Apache OpenOffice (AOO) Bugzilla – Issue 40400
Bizarre virus or SPAM mails have been going.
Last modified: 2005-01-12 10:22:35 UTC
It is something weird. I have recently received several e-mails with strange attachments. All those e-mails include similar header information but their origination IP addresses are greatly different each other. A mail client or something like that seems to introduce itself to the our MX server s002.sfo.collab.net as "HELO mail-kr3.openoffice.org": Received: from unknown (HELO mail-kr3.openoffice.org) (84.222.173.38) by s002.sfo.collab.net with SMTP; 11 Jan 2005 10:39:04 -0000
Created attachment 21358 [details] Received headers in a series of e-mails
Created attachment 21359 [details] One of suspicious e-mails that I have received
I understand that you were subject to virus activity and received messages from hosts claiming to be in the openoffice.org domain. Thanks for reporting the incident, but what do you expect us to do?
Thank you for taking care of this issue. We might not need to do anything for this phenomenon right now. The suspicious phenomenon could infer that there might be a virus that targeted at the MX server of OOo in order for sabotage. Such kind of virus might have been deliberately created and gradually spreading over the world.
Hi, I guess the virus is not targeted especially at OOo but chooses a hostname in the domain of the target email address or mail exchanger. Greetings, Stefan
OK, let us close this issue. Information: http://www.google.com/search?q=mail-kr3+virus As you say, similar e-mails have been reported, especially: http://www.usenetarchive.org/Dir4/File113.html Cheers, Tora