Spam??

[yclyde]

I've received several emails in the last couple days that I can't really make any sense of. They all have fairly meaningless (to me) titles and are all about 41kb. I usually delete them off of the server but inadvertantly dl'd the first one. It had a compressed attachment that I looked at with winrar but did not open. It was just a bunch of files and being the first one I received I just flushed it.
Here's a view of the latest 2 off of the server:

X-POP3-Size: 42946
X-UIDL: <200405031935.i43JZXeM010786@mxsf05.cluster1.chart er.net>
Return-Path: <carealot@chorus.net>
Received: from mxsf05.cluster1.charter.net ([10.20.201.205])
by mtai02.charter.net
(InterMail vM.6.00.05.02 201-2115-109-103-20031105) with ESMTP
id <20040503193950.ZFNM2318.mtai02.charter.net@mxsf05 .cluster1.charter.net>
for <xxxxxxxxxxxx@charter.net>; Mon, 3 May 2004 15:39:50 -0400
Received: from charter.net (c68.115.1.45.stp.wi.charter.com [68.115.1.45])
by mxsf05.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id i43JZXeM010786
for <xxxxxxxxxxxx@charter.net>; Mon, 3 May 2004 15:35:34 -0400 (EDT)
Message-Id: <200405031935.i43JZXeM010786@mxsf05.cluster1.chart er.net>
From: carealot@chorus.net
To: xxxxxxxxxxxx@charter.net
Subject: Mail Delivery (failure xxxxxxxxxxxx@charter.net)
Date: Mon, 3 May 2004 14:22:57 -0500
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="----=_NextPart_000_001B_01C0CA80.6B015D10"
X-Priority: 3
X-MSMail-Priority: Normal
X-PM-PLACEHOLDER: .

__________________________________________________ __

X-POP3-Size: 42370
X-UIDL: <200405031935.i43JZJN9072993@mxsf30.cluster1.chart er.net>
Return-Path: <doompa@hotmail.com>
Received: from mxsf30.cluster1.charter.net ([10.20.201.230])
by mtao02.charter.net
(InterMail vM.6.00.05.02 201-2115-109-103-20031105) with ESMTP
id <20040503194310.ILTQ24230.mtao02.charter.net@mxsf3 0.cluster1.charter.net>
for <xxxxxxxxxxxx@charter.net>; Mon, 3 May 2004 15:43:10 -0400
Received: from charter.net (c68.115.1.45.stp.wi.charter.com [68.115.1.45])
by mxsf30.cluster1.charter.net (8.12.11/8.12.11) with ESMTP id i43JZJN9072993
for <xxxxxxxxxxxx@charter.net>; Mon, 3 May 2004 15:35:20 -0400 (EDT)
Message-Id: <200405031935.i43JZJN9072993@mxsf30.cluster1.chart er.net>
From: doompa@hotmail.com
To: xxxxxxxxxxxx@charter.net
Subject: Re: file
Date: Mon, 3 May 2004 14:22:43 -0500
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0016----=_NextPart_000_0016"
X-Priority: 3
X-MSMail-Priority: Normal
X-PM-PLACEHOLDER: .

Is there any way to track this down from the above info?

[osprey4]

You could call your ISP and ask for their help. Sounds to me like someone on your mail list has got a virus of some sort.

[paul9]

first one looks like netsky virus, second one is probably netsky, too. the header SHOULD tell you where it came from (i think the first ip in the header) but with virii having their own smtp (email) engines, nowadays, i don't know how much of the header may be forged. almost certainly the sender (carealot) is forged.

[yclyde]

Prbbly good advice osprey4. I really don't get any spam email to speak of; thats why this recurring bs w/attachments got my attention. I'll try charter. The common 41k size & attachment smells like virus.