cocoon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Craig McClanahan <craig...@apache.org>
Subject Re: Email account utilization warning.
Date Wed, 31 Mar 2004 17:53:34 GMT
Tony Collen wrote:

> Stefano Mazzocchi wrote:
>
>> management@apache.org wrote:
>>
>>> Dear user of Apache.org,
>>>
>>> Your e-mail  account will  be disabled because of improper  using 
>>> in  next
>>> three days, if you are still wishing to  use it, please, resign your
>>> account information.
>>>
>>> For further details see  the attach.
>>>
>>> For security  reasons  attached file is  password protected. The 
>>> password is "04168".
>>>
>>> The Management,
>>>     The Apache.org team                                
>>> http://www.apache.org
>>
>>
>>
>> How did this get here?
>>
>
> Some virus infected person, probably.  I get spoofed virus emails 
> which appear to come from @apache.org a lot, most of the return 
> addresses are people on the cocoon lists, which means someone on the 
> lists is infected and doesn't know it.
>
> We should really track this down.
>
Unfortunately, it's not quite that easy.

There's no guarantee that it's really a subscriber to the cocoon lists 
that is infected ... it could be anyone who has the email address of a 
cocoon list subscriber visible for harvesting by the virus.  Basically, 
you just have to assume that the "From" address on any email is 
potentially a myth ... unfortunately, that's what mailing lists use to 
authenticate subscribers, and what naive users use to validate the 
source of a message.

> Tony

Craig McClanahan


Mime
View raw message