Guest guest Posted August 1, 2002 Report Share Posted August 1, 2002 I had an email which had an attachment that contained a virus. Ive got norton antivirus and I checked email before I opened it and it contained a virus, I deleted it straight away and im going to check my pc for virus's asap. > > Here is a reply which I received regarding the bogus message from > Yahoo > > > > Ora > > > > > Yahoo *did* send that message. Someone else (or a Klez > infected user) > > > sent an > > > email unsubscribe request with your subscriber's email > address in the > > > From field > > > so Yahoo sent back a confirmation to that address in the From > field. > > > Since your > > > subscriber didn't really ask to unsub, she should simply > ignore it and > > > she'll remain a member of your group. > > > > > This was most likely Klez infected computer owned by someone > who's a > > > member of > > > the same group and has a message from your subscriber to the > group in > > > their > > > mailbox. Klez picks up random email addresses for both the > To and From > > > addresses when sending itself out. So the infected user had > a post from > > > your > > > subscriber and Klez picked up her address and put it in the > From field. > > > Then > > > Klez picked up the unsubscribe address which is in every > message from a > > > group > > > and put that in the To field and sent itself off. Yahoo > ignored the > > > infected > > > attachment and sent back a confirmation to your subscriber. > > > > > > Yahoo does these confirmations both for sub and unsub requests > > > specifically to > > > avoid forged sub and unsub requests. Spammers and trolls > used to > > > maliciously > > > sign people up by email to hundreds of groups which then > flooded those > > > people's > > > mailboxes with messages. So Yahoo (well, it was eGroups > actually, > > > before Yahoo > > > bought them) instituted the confirmation process to stop that. > > > > > > Every message from a group has the -unsubscribe address and > the -owner > > > address > > > in the headers which Klez is able to pick up. In addition > some groups > > > put > > > the -unsubscribe address in their list footer and Klez is > able to pick > > >. that up > > > too. > > > > > All your subscriber can do is simply delete the unsub > confirmation and > > > delete any others that might happen to show up. You might > want to post > > > a warning to your list about Klez, explaining how it forges > the To and > > > From headers, many people don't know that and mistakenly > blame the > > > person in the > > > From field for sending them viruses. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You are posting as a guest. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.