Reader Comments

"A new email virus dubbed MyDoom is rapidly spreading across the Internet via UNIX mail servers" What the hell are you talking about? This virus doesn't care whether your mail server is Unix based or windows based. The mail server is completely irrelevant. What is relevant is that only Microsoft Windows clients are affected. Not Unix. Not Mac. While I assume a bias at Windows & .NET Magazine, blaming Unix mail servers for a Windows virus is ridiculous. Editor's note: Ah, right. The attack first targeted UNIX servers, and the virus affects Windows PCs, as I reported. --Paul

"A new email virus dubbed MyDoom is rapidly spreading across the Internet via UNIX mail servers..." Normally I wouldn't comment on something as blatantly stupid as this (..."via UNIX mail servers"), but come on...this thing got through our Windows server at work this morning. You're trying to be cute but it just falls flat. Honestly, Paul, can't you just report the facts? Why do you have to be the FOX News of the Internet? Also, your advice that "Email users are thus advised not to open attachments from sources they cannot verify" is excellent but again--if the e-mail address is spoofed or if it IS from a trusted, verified source, you can hardly blame the user. Our mail server blocks .EXE, .SCR, .PIF and other extensions from getting through, but .ZIP? Come on. A .ZIP file from a known source is hardly suspicious. It certainly doesn't justify you calling Windows users ignorant and "out-to-lunch". Oh, and one more thing. Our antivirus software (updated automatically by M*A*** corporation-wide) failed to catch several instances of this virus as well. Looks like everyone fell down on the job. Again.

Once again Paul is ahead of the curve. "UNIX email servers" spreading a virus?? Are you serious??? The UNIX servers are backend Internet transport servers, moving email based on DNS MX records. You make it sound like this is a UNIX worm. It is another Windows worm. The bias of this site is unreal. Windows Magazine should be ashamed to print this drivel.

"...spreading across the Internet via UNIX mail servers..." Funny. Everything I've read about MyDoom indicates that it is server-agnostic, as are most trojan horses. Or is this just this week's attempt to turn an informative article into a troll by adding one little word. (See also: "superior")

>"Email users are thus advised not to open attachments from sources they cannot verify." OH NO. I really cannot hear this any more. If the worm spreads using the user's address book, chances are the receiving person *can* verify the source. It's not the big bad wolf that's sending you the worm, it's much more likely to be your best friend. Geez.

Nice comment about UNIX servers Paul. Don't you think it's akin to blaming the sea for an oil slick though?

I just helped one of my colleagues get rid of the new MyDoom worm on her Win2k box. It made registry changes without her knowledge or authorization (other than her mistake in expanding a bogus zip file). I have yet to encounter an email attachment or application (for that matter) that can gain access/make changes to the core system in Mac OS X without passing authentication. I am that system's administrator, and still can't damage the X core unless I purposely enable root. It seems that most Windows users don't even know when their Registry has been borked by some script kiddie. And Bill Gates has the stones to assert that Windows is something more secure than swiss cheese?? Hmmm....

useful article, we are a very small company in bournemouth, england, we were attacked at least 200 times in an 8 hour working period whilst on line, this amount of virus attacks is new to us, our last virus stuck us with half that number. Keep up the info, we need it. Thanks.

"is spreading rapidly across the Internet through UNIX mail servers" *ROTFL* Oh those pesky Unix mail servers spreading virus to poor little Windows systems. Bad Unix. Bad, bad Unix! *LOL*

It's very curious to me why you included the phrase "through Unix mail servers" in your article. Note that CNet's coverage doesn't mention that little tidbit, nor does CNN's coverage. You're obviously trying to insinuate something without providing any evidence; why not be more direct and write what you really mean?

Paul's usual (lack of) thoroughness shows: • Mydoom doesn't spread solely through "UNIX mailservers": it spreads via it's own built-in Windows-based SMTP server that communicates with whatever platform the recipient's email server uses, be it UNIX or anything else. • Mydoom has at least 3 different body messages, the one mentioned is only one of them. As with platform issues (my main exposure to Paul's nonsensical ramblings), his lack of research and silly off-the-cuff remarks apparently infect all of his writing.

So I'm wondering why its necessary to mention that this is spread though UNIX mail servers? If I am using a mac or a windows box as my SMTP server it won't send this particular email?

"Spreading rapidly across the Internet through UNIX mail servers" - Flamebait if I ever saw it... Editor's note: Yeah. Or, maybe it's because they attacked SCO first. Geesh. I hightlighted the fact that the virus attacks Windows PCs. --Paul

Paul, I have to agree with Romosapien. I initially thought, "Wow! Isn't this a virus that targets windows? I didn't know it was a UNIX virus!" I agree with you that you do make it clear, later in the article, that it targets windows computers; but what is the reason for saying "... through UNIX mail servers..." at all? Wouldn't writing, "through mail servers" be more accurate? Your choice of words certainly gives the initial connotation that this virus is being spread ONLY through UNIX. Editor's note: We're working on instant publishing time here. It was just a poor choice of words based on a mismash of ideas that wasn't phrased correctly. I'm not going to change the original--God knows what I'd be accused of then--but I have addressed this in the feedback several times. --Paul

Hi, ¿any idea on which ports will try to use? Tks. AN

I'm intrigued by the reference to "UNIX mail servers". What's the significance of the UNIX mail servers to this story? Aren't Exchange servers also passing along this virus via email? If not, then I'd love to know about this so it can be pointed out to all the "Linux is the answer" people who come out of the woodwork each time a virus spreads rapidly.

I also didn't understand why the UNIX mail server statement was put in there. It really has nothing to due to the worm. Considering most all mail servers out there are "UNIX" I guess you can consider any mail worm is spreading rapidly across the Internet through UNIX mail servers

unix servers my foot. I've seen the virus being sent from EVERY type of server in the last 36 hours. I've got thousands in quarantine from every source you can think of. Mac, as/400, HP/UX, etc.. Maybe it was FIRST found on a unix server but at this point if it is a MTA it helps spread it.

Thanks for the notice. However, I received the email last night before this email appeared in my Inbox. Luckily I was aware of the virus and didn't open it. Keep notifying people as soon as possible. Keep up the good work.

I don't think it was fair to single out UNIX mail servers at all. In fact, this virus acts as its own SMTP server ( http://securityresponse.symantec.com/avcenter/venc/data/w32.novarg.a@mm.html )

Paul, I always read your (and many other)newsletters, and obtain some good information from time to time. This is the first time I've ever read a readers "comments" section. I just can't believe some of the childish comments made because of your UNIX statement. I read it, understood what you meant, and moved on to the rest of the article. I get so tired of the BS between different "platform deciples". If less time was spent "posturing" and more time actually working, possibly our (IT) industry would regain some of it's lost luster. Editor's note: Thanks. Now imagine me having to post all of these things. I love that I'm perceived as "anti-UNIX" because I write for Windows & .NET Magaazine. --Paul

Your article is factually incorrect. It is in fact spreading through any SMTP server it can get. There is no restriction to Unix mail servers. Editor's note: As I've noted numerous times, that's correct. The attack originally targeted SCO's UNIX mail servers and spread from there. --Paul

But does the worm have some characteristic that means that only Unix mail servers will spread it? If not, the phrase "Spreading rapidly across the Internet through Unix mail servers" seems misleading. Why mention the operating system of the mail servers unless it's relevant? And if it is relevant, please explain, because I've never heard of an e-mail worm that is sensitive to the operating system of the smtp servers it encounters.

"... spreading rapidly across the Internet through UNIX mail servers," WinNetMag Management & Sr. Editors, Please get rid of Paul; His reporting lacks judgement, facts and reason. As a professional, I pick the best technology for the job at hand. Baseless sniping has no place in our world; there really is no room for error. Paul's childish comments are more at place in the reviews of video games and b-grade horror movies. I respect his opinions; everybody has them. But opinions are opinions. If your editors are basing their decisions on opinions alone, then I need to find a more professional magazine to read. Thanks

Actually, he's right. Every exchange server on the planet has been down since it really hit.

What a load! I too find it interesting that the virus attacks your OUTLOOK address books, etc. Since I don't use Outlook (I use Evolution) I didn't have any problems with this virus. I suppose the fact that I use 100% Linux also has something to do with that. Spread through UNIX server...give me a break Paul. Get your facts right and stop trying to mislead people.

Is there any port opened or attacked by this virus?

What does the DDOS against SCO have to do with your unsubstantiated insinuation concerning UNIX mail servers? Guilt by association, I guess. I do give you credit (sincerely) for the content of the rest of the article.

So what, then? Microsoft Exchange can't transmit this worm? Good gh0d, man, what were you thinking when you wrote that? Flamebait is right! That reference is completely gratuitous and misleading. Editor's note: Or it's just poorly written. Again, no slight was intended. --Paul

"attack on SCO Group, the UNIX copyright holder that's now suing various Linux companies for copyright infringement." I think Novell has some dispute about that. Also, what does that have to do with the virus, I was delivered the virus from a windows mail server. How much did M$ pay you to say this. Your credibility just went to zero.

"It's spreading rapidly through UNIX mail servers"... Huh. Could it be because over 80% of professional messaging administrators don't trust Microsoft with our Internet facing mail servers for security, precisely because of rapidly spreading worms such as this? And why? Because mail clients such as Outlook make it simple for users to open worms and be infected. Pine clients are being infected. Mutt clients aren't being infected. It is WINDOWS clients that are being infected. Second, my qmail servers in the DMZ have handled this worm storm just fine. It was one of my key Exchange connector servers that stumbled under the load of badmail getting dumped, that filled one of the hard drives, bringing the server to a screaming halt, stopping the queue in its tracks, and thus, mail started to slow down in all directions as it had to route around the stopage. UNIX mail servers my ass you fool. Flamebait, huh. Well, it worked.

"A new email virus called MyDoom is spreading rapidly across the Internet through UNIX mail servers" and all Echange servers to.....

Oh, come now! What on earth has this email virus to do with UNIX? It's true that there are unix email servers that will treat this just like any other email, and it's true that there are other platforms doing the same - for example, windows. I see no reason to single out unix in this bulletin. The virus host is windows, the target is windows, and it may only affect people who use MS Outlook of some kind or another. The only role that unix plays is that the unix machines are just doing their job, and forwarding emails. I suppose that internet routers are also involved in forwarding the emails, but I don't see cisco being singled out for treatment.

Amazing… an email so smart, it can actually select the OS of the mail server that transports it. This guy is GOOD

Additionally besides the fact that WINDOWS MAIL SERVERS also pass the Virus and the word UNIX should be removed from the article as it has ZERO value (should say MAIL SERVERS) this line is equally wrong. Email users are thus advised not to open attachments from sources they can't verify. The emails can just as easily come from TRUSTED USERS. They should not open any attachments that they are not expecting. Like send an email back and ask Did you send me an attchement just now???

"Spreading rapidly across the Internet through UNIX mail servers" - yeah that made me raise an eyebrow too and I don't even have a UNIX server in my office.

What are you talking about. "through UNIX mail servers"? It didn't hit UNIX 'first', or anything else. It's programmed to do a DDoS attack on www.sco.com on Feb 1, but that's the extent of it's relationship with UNIX. It's an uninteresting e-mail worm that installs a keylogger, allows remote control over the infected machines, and just happens to have a payload of a DDoS attack on a company that's been in the news a lot in the past few months. Aside from the fact SCO is a UNIX vendor, I see no connection to the virus and UNIX.

"Editor's note: Yeah. Or, maybe it's because they attacked SCO first. Geesh. I hightlighted the fact that the virus attacks Windows PCs. --Paul" Can you clarify this? It's not very clear what you're trying to say. It sounds like you're saying that this attack originated from Unix mailservers. I haven't seen anything anywhere else indicating this is the case though. Editor's note: The original attack targeted SCO's UNIX servers. --Paul

Author should get his facts correct! If the UNIX server had its anti-virus up to date and most are done automatically the mail was trapped!!! Windows Mail Servers are another story that is why we no longer use them!!!

Good Morning, I came to the conclusion that this article is tendencious to say the least, so Mr. Paul Turrot the worm spreads through Unix Mail servers ... I can tell you it spreads just as rapidly by Exchange and other Win like e-mail servers, how came did you draw such conclusion.

You are kidding! Only unix mail servers are forwarding it? Must be because they handle 99% of mail. What are the windows mail servers doing? Editor's note: The attack started with UNIX mail servers. Relax, it wasn't a dig. --Paul

Thanks for the article, Paul. I'm still amazed at how many people open attachments these days, too, but it's kind of easy to see since forged senders are so common now. If it looks like an email from someone you know and trust, us humans will usually open and run anything attached. ;) Anyway, I was curious as to why you felt the need to state that the Mydoom attack was spreading rapidly across the internet through Unix servers? It's spreading through Linux servers, Windows servers and every other OS mail server out there. Seems like you're trying to make it seem like this is a problem unique to and caused by only Unix servers... My .02 and thanks for reading, Bradman

"Update: When originally published, this article stated that MyDoom spread through mail servers of a specific operating system. In fact, the worm will spread through any mail server, regardless of operating system. The article has been corrected. WinInfo regrets the error." There. Now, all you have to do is delete the phrase "through UNIX mail servers" from the original article, and append the correction to the end, and this chronic pain will go away. Readers should not have to wade through the comments to get a correction.

Hi every one: many of my users have been recieved since yesterday this worm. i ´m worried because in many machines, (even in mine) when this mail has received & previewed in outlook (i havent identified yet if is only in outlook 2000/XP)when the user change a other message appears a popup asking for saving changes. Does the worm infect the system even with out opening an attachment? what do u think boys?

Your statement implies that UNIX servers are solely responsible for the spread of this virus. I would hope such misinformation is due to a lack of knowledge rather than a deliberate maliciousness... I know of several peoople who were infected through Microsoft Exchange mail servers... so I know that statement is at best simply lacking in sufficient content to be trustworthy.... shame on you!!

Unbelievable EVEN Paul's corrections are wrong. NOW he says: Editor's note: As I've noted numerous times, that's correct. The attack originally targeted SCO's UNIX mail servers and spread from there. --Paul This is wrong again. The Virus will eventually attack SCO after it has spread. It did not originally target SCO. How can the publishers of WinnetMAG allow this guy to continue writing this dribble. Get a real tech to act like a real tech. This guy is supposedly talking to IT professionals and we are sick of it!!!! Is that not clear from the comments?

Wow. I really hope you don't use technology above the level of a can opener for anything. I haven't seen such a blantant marketing lie since the last time I watched fox news. MyDoom spreads *only* from infected Windows machines. It is a windows based virus and happily uses Exchange servers to relay it's messages. That's how SMTP works.

Unix mail servers spreading the virus? Riiight. In fact, open source email servers running on unix were the first to come out with patches that would detect the virus and stop its spread.

To suggest that UNIX mail servers are the cause of the infection is irresponsible. Just ask those infected sites that only have Exchange servers, how they managed to get infected.

Of what relevance the mailserver type?

Hi Paul, I believe you are an idot. What exactly do you mean by spreading through Unix mail servers? I'm curious because MyDoom is a Win32 executable, so how exactly does it infect UNIX? Paul, you are definately an idot.

Of course Unix servers are used for Email. Who would even think about connecting Exchange to the internet. And it's interesting to note that SCO has not sued anybody concerning copyright infringement. SCO has only sued IBM concerning a breech of contract.

Paul, in the comments you make trying to defend your initial 'UNIX mail servers' comment you said that the worm attacked SCO's mailservers first. That is also wrong! The worm is only set to DDOS SCO's web server (not mail server) from 1st Feb, so if it went anywhere near SCO's servers before that it was just the normal spreading of the worm. So the only way it would have went near SCO's servers first is if they'd written the thing (which is possible - because they are trying to give the impression all Linux users are evil hackers)

People please… UNIX, the industry staple, preferred email hosting solution… perhaps. Flaming on a misdirected, yet open ended comment implicating UNIX email servers as the origin/cause of this outbreak… understandable. Circling the wagons when a harmless, subconsciously bias, somewhat misinformed comment unfairly suggests that UNIX based servers were the root cause for this outbreak… flat out silly. Move on already!! If we spent as much time monitoring/maintaining our gateways and servers as we did pounding the keys to defend against a benign slight of all things UNIX, we’d all have a lot less to write about. JC

When you say that"is spreading rapidly across the Internet through UNIX mail servers" you seem to imply that it is UNIX's fault that the virus is spreading, that is like blaming the construction workers who made the roads because a bunch of bank robbers got away, perhaps instead you should look to the police who were asleep on the job.

Odd, that... I've been getting more copies of this worm through infected MS Exchange machines than I have UNIX machines. Did MS pay you off to accuse only UNIX servers? It'd be typical of them, you know. But you did say one thing right, that being the end users being "surprisingly uninformed when it comes to the dangers of opening attachments." Of course, this is still a Windows problem, seeing as how UNIX-class systems don't have the shoddy security model of Windows, and wouldn't have allowed a rogue program like this to proliferate.

Perhaps you missed the real target of this worm... all us people trying to avoid spam. That's right... not only does this DOS the SCO website, it also turns the infected machine into an open relay for the spammers to use in delivering their usual garbage. The DOS attack component is just a smokescreen. But I'll bet you were too busy bashing UNIX to notice.

When you said "through UNIX mailservers", did you mean that the Mydoom.A worm only spreads through those, or did you mean that there are only UNIX mailservers on the net? Or, did you simply mean to say that mailservers running on operating systems other than UNIX aren't used out on the internet, or are you simply trolling? Are mailservers not running UNIX somehow magically able to stop the worm with no further effort? I run two mailservers, one Exchange 2000 and one qmail server running on "UNIX". Both of them have stopped loads of MyDoom.A mails. I fail to see the relevance of the mailservers underlying operating system in your article, and I hope you do too.

Does your explicit reference to UNIX mail servers in some way insinuate that MS Exchange servers are somehow immune from forwarding this virus?

from an earlier post "Editor's note: The original attack targeted SCO's UNIX servers. --Paul " No the origional attack was against www.sco.com which at the time was a linux server. "A new email virus called MyDoom is spreading rapidly across the Internet through UNIX mail servers," Again NO. This virus is spreading because of windows users running attachments without thinking (Or is that windows making it far too easy to run anything?!) which in turn is causing the virus to look up on the windows users computer all the addresses within their outlook client. This virus has it's owm SMTP code to start spreading the virus. I wish all the journalists that have been covering the whole SCO/IBM/Linux farce would do some investigating. After all you are supposed to give the news as un-biased facts allowing your readers to make their own minds up on the truth?!?

Can you be any more biased? Email worms spread via mail servers, and just because most mail servers are Unix doesn't mean its Unix's fault. Why don't you mention the real vector, Microsoft's email clients, which don't warn you when you execute attachments? Next, security experts suspect MyDoom was spread by Russian spammers, with the SCO DDoS as a red herring. Also, SCO has not sued anyone for copyright infringement. They sued IBM for breach of contract and improper use of "methods and concepts," and they sued Novell for slander of title (Because Novell says it owns SysV UNIX). They have only made copyright claims to the media, and what little evidence they've provided has been shown to be false.

To quote from Slashdot.org: spreading rapidly across the Internet through UNIX mail servers Well, of course. You can't expect exchange to be powerful enough to meet the email demand. You need a quality, robust unix server!

Um, why do you say it's UNIX mail servers that are spreading this? It's ALL mail servers, but more importantly, it's a direct result of Microsoft Outlook and Outlook Express allowing scripts to read an entire addressbook and resend mail out to the people listed in them. Please be more accurate in your "reporting"...

>A new email virus called MyDoom is spreading rapidly across the Internet through UNIX mail servers... Given these facts: 1) MyDoom is an email flood originating from compromised Microsoft Windows installations. UNIX systems are not the source. 2) There is no OS-dependency or even OS influence for mail passing over your server, relating to this virus. Mail is mail. You may as well imply it's due to a certain kind of Ethernet cables. You sir do not speak the truth. I'll compliment you by saying you are competent enough to know the spirit of what you say, is a misleadingh disservice to your readers. Do you reall feel so threatened by UNIX that you'll put your name on a lie? Someday you may be looking for a job. I hope this does not hurt your chances.

"...through UNIX mail servers" -- clever, Paul. It's a MICROSOFT-SPECIFIC VIRUS that targets WINDOWS, takes advantage of weakenesses in MICROSOFT SOFTWARE and runs only on WINDOWS. Not that you care.

Nah. He has a point. Microsoft Exchange mail servers never stay up long enough to actually send mail.

Your Comments (required):Spreads because of UNIX, eh? Amazing what passes for "journalism" on the Web. Well, perhaps that's why Mr Thurrott is writing for a pitiful little site, rather than a proper publication; such dodgy statements would cost you your next commission. Oh dear. Oh dear, oh dear.

"A new email virus called MyDoom is spreading rapidly across the Internet through UNIX mail servers..." Only UNIX mail servers? Hardly. It'll spread via any mail server, regardless of operating system.

> through UNIX mail servers through ALL mail servers ... Windows included !

You have got to be kidding right. The implication that UNIX systems are somehow responsible for the virus is laughable! UNIX machines do carry the virus, but only because they serve most of the mail, not because they have anything to do with this virus! I am sure these ongoing attacks directed toward win32 machines is getting old. (They are for me.) Stooping to this level lost you a potential reader... The rest of the article was informative, and would be more appreciated without that little bit of sour grapes tacked on to the beginning.

why do you write "Unix Mailservers"? Don't you know that these viruses are transported by ALL Mailservers (Windows/Unix) alike? Mailservers don't check for viruses without additional software, duh.

>Editor's note: Ah, right. The attack first targeted UNIX servers, and the virus affects Windows PCs, as I reported. --Paul Sorry, but this still is plain stupid. > The attack first targeted UNIX servers The first target was sco.com no matter what webserver/OS is running there. No UNIX mailservers are involved in this, other than they were doing their job in delivering mail. Just like any other mailserver. > and the virus affects Windows PCs This is true, like it always seems to be. >as I reported. --Paul Yes you did, falsely. Lack of knowledge or biased journalism, it really doesn't matter. You simply are wrong and you are loosing reputation on this!

Please get your facts correct. In your replies to several readers comments you state that this virus first attacked SCO's email servers. That's just plain wrong. This virus does CONTAIN a DDOS attack against SCO's web site that was seheduled to start today (Feb 1) but that is several days after it started spreading and there are reports that it may not actually work. So far the best evidence is that this virus first started spreading in Russia but even that is not certain. In addition you claim that SCO has sued Linux vendors for copyright violations but that is also incorrect. Despite lots of bluster in the press SCO has not sued ANYONE for copyright violations. They did sue IBM but their claim (in court) is limited to contract issues, not copyright. I'd suggest that rather than hiding your corrections in the readers comments section of the web site you actually correct the article and if necessary include a note at the bottom stating that you have done so. You've obviously had it made clear to you that the "UNIX mail servers" bit is misleading and it's irresponsible to INTENTIONALY leave a misleading article up rather than correct it.

So this virus differentiates between UNIX and non-UNIX e-mail servers? I can't figure out how this would be possible as you'd think most UNIX e-mail servers implement standard SMTP. Strange.

About 60% of all MyDoom contaminated mail I received comes from Exchange servers and I have proof of it. 100% of the infected machines are Windows... do you know why? Well, the virus spreads thru *any* mail server, including Exchange. But it requires a Windows client for being spreaded (i.e. Outlook or a Microsoft insecure operating system), No Apple, Unix or Linux computer is infected, nieihter need an antivirus. The notion that it's all about Unix seems to me plainly malicious or a poor excuse of Microsoft faults on its design. Damn, Paul, it's not religion, it's not a matter of faith, but simply merits (or lack of) on operating systems, and it's really a pitty your defense is so childish.

1 ANY mail server. Regardless of operating system. 2. Unix copyrights are subject to a legal battle between Novell and SCO group... where have you been hidding, Paul? 3 What are you doing writing plain uninformed matter on an otherwise serious magazine? 4 My IE 5 crashes when I try to read the article. So I had to use Linux.

This is truely a good example of horrible journalism, misinforming the public that only "Unix" servers spread the virii. A little known fact ALL MAIL SERVERS ARE AFFECTable.

As paksdm said, the reason that it is spreading through UNIX mail servers is that most mail servers run UNIX for stability. However, Microsoft servers also spred the virus simply because it is just an email. However, the real problem is that the recipients are running Windows, which executes the program when they open the attachment.

Paul: I don´t know were you get the information but, We have a WINDOWS virus spreading over the net. It's one thing to be wrong, but to twist words in an information-related profession is just plain *damning*!

UNIX servers, huh? Are you saying this Windows virus is all SCO's own fault ? ;)

The note about UNIX propogating the MyDoom virus has some truth to it; if all Internet e-mail systems ran Microsoft Exchange it would never be an effective means of distributing anything.

"spreading through unix mail servers" ? The implication is that somehow unix is responsible for the spread of this virus. This shows about as serious a bit of ignorance/stupidity as I've ever seen about the way the internet works. Before you post such nonsense, take a few minutes and learn a bit about how things actually work.

Fred - Submitted On: January 29, 2004 You are kidding! Only unix mail servers are forwarding it? Must be because they handle 99% of mail. What are the windows mail servers doing? Editor's note: The attack started with UNIX mail servers. Relax, it wasn't a dig. --Paul Lance's note: Paul, It's apparent by that statement you know which mail server this virus originated from, why don't you claim the $250,000 reward for this information?

Yes, it spreads through UNIX mail servers .. In fact as well as any other mail infrastructure (including Exchange). But it ONLY comes alive on Windows systems. I could (although I wouldn't) click all I ever wanted on it - nothing would happen.

It's comforting to see that only UNIX mail servers can spread this virus, I will contiue to be happy with my Exchan[NO CARRIER]

You were way off with the UNIX comment...MyDoom spreads through any kind of mail server, and across Kazaa. In fact, being a windows virus, unix isnt at all affected

Your article is a pack of lies, FUD and misinformations. How much Microsoft paid you to write this kind of things? Just to know...

"A new email virus called MyDoom is spreading rapidly across the Internet through UNIX mail servers" Obviously, what the writer wanted to point out, is that only UNIX mail servers could hold the load of such a mass mail infection. Microsoft Exchange server allready crashed during the first minutes as the traffic increased, unable to cope with the high bandwidth needs. Mr Thurrott, please be more serious in your next articles.

Agreed with paksdm. You are an idiot, what do Unix mail servers delivering malicious Win32 code to unprotected and ignorant Windows user running with Admin priviledges have to do with each other?

MyDoom is spreading rapidly across the Internet not through UNIX mail servers but through users still using this crappy thing called Outlook.

you guys are mad. there are no unix virusses and you know it.

Aside from the stupid UNIX comment (it did NOT target UNIX mail server's first, Paul), I also find this comment rather silly: "Email users are thus advised not to open attachments from sources they can't verify." This advice is just useless nowadays. Many emails with viruses attached DO come from people you know.

Obviosly this author does not know what he is talking about, by his statment that the virus is spreading through unix mailservers. he is trying to put the blaim on unix, rather than windows which is the source of the spread of the virus, remember people who open the email on no windows machines have nothing to fear. Please acknowledge that it was windows users idiotness, as well as windows lack of proper permissions, that has been resposible for all the major SMTP based spreading viruses in the world. There is no point in blaming unix, as any smtp server including the precious micosoft exchange servers will spread the virus. I also challenge you that if you really value free speech to publish this letter. Personally I think in order to protect the above mentioned articles authour you will not publish this.

" Editor's note: As I've noted numerous times, that's correct. The attack originally targeted SCO's UNIX mail servers and spread from there. --Paul " You have that 100% backwards. The attack is aimed at SCO, but it didn't spread from, through, or with the aid of SCO's UNIX mail servers or any other. You're getting the victim mixed up with the assailant. And let's keep our eyes on the real problem: it's not UNIX or Windows... you can run servers and clients on any platform without producing an continual flood of email viruses and worms. The basic design of NT security is really quite good... if it wasn't for the continued poor "software hygiene" that results from Microsoft's merge of Windows Explorer with the HTML control and its Internet orientation, things like MyDoom would be occasional blips on the news instead of a monthly purgatory.

You have to be kidding me. "through UNIX mail servers"? A properly configured mail server doesn't touch the contents of a mail message and whether it's running on UNIX, Windows, Netware, VMS, OS/2, a Palm Pilot, or a cage full of caffeinated hamsters has got nothing to do with the spread of this or any other virus. Or are you implying that UNIX is in such a dominant position in the Internet mail transport environment that any mail, good or bad, is predominantly sent through UNIX mail servers? That's likely enough true, but I don't think that's quite the spin you's want to see on it. :) If you want to lay blame for the spread of this and every other currently extant email virus, blame Microsoft's appalling decision to merge the OS and the Internet. The discretionary access control (orange book class C) provided by Windows NT and its successors is entirely inappropriate for an environment where you're operating primarily on untrusted data. The security model a web browser has to follow is mandatory access control (Orange book class B), and making one subsystem responsible for both forces security and convenience into an even greater conflict than they are at the best of times... and the "cross zone" exploits that so many viruses abuse are the inevitable result. When Microsoft announced this... my god, it's getting on for ten years ago now... I banned the use of any application using Microsoft's HTML control to access Internet-based resources: Outlook, Internet Explorer, and so on... and during this time the worst impact we've suffered from any of the big email viruses has been overstuffed mailboxes due to junk from partnersthat have been infected. I don't care what mail client you use, on what platform, except for one: if you use any variant of Outlook or Outlook Express, you're doing the online equivalent of running barefoot through a Hot Ward and snogging all the patients. And then... coming around to my door asking if I'd like to try out the new Ebola variant you've picked up. For the love of god, people, if you have any way to get away from Outlook, do it now.

"MyDoom is spreading rapidly across the Internet through UNIX mail servers" funny guy:)) microsoft mail servers is immune from viruses? how old are u?

Explain yourself, sir. I understand that this is a .NET magazine, but how exactly is it responsible journalism to say that MyDoom is spreading "through UNIX mail servers"? Please describe in detail what findings you have to show that MyDoom discriminates as to which servers it will traverse the internet using. I would be delighted to understand this previously impossible feat, as would the vast majority of people running mail servers - people who have, based on reliability, flexibility and a reputation for security, chosen not to use the Windows-based alternative.

Seems to me that your statement "spreading rapidly across the Internet through UNIX mail servers" is not correct. You later say that infected Windows hosts "send infected email to all the users in their address book" but you clearly are attempting to mis-place the blame by associating the "dangerous"-ness to UNIX but diverting people from the real source, users on Windows. This ought to be corrected.