanks to all...
BUT, over the last couple of days, I've noticed that - of the two public
hosts I maintain - only one was getting hammered by this Microsoft update
virus (like a 70:1 ratio). That got me curious, so I started looking at the
logs in a little more detail.
After careful inspection, I found out that all of the virus emails to that
host are to the address used to receive mail from this list (the address
above). Note: this is a special alias and the ONLY place it has been used
is for email to and from this list. In fact, in the last week, the number
of those virus emails sent to all the other addresses I have (which include
special aliases for each list I'm on) totals 3. All the rest (hundreds)
came to this address.
What does this mean? I'm not sure, but there was a thread a while back
about getting spam to their postfix-users email address. This certainly
fits with that...
I know lots of people on this list have been hit harder than I have, but
maybe there's some explanation as to the source. I thought it was worth
sharing...
Stephan
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]