Hello
Our Mail server recevied a mass mailing earlier today.The email is
address to [EMAIL PROTECTED] and is
coming from[EMAIL PROTECTED]Copy of
headers:Received: from mail.citravel.com [10.215.43.52] by
citravel.com (SMTPD32-8.11) id A06E595011C; Tue, 11 May 2004 11:25:34
-0400From:
Looks like a match for this new worm
W32/Wallon.worm.a
http://vil.nai.com/vil/content/v_125096.htm
The message body
simply contains a hyperlink, which is designed to trick users into
thinking that they are going to a Yahoo News site, when in fact they
are redirected to a page on the
I received a similar e-mail. Sent to a user who doesn't normally get spammed. Made to
look like a Yahoo link to my company.
HTMLHEAD/HEADBODY bgColor=#ffDIVFONT face=Arial size=2BRA
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_WALLON.A
Scott Fisher
Director of IT
Farm Progress Companies
[EMAIL PROTECTED] 05/11/04 03:23PM
Hello
Our Mail server recevied a mass mailing earlier today.
The email is address to [EMAIL PROTECTED] and is coming from
[EMAIL
This is likely just spam. The technique with the URL is someone
exploiting Yahoo's redirection scheme to land you on another site.
They do this to hide from URL parsers that don't recognize the exploit.
It is possible that the site tries to install an exploit such as Java
Byte Verify, which
Thanks
I was thinking about adding the rule as well but also
assumed that any legit mail to yahoo would be blocked and stopped
myself.
Too bad the powers that be here are not buying JUNK
Mail.
DC
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
MattSent: Tuesday, May 11,
Take note that there was a virus payload at the link as Greg pointed
out, but it appears that Terra-Lycos has killed the domain in question.
It is too bad that the power that be aren't buying JunkMail. I find it
to be a very effective last line of protection for viruses, as
virtually
Have a quick question for everyone. Recently we have been getting virus files
(.SMD) showing up in our root of our e-mail server (C:/) When we run a virus
scan on the drive, it picks it up as various virus's, such as the Netsky and
Beagle virus. We delete them, but they keep popping back
I've found Declude Junkmail to be almost an addiction.
Is there a 12 step program available?
Scott Fisher
Director of IT
Farm Progress Companies
[EMAIL PROTECTED] 05/11/04 04:42PM
Take note that there was a virus payload at the link as Greg pointed
out, but it appears that Terra-Lycos has
Have a quick question for everyone. Recently we have been getting virus
files (.SMD) showing up in our root of our e-mail server (C:/) When we run
a virus scan on the drive, it picks it up as various virus's, such as the
Netsky and Beagle virus. We delete them, but they keep popping back up. I
In the Virus.cfg, it is pointing to the default, E:/IMail/Spool/Virus. We
currently have it commented out (with a #), so nothing is getting sent to
that folder. I'm assuming it is just deleting them. Could that be the
problem? Do we have to send them to that folder?
Tim Cook
Varsity
In the Virus.cfg, it is pointing to the default, E:/IMail/Spool/Virus. We
currently have it commented out (with a #), so nothing is getting sent to
that folder. I'm assuming it is just deleting them. Could that be the
problem?
That is the problem. Without letting Declude Virus know where to
K, thanks Scott, we'll change that and give that a try.
Tim Cook
Varsity Contractors
IT Technical Support
(208) 232-8599 x335
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of R. Scott Perry
Sent: Tuesday, May 11, 2004 4:55 PM
To: [EMAIL
I love decludeJunkmail as I have it on my
personal domain on a sharedmail serverthat an ISP friend/client
allows me to use.
I must now use a local spam product on my personal mail and
everyone else fends for themselves on the company domain which works for some
but it is still local
14 matches
Mail list logo
