Re: possible virus (header has xxx-1 in it)

Danny Yee (danny@STAFF.CS.SU.OZ.AU)
Mon, 5 Dec 1994 17:47:05 +1000

> Apparently a virus may be circulating on the Net. If you receive any
> mail (other than this message :-) ) with xxx-1 in its header, delete
> it quickly and make sure you didn't pick up a virus.

Unless you are running some kind of fancy (MIME compliant) mailer,
there probably isn't any way a piece of mail can hurt you. So I
don't think there's *any* piece of mail that can go through a
standard sendmail implementation and do damage when accessed with a
vanilla Berkeley mailer. (Excepting the possibility of emotional,
psychological, or cognitive damage, of course :-)

And if you don't actually *read* the mail, there should be no way
any it can damage you, regardless of the mailer you are using.
[ I won't *guarantee* this; there are probably some really idiotic
mailers floating around. Heck, all it takes is a line of code meaning
something like "if header contains xxxx-1, remove all accessible
files", and I wouldn't put it past someone to have put that in as a
debug option (cf. sendmail :).]

On the other hand, if you get sent something that's uuencoded or
binhexed or suchlike, DO be careful about unpackaging it (much less
executing any resulting files!).

Danny Yee.


If you have received any High Protocol packets from the Beyond in the
last 17 hours, they should be discarded at once. If they have been
processed, the systems involved should be destroyed. We realise that
this may mean the destruction of whole solar systems, but consider
the alternative...

[ a rough quote from Vernor Vinge's _A Fire Upon the Deep_ ]