[ale] question about sobig

[John Marasco]

Selected quote about the SoBIG virus...

But even those who werenÂ’t directly infected with the virus were 
struggling with it. When it replicates, the virus “spoofs” the sending 
e-mail address. That means the “From:” line is faked, selected from a 
list of e-mail addresses culled off the Internet. Users unlucky enough 
to be used in SoBig’s “From” line can get hundreds of SoBig-related 
complaints, including automated bounce messages saying the virus didnÂ’t 
reach its recipient, or irate messages from recipients who think theyÂ’ve 
been sent a computer virus.

John Wells wrote:

>This morning, my inbox was filled with sobig.  I expected that.  However,
>I found a number of supposedly returned mail carrying sobig that appeared
>to have been originally sent from my wife's and my email addresses.
>
>I assume, since I run linux exclusively and my wife only emails through
>squirrel mail, that this means someone out there that has received mail
>from us is infected and the worm is trying to send out with our email
>addresses as source address, which then get bounced by certain smart
>servers back to us.  Is this a good assumption?
>
>Is there any way to track down an infected box?
>
>Thanks for the input.
>
>John
>
>
>
>_______________________________________________
>Ale mailing list
>Ale at ale.org
>http://www.ale.org/mailman/listinfo/ale
>
>  
>

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale