Speaking of viruses

[Chickpea]

Speaking of viruses (from another post ) I just want to be absolutely clear, as I am pretty sure I know what the answer is.

If a virus is targeted at a vunerability in Windows, does this mean only windows machines are affected? I would not be able to send it from my linux email client right?

I have been getting return emails from people I have never heard of saying that my email could not be received because some virus was attached to it.

I know it is one of F**king! Windows (or should I say loser ) user friend but I have no idea who....

This wouldnt be so bad if the messages were actually coming from my computer I could fix it on my end

But now I have these emails going out to people I dont now and I have not a clue how many are being sent

I am so F**KING PISSED OFF!!

Okay, thanks for letting me vent

[paranode]

Actually it's probably the Sobig.F worm. Someone who has your contact probably has it because it can spoof addresses from their contact list. Therefore you get the virus warnings. Read the full headers and find out what IP address it's really coming from (well...possibly).
_________________
Meh.

[masseya]

paranode is probably right, but I would like to expand on this topic. You can send windows viruses with a linux email client. Generally, this has to be done manually and on purpose. For example, if you got an email that you didn't recognize or understand (which contains a virus) and you sent it to a windows-using friend asking them what they thought then they could be infected.

However, as paranode said, it was probably spoofed. Email is very, very easy to forge and I highly recommend using an authentication method such as GNUPG or PGP. Make sure your friends know what that means and are able to at least understand it.

Moving from Off The Wall.
_________________
if i never try anything, i never learn anything..
if i never take a risk, i stay where i am..

[Chickpea]

Yea, I know (figured) it was spoofed because it is the wrong email address or at least an old version of a current email address.

My main problem is I dont know who sent it or where it was sent from. The headers really have not given me that much info.

I do believe it is the Sobig.F (paranode, how did you know?)

It is still irritating.

[Black]

I had the same thing (bounced messages) in my inbox this evening, but looking at the headers do reveal some information:

[Chickpea]

I noticed quite a few of mine came from AOL and I dont know anyone on AOL. but none the less my email is on someones contact list and it is being sent out.

The ip source address is similar 64.12.138.5 or something like that.

I am on a fvwm mailing list and that list also got a bounced email.

Driving me crazy

C

[slartibartfasz]

this sounds definitely like sobig.f

another thread with some informative links is here

u need not be in an adress book necessarily to get flodded - the worm also reads html and browses it for mail adresses. and yes it spoofes the adress - quite annoying
_________________
To an engineer the glass is neither half full, nor half empty - it is just twice as big as it needs to be.

[viperlin]

i have received 8 since 6:30 am (9:15am at time of writing, last one received was at 9:26am)

i have a "Spam&Viri" folder and keep all of the viri i get in there , dunno why, but then again some people collect stamps, so go say "why" at them.

EDIT: amount and time.last received, won't do this again

[To]

Had one email too, i thought it was kinda strange. Thanx for the info on that sobig.f worm.

Tó
_________________

------------------------------------------------
Linux Gandalf 3.2.35-grsec
Gentoo Base System version 2.2
------------------------------------------------