Stuart McLachlan
stuart at lexacorp.com.pg
Mon Jun 28 05:48:25 CDT 2004
On 28 Jun 2004 at 5:58, Mitsules, Mark S. (Newport Ne wrote: > > Here is the header: > *********************** No you are not infected. This is a response sent to you by a mail server in Texas. Everyones Internet, Inc. 2600 Southwest Freeway Suite 500 Houston, TX 77098 They apparently host the textpad.com domain which is owned by Helios Software Solutions PO Box 619 LONGRIDGE PR3 2GW England The Texas ISP received an email for "Heike.Hilger at textpad.com" which had your name in the From: address but which was actually sent to them from G0481.g.pppool.de [80.185.4.129]. This a dialup or cable modem connection through an ISP in Germany: freenet Cityline GmbH Willstaetterstrasse 13 40549 Duesseldorf Germany Bottom line: Someone in Germany got infected by either a virus or a trojan. They had your address somewhere on their computer. The malicious program sent an email to the textpad address but forged your address in the From: header. It probably also sent the message to the shaw.ca address. Incidentally a get lots of these false bounces all the time :-( -- Lexacorp Ltd http://www.lexacorp.com.pg Information Technology Consultancy, Software Development,System Support.