From owner-freebsd-questions@FreeBSD.ORG  Tue Sep  9 06:40:55 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 71CAB16A4BF
	for <freebsd-questions@freebsd.org>;
	Tue,  9 Sep 2003 06:40:55 -0700 (PDT)
Received: from clunix.cl.msu.edu (clunix.cl.msu.edu [35.9.2.10])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A357443FA3
	for <freebsd-questions@freebsd.org>;
	Tue,  9 Sep 2003 06:40:54 -0700 (PDT)
	(envelope-from jerrymc@clunix.cl.msu.edu)
Received: from clunix.cl.msu.edu (localhost [127.0.0.1])
	by clunix.cl.msu.edu (8.12.9/8.12.9) with ESMTP id h89DeoOg010398;
	Tue, 9 Sep 2003 09:40:50 -0400 (EDT)
Received: (from jerrymc@localhost)
	by clunix.cl.msu.edu (8.12.9/8.12.9/Submit) id h89Den2D010397;
	Tue, 9 Sep 2003 09:40:49 -0400 (EDT)
From: Jerry McAllister <jerrymc@clunix.cl.msu.edu>
Message-Id: <200309091340.h89Den2D010397@clunix.cl.msu.edu>
To: algould@datawok.com (Andrew L. Gould)
Date: Tue, 9 Sep 2003 09:40:49 -0400 (EDT)
In-Reply-To: <200309090756.26240.algould@datawok.com> from "Andrew L. Gould"
	at Sep 09, 2003 07:56:26 AM
X-Mailer: ELM [version 2.5 PL2]
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
cc: freebsd-questions@freebsd.org
Subject: Re: Off-Topic:  Did I receive a virus or worm?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Sep 2003 13:40:55 -0000

> 
> HI all!
> 
> I received an email last night from a CPE (Continuing Professional Education) 
> vendor.  The email contents contained an web address to their site where I 
> could review my test results for an on-line course I had completed.  Clicking 
> on the address from within Kmail sent me to the appropriate, secure (https) 
> web page in Konqueror.
> 
> Below the message, however, were two blocks of gibberish.  Both blocks begin 
> with a "begin" line and end with an "end" line.  There is no indication that 
> Kmail included an attachment in-line within the email.
> 
> Is it possible that the code was needed to access the web page?  If so, I 
> don't understand how clicking on the web address would send or use the blocks 
> of code.
> 
> Should I worry about these blocks of code?

Yes, you should.
Do not trust any unsolicited code and be cautious of that 
which you did request.

////jerry

> 
> Thanks,
> 
> Andrew L. Gould