Problem with "Possible Microsoft security vulnerability attack"
detection on version 3.23-1??
Tan Siew Wu
siewwu.tan at EDGEMATRIX.COM
Wed Sep 25 03:15:47 IST 2002
Hi all,
I just upgraded to 3.23-1 two days ago. Everything is working fine except
that there are unusual amount of detection on "Possible Microsoft security
vulnerability attack". I was on 3.21-1 and guess this was not part of the
feature.
A brief check indicates that all came from a number of mailing lists that
my users subscribe to. Examples like Daily Dilbert list, Oracle list,CNet
news.com list...etc.
I haven't had time to try to dive into the detection perl code for it and
is wondering if someone facing the similar issue. From what I see, the is
not configurable option on mailscanner.conf to control this new detection
behaviour.
Currently configured to keep whole infected message. If someone wants to
take a look at these messages, I can collect a few of them and email it.
Siew Wu
More information about the MailScanner
mailing list