re:W32NetSky@Bmm

I keep getting returned emails from mail administrator like the one as follows:
VIRUS ALERT
Our content checker found
viruses: W32/NetSky.B@mm [Orion], I-Worm.NetSky.b [AVP]
banned name: details.doc.pif
in email presumably from you (<deleted@sympatico.ca>), to the following recipient:
-> [i]deleted[/i]@friscobay.com

Please check your system for viruses,
or ask your system administrator to do so.

Delivery of the email was stopped!


For your reference, here are headers from your email:
------------------------- BEGIN HEADERS -----------------------------
Return-Path: <deleted@sympatico.ca>
Received: from friscobay.com (CPE0060672d5147-CM400026201708.cpe.net.cable.rogers.com [24.103.36.72])
by voyager.friscobay.com (Postfix) with SMTP id 0B250432342
for <deleted@friscobay.com>; Wed, 14 Apr 2004 10:42:58 -0400 (EDT)
From: deleted@sympatico.ca
To: deleted@friscobay.com
Subject: hello
Date: Wed, 14 Apr 2004 10:42:48 -0400
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="33730127"
Message-Id: <20040414144258.0B250432342@voyager.friscobay.com>
-------------------------- END HEADERS ------------------------------



--------------------------------------------------------------------------------


Received: from friscobay.com (CPE0060672d5147-CM400026201708.cpe.net.cable.rogers.com [24.103.36.72])
by voyager.friscobay.com (Postfix) with SMTP id 0B250432342
for <deleted@friscobay.com>; Wed, 14 Apr 2004 10:42:58 -0400 (EDT)
From: deleted@sympatico.ca
To: deleted@friscobay.com
Subject: hello
Date: Wed, 14 Apr 2004 10:42:48 -0400
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="33730127"
Message-Id: <20040414144258.0B250432342@voyager.friscobay.com>

It comes with an attachment:"Delivery error report.dat(318 bytes)"
No one has sent this email from my house, nor does the name sound familiar. I have scanned with NAV, and double checked with trend online and nothing has come re a netsky virus. Any ideas what this is? They come several times a week from recipients I don't know. Any ideas?

 

Re: W32NetSky@Bmm

Hi spins4,

The problem is that someone that has your email-address stored on his computer is infected with this virus.
This virus is capable of "spoofing" the sender address.
In other words, it pretends to come from you, but in reality it comes from the infected computer.

NOTE: This is why you should be more careful about posting your email-address. Some viruses are capable of getting addresses out of the Temporary internet files, where yours would end up if someone read the site where you posted it. That is why I removed the addresses in your post. The other one is that spambots could be active here as well.

Regards,

Pieter

 

Re: W32NetSky@Bmm

Pieter - Can I block further emails from these people?? Can I stop it from happening again? Thankyou for your quick reply!

 

Re: W32NetSky@Bmm

Hi spins4,

Not much you can do about it.
Blcoking mail from that server will probably effectively block emails from everyone using friscobay.com
I think a spamfiltering application can be used to get rid of the viruswarning emails. Are you using one?

Regards,

Pieter

 

Re: W32NetSky@Bmm

I'm using SpamBully so I'll try adding their address to the bounce.