[SGVLUG] I'm being attacked by an email flood from kernel.org
Emerson, Tom
Tom.Emerson at wbconsultant.com
Mon Apr 17 12:04:57 PDT 2006
> -----Original Message-----
> K. Zachary Abbott
>
> The easiest explanation:
>
> there is a computer somewhere (likely a Windows box, but
> not necessarily) that is infected by a computer virus.
> That infected computer has your email address somewhere ...
> The virus is for whatever reason targeting kernel.org ...
Actually, "targeting" may be too harsh of a word -- it may simply be
that the virus is attempting to replicate itself to /every address/ it
found on the infected system -AND- is "spoofing" the return address as
/some other address/ found on that system. In short, David needs to
find someone with an infected system that has both his e-mail AND the
kernel.org end-user management e-mail address.
Since David indicated he is getting these as fast as "a few seconds
apart", it may be that the infected system has a very short list of
"addressses" found upon it, thus increasing the likelyhood that his is
the resulting "source" address. Question for David: are you also
getting spam or viral messages from random sources with similar "random
strings" as what the list software is claiming you sent "as a command"?
Bearing in mind that "all" of those return addresses will be spoofed,
you *might* be able to narrow things down to someone *you* know who
would likely have your address, the kernel.org address, and the "other"
addresses stored on their system [and uses windows...]
Sad but true, what the list reflector software needs is spam/virus
checking on input to ignore these attacks.
More information about the SGVLUG
mailing list