I am sending this message  under the advice of Allen Gwinn of SMU to
inform this community of the status of these "Olga"  messages.
 
We have tried to determine what the source of the messages are, and it
appears that the perpetrator is forging the mail source when sending the
message to a mailer.  The machine in question, (physics1.byu.edu) is a Novell
file server that runs the Mercury mail software. It does not have DNS
capability and cannot mail directly to the sites that have shown up in the
recent mail messages.  We are quite  certain that the perpetrator is
telnetting to the receiving systems, entering a bogus host name, and then
proceeding to send the message.  I verifyed yesterday that the receiving
host at U-Texas (which is an  IBM VM machine) will take any host name and
assume that its a valid sender.   The last two incidents have passed through VM
machines.  The incident before these last two,  came through a mailer that put the IP
address in the header line.  It was not the IP address of physics1, but
rather a workstation at the University of Utah.
 
We have contacted the U of U Police and are trying to track the individual
down.
 
Unfortunately, there are some mail systems still on the Internet that do
not check carefully for forged mail.  Until this problem is resolved, it
is likely that incidents like this will continue.
 
Kelly McDonald
Executive Director, Univ. Computing Services
BYU