[squid-users] SPAM/VIRUS sent to squid-users? (RE: Database at Infinex)

From: la. w <squid-user@dont-contact.us>
Date: Tue, 17 Jun 2003 12:21:18 -0700

Is there a reason for attaching what appears to be an empty file
named PNI.sln.exe and why is it was sent to "Squid-users" via
email harvesting off of the squid users list using "Bcc" to individual
users?

Is "Nick@imagetank.com" even a real user on squid-users?

Did anyone else get a message like this?

As for the .exe being stripped off...my ISP unilaterally implemented
mandatory filtering on all email, so I don't know if there was
actual content in the .exe or not.

> From nick@imagetank.com Tue Jun 17 07:37:26 2003
> Received: from mail.speakeasy.net (localhost [127.0.0.1])
> by mail.tlinx.org (8.12.6/8.12.2/SuSE Linux 0.6) with ESMTP id
h5HEbQMO023811
> for <squid-user@localhost>; Tue, 17 Jun 2003 07:37:26 -0700
> Delivered-To: squid-user@tlinx.org
> Received: (qmail 6267 invoked by uid 64014); 17 Jun 2003 14:36:55 -0000
> Received: from nick@imagetank.com by mail14.speakeasy.net with
AmikaGuardian-Server-1.1.2c-csav (Processed in 0.488691 secs); 17 Jun 2003
14:36:55 -0000
> X-AmikaGuardian-Id: mail14.speakeasy.net10558606152366262
> X-AmikaGuardian-Category: AN:Vectored : 0.4
> X-AmikaGuardian-Category: AN:Obvious Clues : 0.8
> X-AmikaGuardian-Category: AN:Spam Headers : 0.8
> X-AmikaGuardian-Category: AN:Spam : 0.8
> X-AmikaGuardian-Category: AN:Override : 0.4
> X-AmikaGuardian-Category: AN:Exception : 0.4
> X-AmikaGuardian-Category: AN:Spam Structure : 0.8
> X-AmikaGuardian-Category: AN:Junk Mail : 0.8
> X-AmikaGuardian-Category: AN:Forwarded Mail : 0.4
> X-AmikaGuardian-Action: Do Nothing()
> Received: from unknown (HELO webserver) ([202.95.236.6])
> (envelope-sender <nick@imagetank.com>)
> by mail14.speakeasy.net (qmail-ldap-1.03) with SMTP
> for <squid-user@tlinx.org>; 17 Jun 2003 14:36:55 -0000
> Received: from central-2bj0vsk (sithlord.impactnet.com [202.95.236.184])
> by webserver (8.11.6/8.11.6) with SMTP id h5HE14d01626;
> Tue, 17 Jun 2003 22:01:06 +0800
> Date: Tue, 17 Jun 2003 22:01:06 +0800
> Message-Id: <200306171401.h5HE14d01626@webserver>
================================
> From: "Nick L." <nick@imagetank.com>
> Subject: Re: Database at Infinex
> MIME-Version: 1.0
> Content-Type: multipart/mixed; boundary="----------KCD5Y5YSV2PWIA"
> To: undisclosed-recipients:;
> X-Status:
> X-Keywords:
> X-UID: 8103
>
> ------------KCD5Y5YSV2PWIA
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: 7bit
>
> Egie,
>
> Mysql is already installed into the machine in SF. Infinex is using it
> specifically for Mysql and is used by some of our larger customers. If
> you need sudo access just to install mysql that shouldn't be needed. If
> y
>
> ------------KCD5Y5YSV2PWIA
> Content-Type: application/x-msdownload; name="PNI.sln.exe"
> Content-Transfer-Encoding: base64
> Content-Disposition: attachment; filename="PNI.sln.exe"
>
>
>
> ------------KCD5Y5YSV2PWIA--
>
Received on Tue Jun 17 2003 - 13:21:55 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:17:24 MST