bbs.spamgourmet.com

discussion forums for spamgourmet
https://bbs.spamgourmet.com/

SobigF. or what?

https://bbs.spamgourmet.com/viewtopic.php?f=7&t=4

Page 1 of 1

SobigF. or what?

PostPosted: Fri Aug 29, 2003 6:25 am
by miniscus
I have an article posted at a foreign website with a dispoable for contacts. I have never used this disposable anywhere else at any time.

6 hrs after it was up, I recieved an Auto-Response from a decent website (classmates.com) stating:
Please note you have attempted to reply to an automated email address.
If you need assistance...
Well, they had recieved a mail from the above disposable... Eh? What? Ah! - a Sobig forge! And what a quicky!

The funny thing is, that this bounce was (xxxx: message 3 of 20). So I immediately sent one from real me to myself, and recieved (xxxx: message 20 of 20 -last one!-)... Eh? Got my fingers out...nope - some missing. Where are msg 1,2 and 4 to 19? Who got them? Sg must have, but not me...

And to make things a li'll inneresting, the contact-link in the article is an EMPTY mailto:nothing - no disposable. Maybe the site admins blamed my address for sobicing? They couldn't have forgotten to fill it in, because it must have been public somewhere, sometime.

This gets my brain a mess, can anyone help?
Arick

PostPosted: Sat Aug 30, 2003 11:04 am
by miniscus
513 replies to this disposable have been eaten so far!
Definitely not from spammers alone, but a few autoreplies it seems *whine*
I've upped the address, and I'm trying to reach some of them to find out more. What the hell is this?
Arick

PostPosted: Sat Aug 30, 2003 2:37 pm
by miniscus
Ok, I finally recieved #4 to #11. They *ALL* have the Sobig F. pif-file as attachment.

Looks like the Virus is done going through someones addressbook , the "eaten messages count" has not upped from 513. I have/will not contact any of the "eaten" senders now, of course.

Thanks Mr/Mrs naive, now nobody could reach me on that article. :x :x :x

THANK YOU, SPAMGOURMET! :D :D :D

...although recieving 36 hrs late, and still missing #1 to #3 got me all messed up - has sg been down?
Arick

PS: Where is everybody? *hmm* When you need 'em, they're not there... :wink:

PostPosted: Sat Aug 30, 2003 10:36 pm
by josh
sendmail - the mail server that is upstream from spamgourmet - will react defensively when hit by a whole bunch of messages from the same server, assuming (correctly, in this case, I think) that they're part of something nefarious. That probably explains the delay.

I've seen this happening in the logs recently, no doubt due to Sobig - it can result in delayed delivery, and, if the upstream server is taken down (like many of these should be, IMO), some messages may not go through at all.

Try sending a test (non-virus) message through - you'll see it gets delivered right away.

Josh

PostPosted: Sat Aug 30, 2003 11:40 pm
by miniscus
#20 of 20 was from me to myself, and I got it immediately...
Arick

PostPosted: Sun Aug 31, 2003 12:13 am
by miniscus
Brought thread into sequence only, Arick
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/