MyDoom

[Gene C.]

The Red Hat mailing lists have always been pretty good about filering out spam 
and viruses.  However, this MyDoom thing looking like it is sneaking through.  
looking at the message headers, it appears to me that Red Hat external 
sendmail may be set up to accept mail from the outside without filtering if 
it is from a valid @redhat.com user.

I have not taken a look at these messages except for the last one but it 
appears that it is faking out the Red Hat sendmail server by telling it the 
host is redhat.com even if the ip address and reverse lookup do not match.

Besides using lots of bandwidth, this one must be driving all of the ISPs and 
companies nuts if it is getting through Red Hat's systems given prior history 
of being able to block this stuff.  Lots of aggravation of lots of folks.

BTW, should this stuff be cleaned from (removed from) the archives since it is 
archiving lots of copies of of this virus which could bite unwary users.
-- 
Gene