Javen
2004-03-08, 11:24 AM
今早用 pop3 去我 hinet 的信箱收信. 結果接到一封自己發給自己的信, 夾帶病毒檔. 奇妙的是, 我看 header 居然有我這邊當地的 domain name 和 ip. 有人能解讀一下嗎?
From: [email protected]
To: [email protected]
Date: Sun, 7 Mar 2004 00:09:45 -0800
Subject: what's up?
Received: from msa.hinet.net (host-x-y.resnet.pdx.edu [131.252.x.y]) by mx117.hinet.net (8.8.8/8.8.8) with ESMTP id QAA29481 for <[email protected]>; Sun, 7 Mar 2004 16:06:36 +0800 (CST)
Message-Id: <[email protected]>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_NextPart_000_0012_0000410A.00003222"
X-MSMail-Priority: Normal
Content-Length: 34923
131.252.x.y 的確是我常用的 IP. 是 DHCP assign 的. 可否從這看出是我本地端中毒, 還是別人發 "spoofing" 的信件.
附加檔案是一個 ZIP. 內含 product_yours.doc.com, 25,353 bytes, CRC 16C66462, 日期: 2004/3/7 08:09.
PS. 我不用 outlook, 已經被我移除掉了.
PPS. 我沒裝 Firewall & AntiVirus.
贊助商連結
From: [email protected]
To: [email protected]
Date: Sun, 7 Mar 2004 00:09:45 -0800
Subject: what's up?
Received: from msa.hinet.net (host-x-y.resnet.pdx.edu [131.252.x.y]) by mx117.hinet.net (8.8.8/8.8.8) with ESMTP id QAA29481 for <[email protected]>; Sun, 7 Mar 2004 16:06:36 +0800 (CST)
Message-Id: <[email protected]>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_NextPart_000_0012_0000410A.00003222"
X-MSMail-Priority: Normal
Content-Length: 34923
131.252.x.y 的確是我常用的 IP. 是 DHCP assign 的. 可否從這看出是我本地端中毒, 還是別人發 "spoofing" 的信件.
附加檔案是一個 ZIP. 內含 product_yours.doc.com, 25,353 bytes, CRC 16C66462, 日期: 2004/3/7 08:09.
PS. 我不用 outlook, 已經被我移除掉了.
PPS. 我沒裝 Firewall & AntiVirus.
贊助商連結