W32/Braid-A or W32/Brid-A

Rose, Bobby brose at MED.WAYNE.EDU
Thu Nov 14 18:42:57 GMT 2002

I'm seeing something odd....

Some virus message reports don't have the virus part mentioned but
sometimes it does?  Any ideas why this would happen?  A timeout that
needs adjusted or something?  If it's not tagging it with the virus then
it will still send the report back to the wrong user.

IP Address:
 Recipient: vheil at med.wayne.edu
   Subject: Undelivered Mail Returned to Sender
 MessageID: gAEGvLUZ010962
    Report: Found dangerous IFrame tag in HTML message
    Report: Executables are very dangerous in email and must be zipped.

-----Original Message-----
From: Julian Field [mailto:mailscanner at ECS.SOTON.AC.UK] 
Sent: Thursday, November 14, 2002 11:19 AM
Subject: Re: W32/Braid-A or W32/Brid-A

At 16:04 14/11/2002, you wrote:
>Does anyone know if this guys is like Klez and forges?

Yes it does.

>   I read the
>description Symantec but it doesn't say.  I've been getting those 
>stupid replies from users proclaiming that "I didn't send this" or "I 
>don't know this person"
>Just wondering if it's one to add to the virus drop list.

You should, yes. It is included in the defaults of the next release.
Julian Field                Teaching Systems Manager
jkf at ecs.soton.ac.uk         Dept. of Electronics & Computer Science
Tel. 023 8059 2817          University of Southampton
                             Southampton SO17 1BJ

More information about the MailScanner mailing list