Jump to content

More of 'No source IP address found'


qjvgpuryy

Recommended Posts

Posted

I keep receiving strange e-mails marked "Undeliverable" that appear to be from nonexistent local e-mail addresses. Here is the Tracking URL of one of them. I'm using Pegasus Mail and have no problem reporting, except for these. Can anyone tell me how this can happen?

Posted

I played a bit with Mercury a few years back, but have no knowledge on Pegasus. From what is provided, it sounds like you might need to contact Dave Harris directly to see how to figure out where the traffic is actually coming from (or why pegasus isn't showing that data ..) It is possible that it's a direct-to-MX action, but that still doesn't ecplain the lack of the connecting / source IP ...

At any rate, the particular spam item is known to be a virus generated item, the SpamCop version talked about in the Announcements section ... there is talk elsewhere (and right now I don't recall if it was here, over in the newsgroups, one of the anti-virus sites ... (it's been a busy day) .. but the gist of it seems to be some atrocious handling/mangling of e-mails by some anti-virus products and some e-mail servers, in that the 'de-fanging' of the virus also includes stripping header lines from the e-mail for some reason, then forwarding on the garbage that now remains ... like the recipient actually cares that some inknown entity somewhere in the world has an infected system and is sending out e-mail that gets trashed in transport so bad that there's no way to track it back to any kind of source ...????

Posted

It looks like your Exchange Server is either infected or not capable of correctly tracking this worm, which is probably one of the variants of what Symantec is calling "W32.Mytob[at]mm".

Posted
At any rate, the particular spam item is known to be a virus generated item, the SpamCop version talked about in the Announcements section

29343[/snapback]

Didn't connect the two, sorry.

the gist of it seems to be some atrocious handling/mangling of e-mails by some anti-virus products and some e-mail servers, in that the 'de-fanging' of the virus also includes stripping header lines from the e-mail for some reason, then forwarding on the garbage that now remains

29343[/snapback]

We're using Norton Antivirus and an Exchange Server here.

It looks like your Exchange Server is either infected or not capable of correctly tracking this worm

29347[/snapback]

I'll have to look into that - I hope it's the second and not the first!

Thanks to both of you.

P.S. Multiquote is cool!

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...