I keep getting bombarded with the ever-annoying Klez worm (see
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h@mm.ht
ml if you don't know what I'm talking about) from some of my mailing
list subscribers. With previous worms, I'd email the sender and ask them
to innoculate themselves, and black-hole them if they didn't. With Klez
spoofing the From: address, that idea goes out the window. Is there some
way to determine the real sender of Klez email by examining the email
headers? So far, all I can seem to determine is the originating site,
which in most cases is no help.
Similarly, once in a while I get a Klez post sent to majordomo@my site.
Rather than stopping after a few errors, majordomo keeps checking each
of several thousand binary lines, spitting out an error for each. Is
there some majordomo setting to get it to stop processing after X
errors? I thought there was, but I can't find it.
Thanks.
-----
Kevin Kinder
kinder@luckytown.org
Follow-Ups:
|
|
