[Sysadmin] virus found in sent message "Returned mail: Data format error"
postmaster at evolt.org
postmaster at evolt.org
Mon Jun 12 14:17:59 CDT 2006
Attention: cnelson at pepperdine.edu
A virus was found in an Email message you sent.
This Email scanner intercepted it and stopped the entire message
reaching its destination.
The virus was reported to be:
Worm.Mydoom.M
Please update your virus scanner or contact your IT support
personnel as soon as possible as you may have a virus on your system.
Your message was sent with the following envelope:
MAIL FROM: cnelson at pepperdine.edu
RCPT TO: thelist at lists.evolt.org
... and with the following headers:
---
MAILFROM: cnelson at pepperdine.edu
Received: from sandragw.nyf.hu (HELO pepperdine.edu) (193.224.106.80)
by tempest.evolt.org with SMTP; 12 Jun 2006 14:17:46 -0500
From: cnelson at pepperdine.edu
To: thelist at lists.evolt.org
Subject: Returned mail: Data format error
Date: Mon, 12 Jun 2006 21:17:45 +0200
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0002_4F80D187.6B2DD9E9"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
---
The original message is kept in:
tempest:/var/spool/qmailscan/quarantine/new/tempest115013986862026175
where the can further diagnose it.
The Email scanner reported the following when it scanned that message:
---
---clamdscan results ---
LibClamAV Error: hex2int() translation problem (40)
LibClamAV Error: readdb(): Malformed pattern line 30342 (file /var/spool/qmailscan/tmp/tempest115013986862026175/clamav-93e9fed71c2bdd86/main.db).
/var/spool/qmailscan/tmp/tempest115013986862026175/1150139872.26203-0.tempest: OK
/var/spool/qmailscan/tmp/tempest115013986862026175/transcript.zip: Worm.Mydoom.M FOUND
/var/spool/qmailscan/tmp/tempest115013986862026175/orig-tempest115013986862026175: Worm.Mydoom.M FOUND
---
More information about the Sysadmin
mailing list