[Sysadmin] virus found in sent message "status"
postmaster at evolt.org
postmaster at evolt.org
Mon Jun 12 19:05:46 CDT 2006
Attention: rshopping3 at cableonda.net
A virus was found in an Email message you sent.
This Email scanner intercepted it and stopped the entire message
reaching its destination.
The virus was reported to be:
Worm.Mydoom.M
Please update your virus scanner or contact your IT support
personnel as soon as possible as you may have a virus on your system.
Your message was sent with the following envelope:
MAIL FROM: rshopping3 at cableonda.net
RCPT TO: mailman-request at lists.evolt.org
... and with the following headers:
---
MAILFROM: rshopping3 at cableonda.net
Received: from static-adsl201-232-77-113.epm.net.co (HELO cableonda.net) (201.232.77.113)
by tempest.evolt.org with SMTP; 12 Jun 2006 19:05:39 -0500
From: rshopping3 at cableonda.net
To: mailman-request at lists.evolt.org
Subject: status
Date: Mon, 12 Jun 2006 19:05:57 -0500
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0007_7623A3DC.E35ABA1A"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
---
The original message is kept in:
tempest:/var/spool/qmailscan/quarantine/new/tempest115015714062030823
where the can further diagnose it.
The Email scanner reported the following when it scanned that message:
---
---clamdscan results ---
LibClamAV Error: hex2int() translation problem (40)
LibClamAV Error: readdb(): Malformed pattern line 30342 (file /var/spool/qmailscan/tmp/tempest115015714062030823/clamav-dcfe103a7499ed6a/main.db).
/var/spool/qmailscan/tmp/tempest115015714062030823/1150157143.30830-0.tempest: OK
/var/spool/qmailscan/tmp/tempest115015714062030823/document.zip: Worm.Mydoom.M FOUND
/var/spool/qmailscan/tmp/tempest115015714062030823/orig-tempest115015714062030823: Worm.Mydoom.M FOUND
---
More information about the Sysadmin
mailing list