[Gllug] Need spam tracking advice - possible rootkit
John Winters
john at sinodun.org.uk
Sun Dec 18 13:13:36 UTC 2005
On Sun, 2005-12-18 at 12:43 +0000, Branden Faulls wrote:
> In the last 2 days I've been getting bulk message bounces from an
> Irish domain that are rejecting mail purported to be coming from my
> domain. Normally I disregard these, figuring that they are purely
> phishing attacks.
>
> This particular bounce message, however, contains a list of recipients
> that match my wife's address book, or email sending habits. I'm
> trying to track where the weak spot may be in the network/email setup.
>
> Can anyone suggest a possible cause of this.
Has your wife ever sent any bulk messages to all her friends and put all
the recipients in the "To:" field of the e-mail (instead of where she
should have put them, in the "Bcc:" field? If so it only takes one of
the recipients to be using ShitHouse Express and you're FUBARed.
John
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list