I am sending this message under the advice of Allen Gwinn of SMU to inform this community of the status of these "Olga" messages. We have tried to determine what the source of the messages are, and it appears that the perpetrator is forging the mail source when sending the message to a mailer. The machine in question, (physics1.byu.edu) is a Novell file server that runs the Mercury mail software. It does not have DNS capability and cannot mail directly to the sites that have shown up in the recent mail messages. We are quite certain that the perpetrator is telnetting to the receiving systems, entering a bogus host name, and then proceeding to send the message. I verifyed yesterday that the receiving host at U-Texas (which is an IBM VM machine) will take any host name and assume that its a valid sender. The last two incidents have passed through VM machines. The incident before these last two, came through a mailer that put the IP address in the header line. It was not the IP address of physics1, but rather a workstation at the University of Utah. We have contacted the U of U Police and are trying to track the individual down. Unfortunately, there are some mail systems still on the Internet that do not check carefully for forged mail. Until this problem is resolved, it is likely that incidents like this will continue. Kelly McDonald Executive Director, Univ. Computing Services BYU