Yes, that is true...that is why I am using Anti-Spam software to preview all messages directly on the server before downloading them or deleting them. It is recommended that if you are using a server-based Ant-Spam program, like Spam Assassin, that you flag the messages as SPAM (based on intelligent filters and lists - black and friends) rather than deleting them outright.

UPDATE ON SOBIG: The SoBig virus seems to be more evil than security analyst originally thought. It looks like those computers that are still infected by a certain date will send requests to 20 different servers worldwide to download an "unknown program" to the infected computers.

http://story.news.yahoo.com/...ch_internet_virus_dc

So, it's important for all Internet users to make sure that they use Anti-Spam, Firewalls (at the email server level to block IPs), etc.

BTW: The Internet Security Systems (ISS) group has identified possibly IP Addresses of the 20 computers:

-----------------------------------------
Computers infected with the Sobig.F worm are programmed to automatically download an executable of unknown function from a hard-coded list of servers at 19:00 UTC (3:00pm EDT) X-Force is recommending wholesale outbound filtering of the following IP addresses:

67.73.21.6
68.38.159.161
67.9.241.67
66.131.207.81
65.177.240.194
65.93.81.59
65.95.193.138
65.92.186.145
63.250.82.87
65.92.80.218
61.38.187.59
24.210.182.156
24.202.91.43
24.206.75.137
24.197.143.132
12.158.102.205
24.33.66.38
218.147.164.29
12.232.104.221
68.50.208.96

The request method uses UDP port 8998. X-Force also recommends that this port be filtered outbound.
-----------------------------------------

Hope this helps.
========================================
Buh Bye!

Cheers,
Me

Hate to be the web site owner who gets one of those IPs next. =)

Cheers,

Alex
--
Gossamer Threads Inc.

BEWARE of server based spam filter companies, they can use the email addreses they collect to send spam themselves or sell them on.... I read of one company recently that had done just that.



chmod

Ugh...still infected computers out there....been receiving the virus-ridden messages for the past three days...still about 100,000 infected computers worldwide...

BTW: Read in Yahoo! Tech News that another string of the SoBig virus is about to hit the Internet soon.
========================================
Buh Bye!

Cheers,
Me

The current one has another two weeks to go before it self-expires, right? Who knows what the next strand will bring.

- wil

>>>BTW: Read in Yahoo! Tech News that another string of the SoBig virus is about to hit the Internet soon. <<<

If they know this, why the hell don't they do something to stop it getting onto the internet?

Cheers

Andy (mod)
andy@ultranerds.co.uk

---

IMPORTANT: I've now moved to ultranerds.co.uk, and the .com will no longer work!
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package (plugins total "value" $3,325 & rising, for just $350)| GLinks ULTRA Package PRO (plugins total "value" $5,625 & rising, for just $500)
Support Forum | Links SQL Plugins | DMOZ Dumps | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Compare our different Plugin packages *new* Free CSS Templates