GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Getting tons of myDoom.L e-mails from 69.164.181.182 - any blackhat/whitehats online? (https://gfy.com/showthread.php?t=408130)

fusionx 12-25-2004 10:21 AM
Getting tons of myDoom.L e-mails from 69.164.181.182 - any blackhat/whitehats online?
 
Someone is sending me a lot of e-mails with the W32.Mydoom.L@mm virus.

They are coming from a number of IP addresses on different networks, but one originating IP comes up over and over: 69.164.181.182. First one was sent on December 20th, latest one 11:18 am this morning.

It resolves to adelphia.net in Coudersport, PA - I've written to their abuse address with the message headers, etc.

I know a person who lives in PA who doesn't appreciate me very much right now.

Is there anything else I can do? I'm well protected - Norton catches them all without trouble, and I have other software running as well. I ran the myDoom fix just to be sure - no problems.

--- message source ---
Return-path: <[email protected]>
Envelope-to: [email protected]
Delivery-date: Sat, 25 Dec 2004 11:16:05 -0500
Received: from [69.164.181.182] (helo=primanudes.com)
by tampa3.westcoasthost.com with esmtp (Exim 4.43)
id 1CiEaJ-0007cc-NY
for [email protected]; Sat, 25 Dec 2004 11:16:04 -0500
From: "Bounced mail" <[email protected]>
To: [email protected]
Subject: Returned mail: see transcript for details
Date: Sat, 25 Dec 2004 11:18:04 -0500
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0004_1F4E43A6.0495266B"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000

This is a multi-part message in MIME format.

------=_NextPart_000_0004_1F4E43A6.0495266B
Content-Type: text/plain;
charset=us-ascii
Content-Transfer-Encoding: 7bit

:: binary content garbage removed ::


------=_NextPart_000_0004_1F4E43A6.0495266B
Content-Type: plain/text;
name="Norton AntiVirus Deleted1.txt"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="Norton AntiVirus Deleted1.txt"

:: content removed ::

------=_NextPart_000_0004_1F4E43A6.0495266B--

Dirty F 12-25-2004 11:41 AM
Relax. that guy most likely doesnt even know hes infected. He has your email in his internet cache.

nofx 12-25-2004 11:43 AM
sorry, i'm just a bluehat :(

fusionx 12-25-2004 12:20 PM
Quote:
Originally Posted by Battuss
Relax. that guy most likely doesnt even know hes infected. He has your email in his internet cache.
Hiya Battus - thanks. It's just getting annoying to have Norton pop up all the time..

Maybe Adelphia will help him out. Or fry him if it's intentional :)

RawAlex 12-25-2004 12:41 PM
Umm, how about just adding a rule to your mail that deletes all mail with attachments? Your virus count will drop about 99% when you do that.

Nobody should mail you attachments in this business anyway, we all have servers, anything we want to share can be uploaded and downloaded like that.

You might also want to remove your email address from your pages. That will certainly slow down your barrage of shit mail.

Alex

fusionx 12-25-2004 01:52 PM
Quote:
Originally Posted by RawAlex
Umm, how about just adding a rule to your mail that deletes all mail with attachments? Your virus count will drop about 99% when you do that.

Alex
Norton anti-virus sees the e-mails first. It will still trigger the response.

Dirty F 12-25-2004 02:55 PM
Quote:
Originally Posted by fusionx
Norton anti-virus sees the e-mails first. It will still trigger the response.

Select "delete from server" then it should delete the mail before you download it.

Dirty F 12-25-2004 02:56 PM
Anyway it will stop eventually. Most likely when this guy cleans his cache.


All times are GMT -7. The time now is 08:09 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123