Dumaru again
Rabellino Sergio
rabellino at DI.UNITO.IT
Thu Mar 25 16:53:32 GMT 2004
Muenz, Michael wrote:
> Hi,
>
>
>>Try changing in your rules file
>>
>>FromOrTo: @mydomain.de yes
>>
>>to:
>>
>>FromOrTo: *@mydomain.de yes
>
>
> I don't think this will work, cause MailScanner detects
> every kind of Netsky etc. also Dumaru.A, but not Y and Z
>
The following e-mail messages were found to have viruses in them:
Sender: address at yandex.ru
... omissis
Subject: Important information for you. Read it immediately !
MessageID: i2PFXZrj011919
Report: Found dangerous IFrame tag in HTML message
Report: /i2PFXZrj011919/msg-23618-394.txt/myphoto.zip Found the
W32/Dumaru.y at MM virus !!!
Report: /i2PFXZrj011919/myphoto.zip Found the W32/Dumaru.y at MM virus !!!
Report: /i2PFXZrj011919/myphoto.jpg .exe Found the W32/Dumaru.y at MM
virus !!!
Executable DOS/Windows programs are dangerous in email (myphoto.jpg
.exe)
Full headers are:
... omissis
Mailscanner (4.29.5) with mcafee detects correctly Dumaru.y as you can see .... Probably it's your AV the problem.
--
Dott. Sergio Rabellino
Technical Staff
Department of Computer Science
University of Torino (Italy)
http://www.di.unito.it/~rabser
Tel. +39-0116706701
Fax. +39-011751603
More information about the MailScanner
mailing list