Dear Microsoft Consumer...
Got me a virus email today. The letter got on my wrong side from the opening phrase, and went downhill from there. It started off:
I am not a consumer
I practice safe hex
. I'm too scared to install and use a mail-reader program on Microsoft products. I use old non-user-friendly standbys - ssh - and pine. I yearn for some of the organizational features of modern mail clients - but on the other hand, I've got an email collection that goes back five years, and I've never had it destroyed due to an email virus/worm.
In the good old days, before we drowned in spam, there was an easy way, a standard way, to notify the manager of the system that it was being abused. You simply sent mail to postmaster@whereever. It was part of the internet social contract. I still read my postmaster mail. Paul Vixie
still reads his. As for everyone else... well "abuse" and "security" are two good aliases to try... some providers just have web forms... some have no policies at all.
Here's what the mail looked like - I've noted in red the indications that this message contained a virus:
From email@example.com Fri Apr 25 20:26:40 2003
Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [188.8.131.52])
by llama.ackley.net with ESMTP id h3Q3QboS032481
Date: Sat, 26 Apr 2003 03:26:18 +0000 (GMT)
X-Comment: Sending client does not conform to RFC822 minimum requirements
X-Comment: Date has been added by Maillennium.
Received: from sqkyqpy (12-226-245-7.client.attbi.com[184.108.40.206])
From: Microsoft Corporation Internet Technical Services
To: "Microsoft Consumer" <>
Subject: Internet Security Patch
1.1 OK ~52 lines Text
1.2 Shown ~73 lines Text
2 159 KB Application
this is the latest version of security update, the "April 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting Internet Explorer, Outlook and Outlook Express as well as five newly discovered vulnerabilities. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run executable on your system. This update includes the functionality of all previously released patches.
System requirements | Win 9x/Me/2000/NT/XP This update applies to |
Microsoft Internet Explorer, version 4.01 and
later Microsoft Outlook, version 8.00 and later
Microsoft Outlook Express, version 4.01 and later
Recommendation | Customers should install the patch at the earliest opportunity.
How to install | Run attached file. Click Yes on displayed dialog box.
How to use | You don't need to do anything after installing this item.
Microsoft Product Support Services and Knowledge Base articles
can be found on the Microsoft Technical Support web site.
For security-related information about Microsoft products, please
visit the Microsoft Security Advisor web site, or Contact us.
Please do not reply to this message. It was sent from an unmonitored
e-mail address and we are unable to respond to any replies.
Thank you for using Microsoft products.
With friendly greetings,
Microsoft Corporation Internet Technical Services
©2003 Microsoft Corporation. All rights reserved. The names of the actual companies and products mentioned herein may be the trademarks of their respective owners.
[ Part 2, Application/X-MSDOWNLOAD 212KB. ]
[ Cannot display this part. Press "V" then "S" to save in a file. ]
This message came via AT&T broadband. They're probably drowning in virus reports, and have policies and procedures for handing it... published somewhere ... aha (10 minutes of searching later) - oh, yea... firstname.lastname@example.org
Let's forward that little evil message along to the right people. f,[paste],enter, Y, enter....
Ahh... Being a responsible netizen has obligations. Sometimes they are both easy and satisfying to fulfill. If more netizens took a few minutes out of their day to trace back and report abuse it would be a kinder, gentler metaverse.