Brownlist
I'd like to see an IP blacklist of machines with stupid antivirus software that replies to viruses with forged From addresses. I propose to call this a babypoobrownlist. Sadly it seems even RAV Antivirus can be configured to be this stupid:
From: RAV AntiVirus <ravms@mail1.utlonline.co.ug>
Subject: RAV AntiVirus scan results
Date: Mon, 26 Apr 2004 16:28:57 +0300
To: aicmbarara@utlonline.co.ug
[50 addresses deleted]
This e-mail is generated by the mail1.utlonline.co.ug mail server to warn you that the e-mail sent by aicmbarara@utlonline.co.ug to robert@aquabotanic.com, paulio629@aol.com, not@thisaddress.com, tommyboy@hotmail.com, news@ftscotland.co.uk, ifraigun@aol.com, steve@tropheus.demon.co.uk, 47@msn.com, c.durand@comcast.net, fornguse@shaw.ca, campaigns@votenader.org, indigomoon@bonbon.net, n.sandberg@comcast.net, thomaswinters@cablespeed.com, bleahcim49@frontiernet.net, the-big-dog@comcast.net,
If you are the sender:
-------------------
The scanned e-mail has your address in the
header field. Either your computer is infected or someone's computer having your e-mail address in the address book has been infected.
(Please note that some viruses are sending e-mails directly from your computer. Our advise is to check your computer using an up-to-date antivirus product).
If you are the receiver:
---------------------
Please contact the sender: most likely he/she doesn't know he/she has a computer virus.
I mean really, what incredibly moronic advice. What am I supposed to do about some random person who has me in their address book? The last thing I want is email from some benighted windows user telling me I have a computer virus.
posted Tue 27 Apr 2004 in /issues/virus | link
Archives 2008: Apr Feb 2007: Jul May Feb Jan 2006: Dec Nov Oct Sep Aug Jul Jun Jan 2005: Sep Aug Jul Jun May Apr Mar Feb Jan 2004: Dec Nov Oct Sep Aug Jul Jun May Apr Mar Feb Jan 2003: Dec Nov Oct Sep Aug Jul Jun May
Copyright (C) 1999-2007 Martin Pool.