[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]
Bryan Stansell bryan@conserver.com
Wed, 3 Mar 2004 07:09:07 -0800 (PST)
Someone at lucent.com (apparently) has a virus and/or crafted an email from staff@conserver.com and posted it to announce@conserver.com. Either they planned it, or the virus got lucky and used my email address as the envelope sender, which got through mailman. For some bizarre reason, I didn't think of the ability to forge local addresses from a remote account...apparently simple sendmail configurations allow that. Forging email isn't hard, and you can't help but accept most email, but this is something that shouldn't happen in my environment. I've locked down sendmail so that this shouldn't happen again. Sorry for spreading this garbage to all your mailboxes, and please don't open that thing on a windows box...if it isn't a virus, it's probably some other bad/stupid thing. Bryan