Infection notices

[Phi for All]

I've been getting a lot of notices lately like this one:

 

This e-mail contained an infection which could not be repaired.

 

This mail is generated by your mail system automatically for processing

reasons only. Please ignore it.

 

Thank you,

Your ISP

 

Then a bunch of email routing info follows. It always gives me the email address of the person who supposedly sent the email, but I know my ISP wouldn't send a notice with the signature, "Thank you, Your ISP"

 

Is this just some kind of hit to see if I open it or not?

[ecoli]

that happened to me once too. I just downloaded the file again and there was no virus detected, and it worked fine.

[Phi for All]

Sorry, I wasn't clear. These are emails I've been getting, from "MAIL DELIVERY SYSTEM", subject "VIRUS ALERT". I'm wondering if it isn't someone's way of detecting active email addresses or something. My virus protection never alerts me, they come in as normal emails, no attachments. I scan them in Outlook without opening them, see what they are, then delete them.

[5614]

hmmm, i think i know what you mean:

 

1) its a legit email from your ISP informing you that they stopped a virus from being sent to you.

 

2) someone is sending you junk as you expect, however it would need a link to something, if there are no attachments and no links to websites it sounds ok, but remember, IP addresses can be traced VERY easily from just one email, it might say (for example) from person@yourisp.com click on that link, you think its "person"'s email? well its actually google, now imagine i hosted a virus and directed you to that, see what im getting at? dont follow links, coz you dont always know where they are going!

[Phi for All]

1) its a legit email from your ISP informing you that they stopped a virus from being sent to you.

If my ISP had successfully stopped a viral attack, wouldn't they be splashing their name all over the announcement instead of signing with a vague, "Your ISP"?

 

The funny part is that all the adresses they claim the viruses originated from are for real. I know because one of them happened to be from a firm I'm trying to do business with. The guy turned out to be an architect in a different office from the one I contacted, and I was able to get routed from that contact to someone I needed to speak with, so I made lemonade out of THAT lemon.

 

But most of them are completely random and look like this (I've deleted some of the info, ??? in bold):

 

This e-mail contained an infection which could not be repaired.

 

This mail is generated by your mail system automatically for processing

reasons only. Please ignore it.

 

 

Thank you,

Your ISP

 

--- The header of the original message is following: ---

 

Received: from adsl-69-210-84-21.dsl.milwwi.ameritech.net[69.210.84.21] (helo=???????.net)

by mx.perfora.net with ESMTP (Nemesis),

id 0MKvAI-1CrXK92GXM-0002Gq; Thu, 20 Jan 2005 03:05:49 -0500

From: ???????.net

To: ???????.net

Subject: Mail Delivery (failure ???????.net)

Date: Thu, 20 Jan 2005 01:35:58 -0600

MIME-Version: 1.0

Content-Type: multipart/related;

type="multipart/alternative";

boundary="----=_NextPart_000_001B_01C0CA80.6B015D10"

X-Priority: 3

X-MSMail-Priority: Normal

Message-ID: <0MKvAI-1CrXK92GXM-0002Gq@mx.perfora.net>

Envelope-To: ???????.net

X-SpamScore: 0.952

tests= NO_REAL_NAME MISSING_MIMEOLE