Passing this along, because this has implications to list owners.
A new emerging worm is out there in windows land. That's bad enough, but this one has the hack that instead of repropogating via email using the owners email address, it repropogates using a random address in the infected machine's address book as the From, while sending to other random addresses in the book.
Last night, I started getting email from a friend (who happens to be a top computer security guy in the country) from an address he hasn't used in three years, and he doesn't use windows. Other people started getting email from ME that was infected.
This morning, the complaints started coming in that my mailman system was sending out infected emails, or that it was sending people admin messages because some infected machine was sending TO my mailman system as someone else, so they were getting the return notice.
Here's what I'm currently sending out to people that complain about these bogus mailman messages....
Someone out there has both your address and our address in their address book, and is infected with this virus:
<http://www.symantec.com/avcenter/venc/data/w32.klez.h@mm.html>
One of the side effects is that when it tries to reinfect, it takes an address from the address book at random, and uses it as the "from" in sending to someone else. So there's some third party that's hijacked your email address and using it to forward infected messages. And there's not a thing either of us can do about it, because neither of us are infected (or at least, we aren't) or control the machine doing it.
This is an emerging worm, and it looks pretty ugly. It has hit Hong Kong and Great Britain worst so far, but it's spreading rapidly accordind to people I've talked to.
This one has the possibility to get really ugly and nasty, folks, because it's hijacking addresses. Users can't depend on being yelled at by friends for being infected, because this new worm hides behind random return addresses. Which means the only thing you know is that the "person" sending you the email isn't the one infected, but someone who knows both of you is...
At least, as far as I can tell so far. The experts still seem to be trying to get a handle on it...
-- Chuq Von Rospach, Architech chuqui@plaidworks.com -- http://www.chuqui.com/
The Cliff's Notes Cliff's Notes on Hamlet: And they all died happily ever after