On Sat, Sep 20, 2003 at 06:49:18PM -0700, Bill Moseley wrote: > I'm curious why I'm getting so many of these viruses sent to me. On > various technical lists I've read of lots of people that are getting > hammered by the mail, too. > > From the descriptions I've read of W32/[EMAIL PROTECTED] it mails itself to > "recipients extracted from the victim machine", yet I'm seeing so many > of these to my personal email address alone that I can't believe my > address is listed on that many machines. Today I got about 300 alone > send to just one address. Other's I've talked with about this (non-geek > internet users) are not seeing so much of the virus, if at all. > > The viruses are all coming from Windows machines, right? It just seems > odd that my address would be on that many (cluelessly-run) Windows > machines considering what lists I'm on. > > I'm also not on IRC or any of the other ways for it to spread. > > Anyone getting hit hard by this and understand why?
Well, here's my shaky hypothesis... Two observations: 1) Googling for my email address reveals that most of the spammers who spam me must be harvesting it from this list or one or two other Linux lists. 2) Since swen started up, I've been deleting a few hundred 150k mails a day from the POP3 server; of those that are still downloaded, spambayes is dropping about the same number of mails in my spambox as usual, but instead of being mostly Nigerian scams and penis enlargement ads (and why send such a thing to a pigeon? :-) ) they're now mostly the virally-generated spurious "bounce" messages. Since "wanted" email both in and out seems to be working perfectly normally, I don't think the volume of swens has swamped the servers and stopped the "ordinary" spam getting through. But, maybe, swen has hit - or even was targeted at - the spammers, and their boxes are sending out 150k mails so fast that they can't get any bandwidth to download removal tools...? Which would be kind of amusing, if it's true. -- Pigeon Be kind to pigeons Get my GPG key here: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x21C61F7F
pgp00000.pgp
Description: PGP signature
