SCOUG Logo


Next Meeting: Sat, TBD
Meeting Directions

Be a Member
Join SCOUG

Navigation:


Help with Searching

20 Most Recent Documents
Search Archives
Index by date, title, author, category.

Features:

Mr. Know-It-All
Ink
Download!




SCOUG:

Home

Email Lists

SIGs (Internet, General Interest, Programming, Network, more..)

Online Chats

Business

Past Presentations

Credits

Submissions

Contact SCOUG

Copyright SCOUG


warp expowest
Pictures from Sept. 1999
The views expressed in articles on this site are those of their authors.

warptech
SCOUG was there!

Copyright 1998-2025, Southern California OS/2 User Group. ALL RIGHTS RESERVED.

SCOUG, Warp Expo West, and Warpfest are trademarks of the Southern California OS/2 User Group. OS/2, Workplace Shell, and IBM are registered trademarks of International Business Machines Corporation. All other trademarks remain the property of their respective owners.

The Southern California OS/2 User Group
USA

SCOUG-General Mailing List Archives

Return to [ 16 | June | 2004 ]

Date: Wed, 16 Jun 2004 21:41:11 PDT7
From: Peter Skye <pskye@peterskye.com >
Reply-To: scoug-general@scoug.com
To: scoug-general@scoug.com, scoug-help@scoug.com, scoug-programming@scoug.com
Subject: SCOUG-General: How to block current virus message source on these lists

Content Type: text/plain

A second virus has come through the SCOUG mail server. This
one originated at the same ISP as the one last week and
apparently got through in the same way, to wit by spoofing
the "From:" header line so that the message appears to be
from a valid sender. (We don't have virus filtering on the
SCOUG mail server.)

Since the same ISP originated both messages, you may want to
filter this specific ISP out of your incoming email with an
ISP-specific filter. One such filter would be to check
each message's header "Received:" lines for the ISP's
identification string which is "prod-infinitum.com.mx".

For techies . . .

Following are the comparative message header lines for the
9Jun and 16Jun virus messages:

Received: from scoug.com (dup-200-95-122-102.prod-infinitum.com.mx
[200.95.122.102] )
Received: from scoug.com (dsl-201-128-236-146.prod-infinitum.com.mx
[201.128.236.146] )

Verifying the originating ISP's IP address . . .

[G:\]nslookup 200.95.122.102
Server: vnsc-pri.sys.gtei.net
Address: 4.2.2.1
Name: dup-200-95-122-102.prod-infinitum.com.mx
Address: 200.95.122.102

[G:\]nslookup 201.128.236.146
Server: vnsc-pri.sys.gtei.net
Address: 4.2.2.1
Name: dsl-201-128-236-146.prod-infinitum.com.mx
Address: 201.128.236.146

- Peter

=====================================================

To unsubscribe to this list, send an email message
to "steward@scoug.com". In the body of the message,
put the command "unsubscribe scoug-general".

For problems, contact the list owner at
"rollin@scoug.com".

=====================================================

Return to [ 16 | June | 2004 ]

The Southern California OS/2 User Group
P.O. Box 26904
Santa Ana, CA 92799-6904, USA

Copyright 2001 the Southern California OS/2 User Group. ALL RIGHTS RESERVED.

SCOUG, Warp Expo West, and Warpfest are trademarks of the Southern California OS/2 User Group. OS/2, Workplace Shell, and IBM are registered trademarks of International Business Machines Corporation. All other trademarks remain the property of their respective owners.