Jason Ostrom <justiceguy@???> writes:
> For example, just today we received an unsolicited, malicious email
> from what appears to be an AOL subscriber. In the expanded headers,
Yes - it is from an AOL subscriber.
> pasted below, it appears that the sender has somehow hidden the source
> IP. I don't think this is the W32/Bugbear malicious code, it looks
AOL's mail software doesn't log source IPs - but you can be reasonably
sure that the address BLACKSMURF134@??? is valid.
> Received: from [64.12.136.7] (helo=imo-m04.mx.aol.com)
That IP does reverse-resolve to imo-m04.mx.aol.com - and the rest of the
headers are consistent with an AOL user using AOL's mail software to
send out mail.
Send this with full headers to TOSEMAIL1@???
-srs
