.com.unity Forums
Page 2 of 2 1 2
Show 50 post(s) from this thread on one page

.com.unity Forums (http://forum.shrapnelgames.com/index.php)
-   Space Empires: IV & V (http://forum.shrapnelgames.com/forumdisplay.php?f=20)
-   -   OT: W32.Swen.A@mm (http://forum.shrapnelgames.com/showthread.php?t=10715)

Kirok November 24th, 2003 02:43 AM
Re: OT: W32.Swen.A@mm
 
As this particular worm just uses your basic email forgery examine the headers for a line begining X-From: and the address after that is the address of where the email came from.

I'm now flooded with these things after someone picked up my email address from a Usenet group

EDIT: See the below headers for an example and also if you dont want to contact the person directly contact the ISP with the message ID

X-UIDL: 1069597232.H632161P27369.imailg2.svr.pol.co.uk
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-From_: sales@thingsgraphics.com Sun Nov 23 14:20:32 2003
Return-path: <sales@thingsgraphics.com>
Envelope-to: kris@kirok.fsnet.co.uk
Delivery-date: Sun, 23 Nov 2003 14:20:32 +0000
Received: from [65.220.84.2] (helo=mail.webgeneral.com)
by imailg2.svr.pol.co.uk with esmtp (Exim 4.14)
id 1ANv5g-0006T2-DC
for kris@kirok.fsnet.co.uk; Sun, 23 Nov 2003 14:19:56 +0000
Received: from bkakl [138.88.19.242] by mail.webgeneral.com
(SMTPD32-7.15) id A63329E901FA; Sun, 23 Nov 2003 08:29:23 -0500
FROM: "MS Network Security Center" <yoxfuwtbsvn@news.com>
TO: " " <elzbesy.topegvvapq@news.com>
SUBJECT: New Net Security Update
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="ymxuezhhziklftgay"
Message-Id: <200311230830437.SM00361@bkakl>
Date: Sun, 23 Nov 2003 09:17:33 -0500

[ November 24, 2003, 00:50: Message edited by: Kirok ]


All times are GMT -4. The time now is 02:01 PM.
Page 2 of 2 1 2
Show 50 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Copyright ©1999 - 2025, Shrapnel Games, Inc. - All Rights Reserved.