Forum Settings
       
Reply To Thread

virus sent from Allakhazam email accountFollow

#1 May 07 2004 at 12:08 PM Rating: Decent
Hi, im premium member and with it comes an Allakhazam email account that I have never looked at, checked, or used. I use yahoo account and only rarely at that. But I got an Email to the Yahoo account today that said it stopped a virus email from being sent, and it was sent out of allakhazam??

Anyone understand this at all? Below is the details of that email.

Our virus checker has found potentially malicious code in a mail by
you. Delivery has been stopped. For further questions, please contact
amavis@infomedia.fr.

The recipient(s) for this message were:
rde_enseignant@localhost.infomedia.fr

The message has been quarantined as 40950beb-2913.


CLAM Anti Virus found:
Worm.SomeFool.Gen-2

------------------------------------------------------------------------
Message headers follow:
Return-Path: <sunwolf@allakhazam.com>
Received: from ruedesecoles.com (unknown [217.128.171.31])
by imc001.infomedia.fr (Postfix) with ESMTP id 66BA7331CB
for <enseignant@ruedesecoles.com>; Sun, 2 May 2004 10:55:19 -0400
(EDT)
From: sunwolf@allakhazam.com
To: enseignant@ruedesecoles.com
Subject: is that your photo?
Date: Sun, 2 May 2004 16:55:58 +0200
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0010_000065CD.00000529"
X-Priority: 3
X-MSMail-Priority: Normal
Message-Id: <20040502145519.66BA7331CB@imc001.infomedia.fr>


Additional Tracking Info posted below.
From amavis@infomedia.fr Sun May 2 07:55:39 2004
X-Apparently-To: sunwolf_25@yahoo.com via 206.190.38.255; Sun, 02 May 2004 07:55:41 -0700
Return-Path: <>
Received: from 216.155.41.199 (EHLO www1.allakhazam.com) (216.155.41.199) by mta147.mail.dcn.yahoo.com with SMTP; Sun, 02 May 2004 07:55:41 -0700
Received: from imc001.infomedia.fr (host.17.233.23.62.rev.coltfrance.com [62.23.233.17]) by www1.allakhazam.com (8.12.8/8.12.2) with ESMTP id i42Etfkq079481 for <sunwolf@allakhazam.com>; Sun, 2 May 2004 10:55:41 -0400 (EDT)
Received: by imc001.infomedia.fr (Postfix, from userid 8) id 2126D331D5; Sun, 2 May 2004 10:55:40 -0400 (EDT)
From: amavis@infomedia.fr Add to Address Book
To: sunwolf@allakhazam.com
Date: Sun, 02 May 2004 16:55:39 +0200
Subject: Virus in mail from you.
Message-Id: <20040502145540.2126D331D5@imc001.infomedia.fr>
Content-Length: 993
#2 May 07 2004 at 8:38 PM Rating: Excellent
Avatar
******
29,919 posts
viruses these days, particularily the netsky worms, can scan temporary internet files and pick up the e-mail addresses from the users that have their e-mail showing in threads. The Allakhazam administrators will pretty much never send you an e-mail actually from an @allakhazam address, and never with an attachment unless we have specifically notified you ahead of time to expect an attachment. if you see an unexpected e-mail from any @allakhazam username with an attachment, delete it.
____________________________
Arch Duke Kaolian Drachensborn, lvl 95 Ranger, Unrest Server
Tech support forum | FAQ (Support) | Mobile Zam: http://m.zam.com (Premium only)
Forum Rules
#3 May 08 2004 at 12:48 PM Rating: Decent
Doesnt make any sense though. I've never used or seen allakhazams email'ing system. It couldn't have been me or my PC sending a virus to someplace.

For that to be true a virus would have to infect the PC I only use to play games, crack my allakhazam email account i've never used, log into it and send a copy of it'self to some random person I've never heard of before.

I keep up to date on the worse viruses out there and I have never heard of an email worm virus yet that can send copies of it'self though a web browser email address. Outlook, Outlook Express, Lotus notes, whatever "Program" used to "Download" your emails yes... but web based HTTP browser using email never.

My first hunch and only one that makes sense to me still is someone else hacked my allakhazam email account to send viruses out of...?? Doesnt sound real likely to me either though.

I changed my allakhazam password just in case. I still dont understand how Yahoo email system captured the email as a virus and notified my via my Yahoo email address either. if it came from allakhazam email account then allakhazams server should have been the catcher of the virus not yahoo.
#4 May 08 2004 at 1:15 PM Rating: Excellent
Spankatorium Administratix
*****
1oooo posts
First, it didn't come from an Allakhazam address.

Second, no mails do. Allakhazam addresses are forwards. Kinda like a go between. For example if I lived in a state where roadrunner was, my email that I send out would come from the RR server, not allakhazam. There is no outgoing mail directly from an allakhazam server that I am aware.

However, on my emails, they do say they are from darkflame@allakhazam, because that is how it is set up.

As Kao said, it's prob netsky. Need more info, type netsky into google and you will be educated more than you ever wanted on virii info. Your current theory on virii is severely mislead or behind the times, I'm sorry to say.

Just to give you an example, I get emails from darkflame@allakhazam ALL THE TIME filled with virii, I didn't send them. Somewhere the virii picked up my address on an infected's computer. Not only collecting mine, but others as well in address books, temp internet pages etc. Then spoofs a new virii mail with mine or someone else's name and then sends them out to everyone on the list. Case solved, but not closed.

Virii writers should be skinned alive and hung to dry!
____________________________

Reply To Thread

Colors Smileys Quote OriginalQuote Checked Help

 

Recent Visitors: 105 All times are in CST
Anonymous Guests (105)