virus from 'support@microsoft.com' not blocked?
Mike Kercher
mike at CAMAROSS.NET
Tue May 27 21:52:26 IST 2003
No...this is the Palyh virus. Sobig was/is from big at boss.com
> -----Original Message-----
> From: MailScanner mailing list
> [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf Of Craig Pratt
> Sent: Tuesday, May 27, 2003 3:47 PM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: virus from 'support at microsoft.com' not blocked?
>
>
> On Tuesday, May 27, 2003, at 01:36 PM, Remco Barendse wrote:
> > I have just received the virus that claims to be from
> > support at microsoft.com
> >
> > The weird thing it, it isn't filtered at all.
> >
> [chomp]
>
> I presume this is the Sobig virus.
>
> RavAV's been catching it w/o issue:
>
> The following e-mail messages were found to have dangerous content:
>
> Sender: support at microsoft.com
> IP Address: 68.4.203.36
> Recipient: [chomp]
> Subject: Re: Movie
> MessageID: h4MJ12gC000237
> Report: ./h4MJ12gC000237/your_details.pif Infected:
> Win32/Sobig.B at mm Shortcuts to MS-Dos programs are very
> dangerous in email
> (your_details.pif)
>
> So it was caught based on content and extension.
>
> Craig
>
> ---
> Craig Pratt
> Strongbox Network Services Inc.
> mailto:craig at strong-box.net
>
>
> --
> This message checked for dangerous content by MailScanner on
> StrongBox.
>
More information about the MailScanner
mailing list