Friday June 07, 2002
I swear, Mr. Net.Officer, it wasn't me
This is bad.
When I dialed-in to my ISP this afternoon and ran fetchmail among
the incoming messages were three notices of message delivery failures. One was
addressed to my svsm.org address, the other two were addressed to my
tsoft.com address. And all three were referencing messages I never
sent. Here's why:
- I never send from svsm.org. That's a domain I use to host a
website for my scale modeling club (SVSM stands for Silicon Valley Scale
Modelers), and I have the e-mail address as a link at the bottom of each
page, for feedback purposes. I get mail at that address, but any and
all replies, like all my outgoing mail, comes from
- Likewise, I no longer send from tsoft.com. Even if I'm reading my
mail from a simple shell-login to my ISP, my configuration of my mail-reader
(mutt, if you're curious) sets all header to the blackperl
address. TSOFT was the original name of my ISP (they've since changed), and
while the address still works, I prefer blackperl because I'll keep that even
if I should change providers.
- The send-dates on all the returned messages fall on or around 1:00 to
1:30, PM, local time this afternoon. I use dial-up access, and what's more
since I've been laid-off and working on my book full-time, I've slipped into a
weird work-schedule in which I tend to write until 5:30-6:00 AM, then sleep
until 2 or 3 in the afternoon. So today, I awoke at 3:00, started up the ISP
connection, then hit the shower while fetchmail and
spamassassin played their delicate duet over my incoming mail. I
wasn't even connected when these messages were sent.
Now, I've been getting tons of these virus mailings, most of which don't
match on spamassassin's rulesets because they're all slightly
different, depending on which Klez flavor infects which acquaintence of
mine. I'm used to deleting them, as well at taking a smug sense of superiority
over the fact that my mail-program doesn't do silly things like
executing attachments through MS Word if/when I open them.
This means that someone is just using my e-mail addresses to try and start
an infection of on of these virii.
And that means it could be any of us whose e-mail addresses are
already mined by spammers, who get "used" next.
Example is the school of mankind, and they will learn at no
other. -- Edmund Burke