IT gurus: what is this?
09-04-2003 | 02:02 PM
#1
Thread Starter
Joined: Jun 2002
Posts: 2,463
Likes: 25
From: NorCal
IT gurus: what is this?
I used to work in IT but this one has me stumped. I received this email in my comcast.net inbox. starterbox.com is my registered domain at SBC. I have no email account named ilan@starterbox.com. Can someone tell me how I got to receive this email and how it was sent from a non-existent account. Should I be worried? Thanks!
---- email copied from my comcast account ----
From: Mail Delivery Subsystem <MAILER-DAEMON@akparti.org.tr> [ Save address ]
To: <teknikdestek@akparti.org.tr>
Subject: Warning: antivirus system report
Date: Thu, 04 Sep 2003 11:31:15 +0300
Warning: Virus '' detected. Message was rejected.
Message's header:
Received: from ANDROMEDA62 ([])
by mail.akparti.org.tr (Merak 6.0.7) with ESMTP id E1551810
for <teknikdestek@akparti.org.tr>; Thu, 04 Sep 2003 11:27:20 +0300
From: <ilan@starterbox.com>
To: <teknikdestek@akparti.org.tr>
Subject: Re: Wicked screensaver
Date: Thu, 4 Sep 2003 11:28:08 +0300
X-MailScanner: Found to be clean
Importance: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MSMail-Priority: Normal
X-Priority: 3 (Normal)
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="_NextPart_000_000A4F48"
The original message was received at Thu, 04 Sep 2003 11:31:15 +0300
The message was sent from: <ilan@starterbox.com>
--------------------------------------------------------------------------------
Attached Message
--------------------------------------------------------------------------------
From: <ilan@starterbox.com> [ Save Address ]
To: <teknikdestek@akparti.org.tr>
Subject: Re: Wicked screensaver
Date: Thu, 4 Sep 2003 11:28:08 +0300
---- email copied from my comcast account ----
From: Mail Delivery Subsystem <MAILER-DAEMON@akparti.org.tr> [ Save address ]
To: <teknikdestek@akparti.org.tr>
Subject: Warning: antivirus system report
Date: Thu, 04 Sep 2003 11:31:15 +0300
Warning: Virus '' detected. Message was rejected.
Message's header:
Received: from ANDROMEDA62 ([])
by mail.akparti.org.tr (Merak 6.0.7) with ESMTP id E1551810
for <teknikdestek@akparti.org.tr>; Thu, 04 Sep 2003 11:27:20 +0300
From: <ilan@starterbox.com>
To: <teknikdestek@akparti.org.tr>
Subject: Re: Wicked screensaver
Date: Thu, 4 Sep 2003 11:28:08 +0300
X-MailScanner: Found to be clean
Importance: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MSMail-Priority: Normal
X-Priority: 3 (Normal)
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="_NextPart_000_000A4F48"
The original message was received at Thu, 04 Sep 2003 11:31:15 +0300
The message was sent from: <ilan@starterbox.com>
--------------------------------------------------------------------------------
Attached Message
--------------------------------------------------------------------------------
From: <ilan@starterbox.com> [ Save Address ]
To: <teknikdestek@akparti.org.tr>
Subject: Re: Wicked screensaver
Date: Thu, 4 Sep 2003 11:28:08 +0300
09-04-2003 | 02:06 PM
#2
Registered User
Joined: Mar 2002
Posts: 1,457
Likes: 0
From: Zionsville
Just because you own the domain doesn't mean anything.
Sometimes viruses spoof people's Address Books, then attach it's name to that address. This virus was sent to me a bunch from a bunch of seemingly legit email accounts.
Sometimes viruses spoof people's Address Books, then attach it's name to that address. This virus was sent to me a bunch from a bunch of seemingly legit email accounts.
09-04-2003 | 02:37 PM
#3
Registered User
Joined: Dec 2002
Posts: 1,505
Likes: 0
From: Austin
check out the logs for that server to make sure someone isn't using your server to mail stuff. If you aren't using it, disable sendmail as it is known to have lots of security holes allowing people to exploit your server for spam.
09-04-2003 | 03:39 PM
#5
Former Moderator
Joined: Oct 2000
Posts: 20,448
Likes: 0
From: internet
someone prolly forged a virus email using your addy. when the intended victim's server bounced the msg it goes back to you because ppl who write email virus protection systems are too 
ing stupid to detect forged headers, and waste bandwidth and risk further virus spreading by sending back the whole viral payload.
ing stupid to detect forged headers, and waste bandwidth and risk further virus spreading by sending back the whole viral payload.
Thread
Thread Starter
Forum
Replies
Last Post