W32/Sobig.F virus header
Julian Field
mailscanner at ecs.soton.ac.uk
Thu Aug 21 11:47:54 IST 2003
At 09:23 21/08/2003, you wrote:
>Dear julian,
> these are lines from the NAI website
>
>>The attachment must be run manually to infect the local
>>system. Additionally, messages sent by the virus contain the following fields
>>
>> * X-MailScanner: Found to be clean
>> * X-Mailer: Microsoft Outlook Express 6.00.2600.0000
>>
>>The virus sends itself via its own SMTP engine, which requires an ESMTP
>>server to send itself successfully. The virus does an MX lookup on the
>>target domain (ie. when sending itself to user at domain.com, it sends
>>though the servers specified in the MX record for domain.com).
>
>:-) Are you going to be famous ? :-)
I am already, it appears. Traffic to www.mailscanner.info jumped up by a
factor of 3 yesterday!
--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support
More information about the MailScanner
mailing list