Sophos missed MyDoom-A bounced msg

Martin Hepworth martinh at SOLID-STATE-LOGIC.COM
Mon Feb 9 17:37:51 GMT 2004

Travis Taylor wrote:
>>We have the same situation here.  Right now, I am trying to retreive
>>the Symantec quarantined documents, and will be sending them to Sophos.
>>I would suggest sending them yours, also.
>>Dustin Baer
>>Unix Administrator/Postmaster
>>Information Handling Services
>>15 Inverness Way East
>>Englewood, CO 80112
> I'm in the process of sending it to sophos now, Dustin.
> On a side note, I decided to sent the quarantined message as an
> attachment to myself and MailScanner/Sophos caught it.  Though when I
> pasted the infected bounced message in the body of a message and sent
> it to myself it slipped through without being detected.  I'm wondering
> if this has something to do with how the message is encoded (mime,
> uuencode, etc).

This is a known issue with MailScanner and specifically one of the Perl
modules it uses.

 From memory Julian asked for anyone with such an email to forward it
direct to him (not the list) so he can investigate the problem.

I hope Julian doesn't shoot me getting people to send him viruses.

You might want to email him before hand to warn him an example is on the

Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300


This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote confirms that this email message has been swept
for the presence of computer viruses and is believed to be clean.


More information about the MailScanner mailing list