[chadfree] Re: test ignore

Hi Linda,
My ISP is unable to deliver my virusinfo messages.
PCtechTalk at Freelists and chad free are working.

Here is a copy of the letter I sent to John

Hi John,
can you tell me why this message is being rejected?
*********** BEGIN FORWARDED MESSAGE  ***********

Return-Path: <>
To: mikebike@xxxxxxxxx
From: TELUS Mail Administrator <helpdesk@xxxxxxxxx>
Reply-To: <Postmaster@xxxxxxxxxxxxxxx>
Subject: Your Message Could Not Be Delivered
Date: Mon, 12 Jan 2004 11:48:53 -0700
Message-ID:
<20040112184853.EGAH22859.priv-edtnes04.telusplanet.net@priv-edtnes04>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;    
Boundary="===========================_ _= 5667114(22859)1073933333"

Your message could not be delivered.

The recipient's Internet Service Provider rejected this e-mail.  Please 
verify that the e-mail address and your "from address" (in the header) 
were entered correctly and resend. 

Your message was rejected by turing.freelists.org for the following reason:

     Error: Message content rejected

The following recipients did not receive this message:

     <virusinfo@xxxxxxxxxxxxx>

We hope this information is helpful. 
For more information, visit us at <<http://help.telus.net>> or e-mail 
TELUS at <helpdesk@xxxxxxxxx>.

Reporting-MTA: dns; priv-edtnes04.telusplanet.net
Arrival-Date: Mon, 12 Jan 2004 11:48:51 -0700
Received-From-MTA: dns; mikes-xp (64.180.11.13)

Final-Recipient: RFC822; <virusinfo@xxxxxxxxxxxxx>
Action: failed
Status: 5.1.1
Remote-MTA: dns; turing.freelists.org (206.53.239.180)
Diagnostic-Code: smtp; 550 Error: Message content rejected

*********** END FORWARDED MESSAGE  ***********
original message as posted;
Header;

Message-ID: <200401121048440483.008AF679@xxxxxxxxxxxxxx>
References: <1073908171.f5c2fe77af6e07a73e3912415ed4d329@xxxxxxxxxxxxxxxx>
 <200401120851430908.001FD65A@xxxxxxxxxxxxxx>
 <200401120858150952.0025D1C5@xxxxxxxxxxxxxx>
 <200401120943570273.004FA60F@xxxxxxxxxxxxxx>
 <200401121010270580.0067EA32@xxxxxxxxxxxxxx>
X-Mailer: Courier 3.50.00.09.1092 (http://www.rosecitysoftware.com) (P)
Date: Mon, 12 Jan 2004 10:48:44 -0800
From: "Mike" <mikebike@xxxxxxxxx>
To: virusinfo@xxxxxxxxxxxxx
Subject: Sophos Anti-Virus IDE alert: W32/Randex-Y
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"



From; Sophos Alert System: W32/Randex-Y

Name: W32/Randex-Y
Aliases: WORM_RANDEX.GEN, Backdoor.IRCBot.gen
Type: Win32 worm
Date: 12 January 2004

A virus identity file (IDE) file which provides protection is
available now from the Latest virus identities section, and will
be incorporated into the March 2004 (3.79) release of Sophos
Anti-Virus.

At the time of writing Sophos has received just one report of
this worm from the wild.


Information about W32/Randex-Y can be found at:
http://www.sophos.com/virusinfo/analyses/w32randexy.html
Description 
W32/Randex-Y is a network worm with backdoor capabilities which allows a
remote intruder to access and control the computer via IRC channels. 
W32/Randex-Y chooses IP addresses at random and tries to connect to the IPC$
share using simple passwords. If the connection is successful the worm
copies itself to the following remote locations: 

\ADMIN$\system32\msnv32.exe
\C$\WINNT\system32\msnv32.exe 

W32/Randex-Y then schedules a job to execute the remotely created files. 

Each time the worm is run it tries to connect to a remote IRC server and
join a specific channel. The worm then runs in the background as a server
process listening for commands to execute. 

When first run the worm copies itself to the Windows system folder as
IRBMe.exe and adds the following registry entries to point to this copy of
the worm to ensure it is run at system startup: 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\IRBMe Sucks!!
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\IRBMe Sucks!! 

W32/Randex-Y may also create the file remove.bat in the Windows temp folder.
This file is not malicious and can simply be deleted.
 

This IDE file also includes detection for:

Troj/Troll-A
http://www.sophos.com/virusinfo/analyses/trojtrolla.html
W32/SdBot-T
http://www.sophos.com/virusinfo/analyses/w32sdbott.html
W32/SdBot-U
http://www.sophos.com/virusinfo/analyses/w32sdbotu.html
W32/Agobot-BW
http://www.sophos.com/virusinfo/analyses/w32agobotbw.html
W32/Agobot-BX
http://www.sophos.com/virusinfo/analyses/w32agobotbx.html
W32/Agobot-CC
http://www.sophos.com/virusinfo/analyses/w32agobotcc.html

Download the IDE file from:
http://www.sophos.com/downloads/ide/randex-y.ide

Download all the IDE files available for the current version of 
Sophos Anti-Virus in a single compressed file. The file is
available in two formats:

Zip file:
http://www.sophos.com/downloads/ide/ides.zip

Self extracting file:
http://www.sophos.com/downloads/ide/ides.exe

Read about how to use IDE files at
http://www.sophos.com/downloads/ide/using.html
---------------------------------------------------------------------
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike 
<http://www3.telus.net/mikebike/mikes_virus_page.htm>
A Technical Support Alliance & OWTA Charter Member 


*********** REPLY SEPARATOR  ***********

On 12/01/2004 at 2:30 PM Linda F. Johnson wrote:

What kind of problem are you having, Mike?  I don't *think* my mso list at
freelists is having any send problems.  What's up with yours? 


Linda F. Johnson, M.A., MOS
Linda's Computer Stop
http://personal-computer-tutor.com
Free e-Books, Newsletter, and tutorials


-----Original Message-----
From: chadfree-bounce@xxxxxxxxxxxxx [mailto:chadfree-bounce@xxxxxxxxxxxxx]
On Behalf Of Mike
Sent: Monday, January 12, 2004 1:24 PM
To: chadfree@xxxxxxxxxxxxx
Subject: [chadfree] test ignore

I'm testing freelists to see if the send problem for my list is unique to
that list and if it affects other freelists as well
Mike




-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Was this forwarded to you?  Want to subscribe?  Send an email 
to chadfree-request@xxxxxxxxxxxxx?Subject=subscribe.

For a complete list of email commands for our list send an email 
to ecartis@xxxxxxxxxxxxx with a subject line of "info chadfree" without the
quotes.

If you wish to unsubscribe from our list send an email to;
 chadfree-request@xxxxxxxxxxxxx?Subject=unsubscribe

To contact the list moderators send an email to
chadfree-moderators@xxxxxxxxxxxxx
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-





-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Was this forwarded to you?  Want to subscribe?  Send an email 
to chadfree-request@xxxxxxxxxxxxx?Subject=subscribe.

For a complete list of email commands for our list send an email 
to ecartis@xxxxxxxxxxxxx with a subject line of "info chadfree" without the 
quotes.

If you wish to unsubscribe from our list send an email to;
 chadfree-request@xxxxxxxxxxxxx?Subject=unsubscribe

To contact the list moderators send an email to 
chadfree-moderators@xxxxxxxxxxxxx
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Other related posts: