- NZNOG - lists.nznog.org

[Fwd: Message Stopped by: Junk Mail Inbound]
by Simon Byrnand 23 Sep '03

23 Sep '03

Ok, everyone must have it in for me tonight. I'm off to bed :) Night all.. ;) Regards, Simon ---------------------------- Original Message ---------------------------- Subject: Message Stopped by: Junk Mail Inbound From: admin(a)safecom.co.nz Date: Wed, September 24, 2003 11:17 pm To: simon(a)igrin.co.nz -------------------------------------------------------------------------- The Safecom SMTP Relay has quarantined this email due to the triggering of the Junk Mail policy. The email has been forwarded to the Mail Administrator of the intended recipients company. This Mail Administrator will forward the mail to the recipient should it be deemed as legitimate email i.e not Chainmail, Virus Hoax or Jokes. Message: BB0027f6d5.00000001.mml From: simon(a)igrin.co.nz To: Ivan.Walker(a)hpac.govt.nz Subject: [nznog] Argghhh.... [Fwd: Your e-mail message was blocked] This is an automated response. Do not reply to this message. If you have any further questions please contact the intended recipient to confirm whether they received the email.

2 1

SPAM (Fw: PLEASE ASSIST)
by Dan Clark 23 Sep '03

23 Sep '03

Hi Guys, Just wondering if it is just me that is receiving an influx of these kind of messages relating to offshore accounts and foreign money etc? These used to be common then they stopped, but now they are back. Maybe my SPAM filter has broken. Regards, Dan Clark Network Manager Scarfies.Net Ltd Wickliffe Ltd ----- Original Message ----- From: "JULIUS J BALA" <j_bala2003(a)gawab.com> To: <dan(a)scarfies.net> Sent: Wednesday, September 24, 2003 4:09 PM Subject: PLEASE ASSIST > FROM: DR. JULIUS JUBRIL BALA, > FEDERAL SECRETARIAT COMPLEX, > IKOYI. > > Best wishes of good health and success in your pursuits particularly through my proposal as contained in this letter.Before going into details of my proposal to you, I must first solicit you to treat with the utmost confidentiality, as this is required for its success. > > INTRODUCTION: > > My colleagues and I are senior officials of the Federal Government of Nigeria's Contracts Review Panel who are interested in investing some funds that are presently floating in the accounts of the Central Bank of Nigeria.In order to commence this transaction, we solicit your assistance to enable us transfer into your account the said floating funds. > > We are determined to conclude the transfer before the end of this quarter of 2003. The source of the funds are as follows: During the last military regime,government officials awarded contracts that were grossly over-invoiced to Contractors.The present civilian government set up the Contract Review Panel, which has the mandate to use the instruments of payments made available to it by the decree setting up > the panel, to review these contracts and if necessary pay those who are being owed outstanding amounts. My colleagues and I have identified quite a huge sum of these funds which are presently floating in the Central Bank of Nigeria ready for disbursement and would like to invest some of it for our own purposes. > > However, by virtue of our positions as civil servants and members of this panel,we cannot acquire these funds in our names or in the names of companies that are based in Nigeria. I have therefore been mandated, as a matter of trust by my colleagues in the panel, to look for a reliable overseas partner into whose account we can transfer the sum of U.S.$16,500,000.00(sixteen million,five hundred thousand U.S. Dollars). That is why I am writing you this letter. > > We have agreed to share the money to be transferred into your account,if you agree with our proposition as follows; (i) 10% to the account owner (you). (ii) 80% for us (the panel officials). (iii) 10% to be used in settling all expenses (by both you and us )incidental to the actualisation of this project. We wish to invest our share of the proceeds of this project in foreign stock markets and other business till we are > ready and able to have access to them without raising any eyebrows here at home. > > Please note that this transaction is 100% safe. We intend to effect the transfer within fourteen(14) banking days from the date of receipt of the following information: Your name, company's name, address,telephone and fax numbers . The above information will enable us write letters of claim and job description respectively. This way, we will use your company's name to apply for the payment and backdate the award of the contract to your company. We are looking forward to carrying out this transaction with you and we solicit your utmost confidentiality in its execution. > > Please acknowledge the receipt of this email by replying urgently. Also,endeavour to furnish me with your phone number so that I can call you and bring you into a more detailed picture of this transaction when I hear from you. > > Best regards, > > Dr Julius Bala. > > > >

4 4

Argghhh.... [Fwd: Your e-mail message was blocked]
by Simon Byrnand 23 Sep '03

23 Sep '03

Sigh... Could the owner of this charming little content filter please see if it has an option to NOT reply to messages that aren't specifically addressed to the recipient. (EG messages comming in through mailing lists etc) Or perhaps consider subscribing via another address that isn't filtered. It gets a little tiring to have every second message I send to this list get a bounce from an overactive content filter because it might have "bad words" in it or in this case might be a "hoax and/or chain letter"..... (Huh ??? What in my message looks like a hoax ?) Regards, Simon ---------------------------- Original Message ---------------------------- Subject: Your e-mail message was blocked From: Actionline(a)med.govt.nz Date: Wed, September 24, 2003 11:09 pm To: simon(a)igrin.co.nz Cc: Frank.March(a)med.govt.nz -------------------------------------------------------------------------- MailMarshal (an automated content monitoring gateway) has stopped the following e-mail as it is likely to be a Hoax and/or Chain Letter. Message: B00013c776.00000001.mml From: simon(a)igrin.co.nz To: Frank.March(a)med.govt.nz Subject: Re: [nznog] SPAM (Fw: PLEASE ASSIST) If you believe the above e-mail to be business related please contact Actionline(a)med.govt.nz to arrange for the message to be released to its intended recipients. The blocked e-mail will be automatically deleted after 30 days.

1 0

Re: [nznog] SPAM (Fw: PLEASE ASSIST)
by Jamie Baddeley 23 Sep '03

23 Sep '03

Dan, It might have something to do with what verisign have been doing. The sitefinder service basically validates what were invalid domains. Evil Spammers Who Must Die (tm) now can get the spam through. What's failing is you used to be able to refuse bogus domains. ..or something like that. (although in this case gawab.com appears to be valid) jamie ------- cat 'The Internet'|sed 's/verisign/scum/g' >>> "Dan Clark" <dan(a)scarfies.net> 24/9/2003 4:13:45 PM >>> Hi Guys, Just wondering if it is just me that is receiving an influx of these kind of messages relating to offshore accounts and foreign money etc? These used to be common then they stopped, but now they are back. Maybe my SPAM filter has broken. Regards, Dan Clark Network Manager Scarfies.Net Ltd Wickliffe Ltd ----- Original Message ----- From: "JULIUS J BALA" <j_bala2003(a)gawab.com> To: <dan(a)scarfies.net> Sent: Wednesday, September 24, 2003 4:09 PM Subject: PLEASE ASSIST > FROM: DR. JULIUS JUBRIL BALA, > FEDERAL SECRETARIAT COMPLEX, > IKOYI. > > Best wishes of good health and success in your pursuits particularly through my proposal as contained in this letter.Before going into details of my proposal to you, I must first solicit you to treat with the utmost confidentiality, as this is required for its success. > > INTRODUCTION: > > My colleagues and I are senior officials of the Federal Government of Nigeria's Contracts Review Panel who are interested in investing some funds that are presently floating in the accounts of the Central Bank of Nigeria.In order to commence this transaction, we solicit your assistance to enable us transfer into your account the said floating funds. > > We are determined to conclude the transfer before the end of this quarter of 2003. The source of the funds are as follows: During the last military regime,government officials awarded contracts that were grossly over-invoiced to Contractors.The present civilian government set up the Contract Review Panel, which has the mandate to use the instruments of payments made available to it by the decree setting up > the panel, to review these contracts and if necessary pay those who are being owed outstanding amounts. My colleagues and I have identified quite a huge sum of these funds which are presently floating in the Central Bank of Nigeria ready for disbursement and would like to invest some of it for our own purposes. > > However, by virtue of our positions as civil servants and members of this panel,we cannot acquire these funds in our names or in the names of companies that are based in Nigeria. I have therefore been mandated, as a matter of trust by my colleagues in the panel, to look for a reliable overseas partner into whose account we can transfer the sum of U.S.$16,500,000.00(sixteen million,five hundred thousand U.S. Dollars). That is why I am writing you this letter. > > We have agreed to share the money to be transferred into your account,if you agree with our proposition as follows; (i) 10% to the account owner (you). (ii) 80% for us (the panel officials). (iii) 10% to be used in settling all expenses (by both you and us )incidental to the actualisation of this project. We wish to invest our share of the proceeds of this project in foreign stock markets and other business till we are > ready and able to have access to them without raising any eyebrows here at home. > > Please note that this transaction is 100% safe. We intend to effect the transfer within fourteen(14) banking days from the date of receipt of the following information: Your name, company's name, address,telephone and fax numbers . The above information will enable us write letters of claim and job description respectively. This way, we will use your company's name to apply for the payment and backdate the award of the contract to your company. We are looking forward to carrying out this transaction with you and we solicit your utmost confidentiality in its execution. > > Please acknowledge the receipt of this email by replying urgently. Also,endeavour to furnish me with your phone number so that I can call you and bring you into a more detailed picture of this transaction when I hear from you. > > Best regards, > > Dr Julius Bala. > > > > _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

1 0

Netlantis -- seeking for sponsors and peers
by Pascal Gloor 22 Sep '03

22 Sep '03

Hello .nz ! Perhaps some of you already heard about netlantis... The purpose of the netlantis project is to offer "human readable" output of the global BGP table status (as most realtime as possible, most of the time <2 min delay to reality). There are different tools on the website you can discover by yourself. There is also a whois and a telnet interface. We're actually running 5 RouteCollectors (including one in common with the RIS project of RIPE NCC), 2 in USA and 3 in Europe. There should be a new RouteCollector soon in south africa and one in greece. We've got now 78 BGP peers (including large and small ISP from all around the world), which makes almost 7'200'000 prefixes stored in the central database. Netlantis has been presented at the last RIPE meeting in Amsterdam, NL http://www.ripe.net/ripe/meetings/ripe-46/presentations/ripe46-routing-netl… Netlantis will be presented at the next SWINOG meeting (22oct 2003) in Bern, CH Indeed netlantis is FREE and only done by private people investing their free time, there is nothing to buy nor to sell at netlantis :-) Now, and that's why I mail you, I'm looking for sponsors in NZ. The "best" would be to have a RouteCollector on the APE lan. A typical RouteCollector is a P3 1Ghz with 1Gbyte of ram. The sponsors will be, indeed, listed on the netlantis.org website and in any presenation of netlantis. But hosting a RouteCollector at an ISP is also possible. For people who would like to peer with netlantis, please fill up the form at http://www.netlantis.org/index.html?menu=5&page=newpeer If you have any question / remark / ideas for new tools / whatever, feel free to drop me a mail or reply to the list. Kind Regards, Pascal Gloor The Netlantis Project

1 0

Could be of some use to stop Swen
by Juha Saarinen 22 Sep '03

22 Sep '03

vbl.messagelabs.com Seems to catch quite a few here, but not of course the ones sent from ISP smarthosts. -- Juha Saarinen

1 0

RE: [nznog] Verisign grabs *.net and *.com
by Robert Purdy (DSL AK) 21 Sep '03

21 Sep '03

Quick question - If you don't implement a patch are you leaving yourself exposed to a DOS attack? A simple perl script enumerating random domains and digging at an ISP server could probably fill a DNS cache over a period of time. (It would eventually fall over I guess...) Rob -----Original Message----- From: Nic Bellamy [mailto:nic(a)bellamy.co.nz] Sent: Wednesday, 17 September 2003 10:25 a.m. To: nznog(a)list.waikato.ac.nz On Wed, 2003-09-17 at 09:29, Joe Abley wrote: > > On Monday, Sep 15, 2003, at 23:58 Canada/Eastern, Juha Saarinen wrote: > > > Brent McDowell wrote: > >> For those of you who use djbdns, a patch has been released that > >> rejects A records that resolve to 64.94.110.11. It'll return > >> NXDOMAIN. > >> http://tinydns.org/djbdns-1.05-ignoreip.patch > > > > Anything for BIND 9? > > I am told an official patch is being tested right now. In the interim, there's a patch floating around for bind9 - haven't found an official site for it, so I've chucked it up at: http://www.bellamy.co.nz/stuff/bind9-antiverisign.patch I can confirm it Works For Me(tm) (even if it's done in a rather ugly manner). Cheers, Nic. -- Nic Bellamy <nic(a)bellamy.co.nz> Bellamy Consulting (NZ) Limited. +64-6-377-4957 Mobile: +64-21-251-8954 Internet Software & Security Consulting -- http://www.bellamy.co.nz/ -- _______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

4 3

Re: [nznog] Iworm.Swen
by Ewen McNeill 21 Sep '03

21 Sep '03

In message <001501c380a4$fe004bd0$fd00a8c0(a)morpheus>, "Matthew G Brown" writes: >Is anyone seeing large influx of Iworm.Swen & >Exploit.IFrame.FileDownloadMessage over the last few days. Im getting >over 200 a day, All for some reason addressed to me , very few to any >other users. The discussion in ASR suggests that it's mainly grabbing addresses to use from Usenet archives/news servers. So people who have posted frequently are getting considerably more than those who haven't. I'm blocking perhaps 100/day at present (due to their included Microsoft Executables). Some people in ASR were getting many dozens per _hour_ (I think one person was seeing hundreds per hour), so I'm grateful that this one doesn't seem to have hit me as hard as SoBig.F was (I was seeing thousands of copies of SoBig.F per day). Ewen

2 1

Re: [nznog] Iworm.Swen
by Mark Davies 21 Sep '03

21 Sep '03

From: Ewen McNeill <ewen(a)naos.co.nz> Date: Mon, 22 Sep 2003 13:14:59 +1200 > Some people in ASR were getting many dozens per _hour_ (I think one > person was seeing hundreds per hour), so I'm grateful that this one > doesn't seem to have hit me as hard as SoBig.F was (I was seeing > thousands of copies of SoBig.F per day). We threw away 4500 over the weekend, mostly to two particular addresses, but a sprinkling to others. Don't know why those two addresses were so hard done by. mark

1 0

Iworm.Swen
by Matthew G Brown 21 Sep '03

21 Sep '03

Is anyone seeing large influx of Iworm.Swen & Exploit.IFrame.FileDownloadMessage over the last few days. Im getting over 200 a day, All for some reason addressed to me , very few to any other users. I seem to be the only one I know having this problem, I feel very special. Best regards Matthew G Brown B & R Holdings LIMITED Nelson, New Zealand DDI: + 64 3 544 9116 MOB: 027 4807731 http://www.brh.co.nz http://www.backupserver.co.nz

3 2