[pcductape] Re: Header of email

  • From: Scott McNay <Wizard@xxxxxxxx>
  • To: Ctm007 <pcductape@xxxxxxxxxxxxx>
  • Date: Fri, 13 Jun 2003 07:12:19 -0500

Hi Carl,

Thursday, June 12, 2003, 11:50:22 PM, you wrote:

C> Very interesting;   your description of the headers.    I noticed that
C> freelists.org uses
C>         X-list: pcductape
C>         X-Virus-Scanned: Symantec AntiVirus Scan Engine
C>         Return-Path: pcductape-bounce@xxxxxxxxxxxxx
C> Symantec AntiVirus Scan Engine for it's lists.    Does this mean that I did
C> not get the bugbear virus from Pcductape list?    I use Time Warner Road

DO NOT trust these messages; what if a virus were to come along that
creates fake freelists messages?? There's absolutely no reason that
that couldn't happen. Plus, it IS possible to get a virus before the
antivirus vendors can put out a data file for it; I've had that happen
before, had to wait an entire week before a fix came out for one virus
(years ago). Don't waste time trying to assign blame, just try to
figure out what the vector was, and try to close it or minimize it.

BugBear emails itself, so it doesn't need help from a mailing list. It
can also spread through network shares, so there's a vague (but
doubtful, since you have a local network, which normally acts as a
firewall) possibility that you got it directly from someone else.
Furthermore, there's no reason to believe that you didn't get this by
it BEFORE RR got updated data files that would recognize it.

C> Runner as my ISP on my 4 computers on my home network and the ISP scans all
C> incoming email for virus and when one is detected the ISP will kill the
C> virus but send me a message that they did.    So how did my #2 computer
C> catch bugbear and my other computers on the network did not?    My wife uses
C> the #2 computer;   did she catch the virus surfing the net?

This applies only to email that you receive through a RR email
account.  If you have email accounts elsewhere, then the providers of
those email accounts may or may not scan email.

I have RR here, but have no idea if the local folks scan for viruses;
I no longer use any ISP email accounts.  If something were to happen
to them or to my account with them, I'd lose both email and internet
access at the same time.


To unsubscribe from this list send an email to
pcductape-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field
OR by logging into the Web interface. 

Other related posts: