On Sat, 2004-01-31 at 12:07, Laurie Brown wrote:
Received: from (HELO mdmbill.com) (81.100.212.125) by tuschin.blackcatnetworks.co.uk with SMTP; 31 Jan 2004 10:43:42 -0000
Note that mdmbill.com is not work-safe.
If you recognise yourself as the sender, you probably want to clean up your computer and install some anti-virus software :)
I've had several hundred of these (and Linux isn't affected by virii?), all caught by our amavis/AV software. All the from addresses are spoofed.
I just got a second one from the same person. The reason I'm sending this mail is so that whoever it is that is infected, can get that thing off their machine so I don't have to get mail from them. The HELO bit is spoofed, the cpc1-norw2-3-0-cust125.pete.cable.ntl.com bit is not.
/Kirsten