Bryan Carbonnell
carbonnb at gmail.com
Mon May 30 11:36:42 CDT 2005
On 5/30/05, Shamil Salakhetdinov <shamil at users.mns.ru> wrote: > Hi All, > > I'm getting W32.Mydoom.BT at mm viruses for several days from 195.167.69.130. > > The virus sender's e-mail address is simulating my provider's "services": > admin at mns.ru, service at mns.ru etc. > > What are the most effective ways to stop these viruses sending? If you can filter it at the server level, then that's the best way. Failing that, contact you ISP, and send them the received header lines from a couple of the virii, and ask them to block the IP. Also, send an e-mail to: noc at otenet.gr, abuse at otenet.gr, hostmaster at otenet.gr. postmaster at otennet.gr with a few of the received headers as well and ask them to contact thier client and inform them that they are sending out virii. Also ask them if they could block this person until they have cleaned the virri from their PC. I have done this before and it has worked. Just make sure that you send the recieved headers so they can trace it back to their system and you are polite and non-confrontational. -- Bryan Carbonnell - carbonnb at gmail.com Life's journey is not to arrive at the grave safely in a well preserved body, but rather to skid in sideways, totally worn out, shouting "What a great ride!"