This is a multi-part message in MIME format.
------=_NextPart_000_005C_01C3F0DF.73CF6210
Content-Type: text/plain;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Tony,
=20
You're not alone. I have had the same experience. I have some idea how =
this
might be accomplished but nothing I can hang my hat on. Maybe one of our
real technical experts can explain to us how this actually happens. =
Maybe
they can tell us how to minimize the possibility also. Hmmm?
=20
Bob Miller
Poverty Bay
-----Original Message-----
From: comphelp-admin@usps.org [mailto:comphelp-admin@usps.org] On Behalf =
Of
Anthony J. Biegen
Sent: Wednesday, February 11, 2004 7:45 PM
To: comphelp@itcom.usps.org
Subject: [Comphelp] New Virus Gimmick?
Has anyone seen this cute trick? On 02/02/04, I received a "Postmaster
Delivery Failure Notice" from "postmaster@ugo.com." I looked inside and =
saw
an addressee I never heard of and ignored the message. Some days later, =
I
received a similar "Failure" notice with another unknown addressee.
Annoyed, I immediately deleted it, but started to smell a rat. I went =
back
to the original and read the copy of the "rejected" mail. It was sent =
to
"john@ugo.com" with a return path of "tonyb@writeme.com" (me). The text =
read
"The message contains Unicode characters and has been sent as a binary
attachment. It had an attachment labeled "Quarantined Attachment.txt" =
with
an Xed out attachment icon. I think my ISP caught the virus, because my
Norton doesn't show it having any quarantined items. I deleted the
attachment from my Eudora "Attach" folder just in case it wasn't really
quarantined.
Any ideas out there as to what's happening here?
=3D;-}) Tony Biegen {:-}) =20
Voice/FAX: (516) 797-0464=20
EMail: tonyb@writeme.com=20
<||:-)) "Do not follow where the path may lead -- go instead where there =
is
no path and leave a trail." Muriel Strode
=20
------=_NextPart_000_005C_01C3F0DF.73CF6210
Content-Type: text/html;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<TITLE>Message</TITLE>
<META content=3D"MSHTML 6.00.2800.1400" name=3DGENERATOR></HEAD>
<BODY>
<DIV><SPAN class=3D629193704-12022004><FONT face=3DArial color=3D#0000ff =
size=3D2>Tony,</FONT></SPAN></DIV>
<DIV><SPAN class=3D629193704-12022004><FONT face=3DArial color=3D#0000ff =
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D629193704-12022004><FONT face=3DArial color=3D#0000ff =
size=3D2>You're=20
not alone. I have had the same experience. I have some idea how this =
might be=20
accomplished but nothing I can hang my hat on. Maybe one of our real =
technical=20
experts can explain to us how this actually happens. Maybe they can tell =
us how=20
to minimize the possibility also. Hmmm?</FONT></SPAN></DIV>
<DIV><SPAN class=3D629193704-12022004><FONT face=3DArial color=3D#0000ff =
size=3D2></FONT></SPAN> </DIV>
<DIV><SPAN class=3D629193704-12022004><FONT face=3DArial color=3D#0000ff =
size=3D2>Bob=20
Miller</FONT></SPAN></DIV>
<DIV><SPAN class=3D629193704-12022004><FONT face=3DArial color=3D#0000ff =
size=3D2>Poverty Bay</FONT></SPAN></DIV>
<BLOCKQUOTE dir=3Dltr style=3D"MARGIN-RIGHT: 0px">
<DIV></DIV>
<DIV class=3DOutlookMessageHeader lang=3Den-us dir=3Dltr =
align=3Dleft><FONT=20
face=3DTahoma size=3D2>-----Original Message-----<BR><B>From:</B>=20
comphelp-admin@usps.org [mailto:comphelp-admin@usps.org] <B>On Behalf =
Of=20
</B>Anthony J. Biegen<BR><B>Sent:</B> Wednesday, February 11, 2004 =
7:45=20
PM<BR><B>To:</B> comphelp@itcom.usps.org<BR><B>Subject:</B> [Comphelp] =
New=20
Virus Gimmick?<BR><BR></FONT></DIV>Has anyone seen this cute =
trick? On=20
02/02/04, I received a "Postmaster Delivery Failure Notice" from=20
"postmaster@ugo.com." I looked inside and saw an addressee I =
never heard=20
of and ignored the message. Some days later, I received a =
similar=20
"Failure" notice with another unknown addressee. Annoyed, I =
immediately=20
deleted it, but started to smell a rat. I went back to the =
original and=20
read the copy of the "rejected" mail. It was sent to =
"john@ugo.com" with=20
a return path of "tonyb@writeme.com" (me). The text read "<FONT =
size=3D3>The=20
message contains Unicode characters and has been sent as a binary=20
attachment. I</FONT>t had an attachment labeled "Quarantined=20
Attachment.txt" with an Xed out attachment icon. I think my ISP =
caught=20
the virus, because my Norton doesn't show it having any quarantined=20
items. I deleted the attachment from my Eudora "Attach" folder =
just in=20
case it wasn't really quarantined.<BR><BR>Any ideas out there as to =
what's=20
happening here?<BR><X-SIGSEP>
<P></X-SIGSEP><FONT color=3D#0000ff size=3D3>=3D;-}) Tony Biegen=20
{:-}) <BR>Voice/FAX: (516) 797-0464 <BR></FONT><FONT =
color=3D#ff0000 size=3D3>EMail: tonyb@writeme.com</FONT><FONT =
color=3D#0000ff=20
size=3D3> <BR><||:-)) "Do not follow where the path may lead -- go =
instead=20
where there is no path and leave a trail." Muriel=20
Strode<BR> =20
=
<BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR></FONT></P></BLOCKQUOTE><=
/BODY></HTML>
------=_NextPart_000_005C_01C3F0DF.73CF6210--