|Posted on Tuesday, September 3, 2002 - 1:16 am: |
You can take the complete headers, and find the IP of origin.
Look that up on ARIN, and contact the owner (the ISP that is.)
Using the timestamp from your headers, you can have them determine, if they have the logs and the time, who it was that was connected at that time and IP, and they can then attempt to contact their user and get them to clean their machine.
Or you could have a drink.
|Posted on Wednesday, August 28, 2002 - 8:38 pm: |
Damn...Klez-e is still out there? I get phantom emails with stolen names a lot on one of my addresses.
They all contain .ZIP files with a message that is written in English with a foreign dialect. It is easy to spot as the sentences are grammatically incorrect.
So, when emailing the ISP with abuse questions, they state that the email is a stolen name...can't get rid of it.
|Posted on Wednesday, August 28, 2002 - 3:36 pm: |
I just got an email with a Klez32-infected attachment with the return address of someone on the forum. The person who was listed as the sender isn't infected, so it means that the virus came from sombody who has both of us in his/her address book. Thus, it is likely a forum member. Check your system for viruses, especially if you are running Microsoft Outlook.