As I said before in another topic that once someone sent me a virus and all it had in the return path was this " <> "

Now they sent it again and this time the address is different. Check it out


Return-Path&#58; &#60;[email protected]&#62;
Delivered-To&#58; [email protected]
Received&#58; &#40;qmail 22098 invoked from network&#41;; 1 Oct 2003 22&#58;00&#58;15 -0000
Received&#58; from turkey.mail.pas.earthlink.net &#40;207.217.120.126&#41;
&nbsp;by 0 with SMTP; 1 Oct 2003 22&#58;00&#58;15 -0000
Received&#58; from dialup-171.75.7.35.dial1.phoenix1.level3.net &#40;&#91;171.75.7.35&#93; helo=vhlof&#41;
by turkey.mail.pas.earthlink.net with smtp &#40;Exim 3.33 #1&#41;
id 1A4ow1-000510-00; Wed, 01 Oct 2003 14&#58;55&#58;02 -0700
FROM&#58; &#34;Security Support&#34; &#60;[email protected]&#62;
TO&#58; &#34;Microsoft Customer&#34; &#60;[email protected]&#62;
SUBJECT&#58; &nbsp;
Mime-Version&#58; 1.0
Content-Type&#58; multipart/mixed; boundary=&#34;dlntrravlhho&#34;
Message-Id&#58; &#60;[email protected]&#62;
Date&#58; Wed, 01 Oct 2003 14&#58;55&#58;02 -0700 I changed the Delivered-To: [email protected] to protect my e-mail address from spammers when reading this post.

What do you all think and how can I trace this person down.

just goto symatec security response website.. they got info on all viruses

he/she probably used telnet or sumother program that sends fake emails (email bomber)

:lol: :lol: :lol: send it back&#33; send it back&#33; :lol: :lol: :lol:

Originally posted by FKDUP74@2 October 2003 - 00:38
:lol: :lol: :lol: send it back&#33; send it back&#33; :lol: :lol: :lol:
he cant send it back. that email address doesnt exist ;)

Originally posted by FKDUP74@2 October 2003 - 00:38
:lol: :lol: :lol: send it back&#33; send it back&#33; :lol: :lol: :lol:
:lol: :lol: I would have to go down to their level and and act like a buffoon. I have seen a program that send e-mail and allows you to send a fake e-mail with an attchment and allows you to type a fake address as the return path.

This virus forced it&#39;s self to download on my computer. I didn&#39;t click the download button or even check the e-mail.

Originally posted by KazaaBoy+1 October 2003 - 18:47--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (KazaaBoy @ 1 October 2003 - 18:47)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin-FKDUP74@2 October 2003 - 00:38
:lol:&nbsp; :lol:&nbsp; :lol:&nbsp; send it back&#33; send it back&#33;&nbsp; :lol:&nbsp; :lol:&nbsp; :lol:
:lol: :lol: I would have to go down to their level and and act like a buffoon. I have seen a program that send e-mail and allows you to send a fake e-mail with an attchment and allows you to type a fake address as the return path.

This virus forced it&#39;s self to download on my computer. I didn&#39;t click the download button or even check the e-mail. [/b][/quote]
yea, then kazaaboy would become the culprit

There&#39;s your return path >>

FROM: "Security Support" <[email protected]>
TO: "Microsoft Customer" <[email protected]>


It&#39;s likely not real or it&#39;s an unidentifiable localhost ID. You could try "finger" but it&#39;s unlikely you&#39;ll get real results. YourISP should really provide better info on this. This looks weak. I got several pages of network info on the same email and it was tracked very successfully back to some romanian kid in the early days. Now it&#39;s widespread.
As for sending it back, why? the virus is just going to add you and all your contacts back into it&#39;s DB for more mailings.
Ignore it, don&#39;t even let it know you exist. Chances are, if you opened on of these viruses already, then your system has also sent the virus attachments on and someone is looking for you as well.

Instead, go into your tools and options menus. Create a new blocked sender rule where person "<>" is blocked from your email client and all messages containing this sender address are deleted from the server. You can do that with a number o known exploits. The same as spam filters do. Removed quoted subject lines as well and have them moved to a temp folder because they&#39;re likely to be mass mailed junk.

There&#39;s some reg keys that will prevent these attachments from being able to execute. No extensions means no execute. It was posted here a month or two ago.

I&#39;m sure there&#39;s somebody you can sue over this...

:rolleyes:

hard to tho.. they hide they&#39;re real identity

Believe me, KazaaBoy... No one&#39;s specifically targetting you. Everyone gets these damn things every once in a while.

hi i think your best bet is to send an email to here "[email protected]" send em the header source or just attach the entire email and tell them what happened.....

Originally posted by ultimatejester+1 October 2003 - 16:47--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (ultimatejester &#064; 1 October 2003 - 16:47)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin-FKDUP74@2 October 2003 - 00:38
:lol: :lol: :lol: send it back&#33; send it back&#33; :lol: :lol: :lol:
he cant send it back. that email address doesnt exist ;) [/b][/quote]
it was just a joke guys :P
read my sig :D

Thanks for everyone that replied. I thought I was the only one receiving it.