Looks like a windows virus. I got one this morning myself. http://www.sarc.com/avcenter/venc/data/w32.brid.a@;mm.html
Marc. On Thu, 2002-11-07 at 10:48, Joshua Andrews wrote: > Sorry, I know this is not Psyche specific but this is the most active list. > > I received an email, (virus packed no doubt), on 2 different mail > servers, 2 different domains; the message claims to come from root but > the relay IP is in SOA somewhere in China. I don't understand why > sendmail allowed it. > The e-mails had README.EXE embeded in them as a "*.wav" mime type. > > This is all that was in the maillog. > > Nov 7 00:35:08 mail sendmail[23448]: gA78Z5Y23448: > [EMAIL PROTECTED], size=156475, class=0, nrcpts=1, > msgid=<[EMAIL PROTECTED]>, proto=SMTP, > daemon=MTA, relay=[211.101.140.97] > Nov 7 00:35:09 mail sendmail[23449]: gA78Z5Y23448: > [EMAIL PROTECTED], [EMAIL PROTECTED] (0/0), > delay=00:00:03, xdelay=00:00:00, mailer=local, pri=216178, dsn=2.0.0, > stat=Sent > > Thanks, > Joshua > > > > > -- > Psyche-list mailing list > [EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/psyche-list
