What does this mean? Worm?


Active Member
Just got this email from my sister. Tried to find out what it means, but couldn't find any thing about it, except on page that talks about Nimda worm...

what is this email i got below? seems like a strange spam. and i dont normally get spam at this address.

Levenger has blocked your message for one of the following reasons:

-  Your email has been classified as spam email
-  Your email or email attachment contain a virus
-  Your email server has been listed on the Internet as an OPEN RELAY.

To find out if you are an open relay and how to fix it, please go to www.ordb.org.  If
you want to reach us, please contact us at 1-800-544-0880.  Thank you.

Time: 02 Sep 2004 04:24:30
Scan result: Mail rejected
Protocol: SMTP in
File Name\Mail Subject: mail_1094066109: Mail Delivery (failure someone's personal addy at levenger (dot) com)
Source: mysister at nyc (dot) rr (dot) com
Destination: someone's personal addy at levenger (dot) com
Details:  Mail infected with x-wav exploit  \HTML Active Content:  Found the following Html Tag Exploit: <A^sHREF^s=cid^s:*>

Addresses have been changed to protect the innocent.

Any ideas... told her to run virus program..haven't heard back though.

What is an Open Relay? Would this be her machine or the server? And what does that HTML tag do?

I looked at www.ordb.org , but being that I dont understand some of the basics, I don't know whether to trust that site or not?
Well, after digging around that site a bit more..
My email was rejected. Why was I sent here?
First of all we are sorry to bother you. In fact your mail is not bounced to annoy you. We'll try to explain what's happening here.
The email server that you use for sending email is probably listed in our Open Relay DataBase (ORDB). Your email server can easily be tricked into sending large amounts of unsolicited email, called spam. The email server is a so-called "open relay".

System administrators all over the world choose to use our database to refuse mail from such servers, until the server has been fixed to stop relaying spam to innocent users.

So here's what you should do: Contact the system administrator of your mail server and forward him a copy of the bounced email you received. The standard system administrator email account for an Internet mail server is "[email protected]". For example; If the name of your ISP is Big-ISP.net then forward a copy of the bounced email to "[email protected]". Otherwise, you should call tech support and alert them of the problem.

If the server is owned by your school or employer, then contact your support department and explain the same thing to them.

We know that email is important to you, and we want to help your ISP resolve the problem of your mail bouncing. Correcting this problem is usually a very simple process, involving your ISP changing a few lines of one configuration file, or ticking a checkbox on a configuration form.

Looks like I posted prematurely.. sorry about that, the first site I found through google mentioned Nimda and got me a bit worried.

Still curious at to what that HTML tag does, though.