Somehow a client infected with the W32/Bagel virus managed to exploit our mailing list. AGAIN. This is terribly frustrating and makes no sense to me at all, I hide the list from all public view by BCCing it, and it isn't present in any SMTP headers at all (at least, not in my copy of them?!) and I'm reasonably sure of the security of our mailserver. But somehow.. the mailing list was used to send out a virus again (note, the virus didn't come from us, but from some random host on ComCast). I'm terribly sorry about this, I hope no one attempts to open the attachment (The "From" is "1028@wp.pl"). The list has been disabled, and I caught it early enough (within a few seconds) to shut down the mailserver and delete it from the outbound queue, so hopefully it didn't go out to too many people.

I thought last time that a virus brute-forced the "guildnotify" list name on our mailserver, by repetitively attempting delivery to random addresses with words.. but this time I named it a completely random string of characters, to prevent that, and it still happened. It must be showing in some mail headers somewhere.. argh.

Again, I apologize to anyone who receives this email. We will never send you any attachments, let alone anything like "joke.cpl".

You are correct John, i have had experience with this kind of thing, and cannot explain as i am modest, but, your mass mail gave no way to do this... Except for the fact that i got an email with the virus attached...

This is no way related to you guys. If it was me attacked i'd be chuffed for the recognition, but its not real funny at this time (just as your 1st release is released?).

Its not realted to your mail. BUT is it possible the mails were sniffed somehow? ie by some ****** that has your mail servers IP?

No, on further examination it appears that our MTA was appending Sent-To information to the headers in certain cases. Not to the emails I received, but apparently the virus guy got one.

In any event, very sorry. It shouldn't happen again.