Mitsules, Mark S. (Newport News)
Mark.Mitsules at ngc.com
Mon Jun 28 06:00:17 CDT 2004
Thanks Stuart. I have a sinking feeling that I'll be getting more and more :((( Mark -----Original Message----- From: Stuart McLachlan [mailto:stuart at lexacorp.com.pg] Sent: Monday, June 28, 2004 6:48 AM To: Discussion of Hardware and Software issues Subject: RE: [dba-Tech] Internet Mail Headers On 28 Jun 2004 at 5:58, Mitsules, Mark S. (Newport Ne wrote: > > Here is the header: > *********************** No you are not infected. This is a response sent to you by a mail server in Texas. Everyones Internet, Inc. 2600 Southwest Freeway Suite 500 Houston, TX 77098 They apparently host the textpad.com domain which is owned by Helios Software Solutions PO Box 619 LONGRIDGE PR3 2GW England The Texas ISP received an email for "Heike.Hilger at textpad.com" which had your name in the From: address but which was actually sent to them from G0481.g.pppool.de [80.185.4.129]. This a dialup or cable modem connection through an ISP in Germany: freenet Cityline GmbH Willstaetterstrasse 13 40549 Duesseldorf Germany Bottom line: Someone in Germany got infected by either a virus or a trojan. They had your address somewhere on their computer. The malicious program sent an email to the textpad address but forged your address in the From: header. It probably also sent the message to the shaw.ca address. Incidentally a get lots of these false bounces all the time :-( -- Lexacorp Ltd http://www.lexacorp.com.pg Information Technology Consultancy, Software Development,System Support. _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com