[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [afnog] Anyone know computer at immigration.go.ke ?
- To: "Brian Candler" <B.Candler at pobox.com>, <afnog at afnog.org>
- Subject: RE: [afnog] Anyone know computer at immigration.go.ke ?
- From: "Mwadzala David" <mwadzala at swiftkenya.com>
- Date: Tue, 15 Jul 2003 11:10:35 +0300
- Content-Transfer-Encoding: 7bit
- Content-Type: text/plain;charset="Windows-1252"
- Delivered-To: afnog-archive at lists.eahd.or.ug
- Delivered-To: afnog at afnog.org
- Importance: Normal
- In-Reply-To: <20030715073505.GA85059 at uk.tiscali.com>
- List-Archive: <http://listserv4.cfi.co.ug/pipermail/afnog>
- List-Help: <mailto:afnog-request at afnog.org?subject=help>
- List-Id: The African Network Operators Group <afnog.afnog.org>
- List-Post: <mailto:afnog at afnog.org>
- List-Subscribe: <http://listserv4.cfi.co.ug/mailman/listinfo/afnog>,<mailto:afnog-request at afnog.org?subject=subscribe>
- List-Unsubscribe: <http://listserv4.cfi.co.ug/mailman/listinfo/afnog>,<mailto:afnog-request at afnog.org?subject=unsubscribe>
- Sender: afnog-bounces at afnog.org
This happens to be one of my clients on dial-up and (running Mdaemon mail
server) and they forward all their outgoing mail to one of my servers.
I will ensure that their server is secured ASAP.
Thanks for the info.
-----Original Message-----
From: afnog-bounces at afnog.org [mailto:afnog-bounces at afnog.org]On Behalf
Of Brian Candler
Sent: Tuesday, July 15, 2003 10:35 AM
To: afnog at afnog.org
Subject: [afnog] Anyone know computer at immigration.go.ke ?
I am getting spammed by 'computer at immigration.go.ke' (I think this E-mail
address is correct, the messages are being relayed via
smtpout.swiftkenya.com [80.240.192.5])
Basically they keep E-mailing me snippets of afnog with a 140K virus
attached, over and over again.
I've tried E-mailing them, and E-mailing their ISP, to no effect. Does
anyone have any contact that could sort it?
Thanks,
Brian.
----- Forwarded message from computer <computer at immigration.go.ke> -----
Return-path: <computer at immigration.go.ke>
Envelope-to: brian at localhost
Delivery-date: Tue, 15 Jul 2003 08:30:48 +0100
Received: from localhost ([127.0.0.1])
by vaio.linnet.org with esmtp (Exim 4.20)
id 19cKGs-000M7K-O2
for brian at localhost; Tue, 15 Jul 2003 10:30:46 +0300
Received: from pop3.linnet.org
by localhost with POP3 (fetchmail-6.2.0)
for brian at localhost (single-drop); Tue, 15 Jul 2003 08:30:46 +0100 (BST)
Received: from [216.65.124.72] (helo=orb.pobox.com)
by mk-mx-1.b2b.uk.tiscali.com with esmtp (Exim 4.12)
id 19cJxE-000LxN-00
for brian at linnet.org; Tue, 15 Jul 2003 08:10:29 +0100
Received: from orb.pobox.com (localhost [127.0.0.1])
by orb.pobox.com (Postfix) with ESMTP id 047B115622B
for <brian at linnet.org>; Tue, 15 Jul 2003 03:10:28 -0400 (EDT)
Delivered-To: b.candler at pobox.com
Received: from smtpout.swiftkenya.com (smtpout.swiftkenya.com
[80.240.192.5])
by orb.pobox.com (Postfix) with ESMTP id B42A31563A7
for <B.Candler at pobox.com>; Tue, 15 Jul 2003 03:10:18 -0400 (EDT)
Received: from immigration.go.ke (unknown [80.240.201.99])
by smtpout.swiftkenya.com (Postfix) with ESMTP id 7A4AE3018D
for <B.Candler at pobox.com>; Tue, 15 Jul 2003 10:03:57 +0300 (EAT)
Received: from WEBSERVER [192.168.1.145]
by immigration.go.ke [192.168.1.145]
with SMTP (MDaemon.PRO.v5.0.5.R)
for <B.Candler at pobox.com>; Tue, 15 Jul 2003 07:48:28 -0500
Message-ID: <002c01c34acf$632a2d20$9101a8c0 at WEBSERVER>
From: "computer" <computer at immigration.go.ke>
To: <B.Candler at pobox.com>
Subject: Re: Re: [afnog] VIrus
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_000F_01C34AA5.76934C90"
X-Mailer: Microsoft Outlook Express 5.00.2919.6700
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
X-MDRemoteIP: 192.168.1.145
X-Return-Path: computer at immigration.go.ke
X-MDaemon-Deliver-To: B.Candler at pobox.com
Date: Tue, 15 Jul 2003 10:03:57 +0300 (EAT)
Lines: 1931
'Brian Candler' wrote:
====
> On Wed, Jul 09, 2003 at 08:11:31PM +0000, Antonio Godinho wrote:
> > I wouldn?t know about OE since I don?t use it and never will.
>
> Quite. But the person who sent it to you probably didn't do so
maliciously;
> it was probably just the virus itself in action, which would have
exploited
> a bug in Outlook or OE to get itself mailed out.
>
> If you want to know who sent it, you look at the headers as received at
your
> end, to find the source IP address.
>
> Regard ...'
====
pobox.com account auto-reply:
If you can keep your head when all about you
Are losing theirs and blaming it on you;
If you can trust yourself when all men doubt you,
But make allowance for their doubting too;
If you can wait and not be tired by waiting,
Or, being lied about,don't deal in lies,
Or, being hated, don't give way to hating,
And yet don't look too good, nor talk too wise;
... ... more look to the attachment.
> Get your FREE pobox.com account now! <
----- End forwarded message -----
Snip attachment:
A 2 Deutsch BloodPatch!.exe [applica/x-msdownlo, base64,
141K]
_______________________________________________
This is the afnog mailing list.
To send a message to this list, e-mail afnog at afnog.org
This list is maintained by owner-afnog at afnog.org
_______________________________________________
This is the afnog mailing list.
To send a message to this list, e-mail afnog at afnog.org
This list is maintained by owner-afnog at afnog.org