My personal account has yet to get hit by the virus. My CFX account on the other hand, had a few but my mail server stripped the attachments. We have been getting quite a few calls from customers getting this as well. It seems the virus also does an MX record lookup and will take the lowest priority (if there is one) and make a direct connection to that server and send the mail. That's how it got around some of our filtering anyway.
As far as Blaster, we have not seen any sign of that yet either. The closest was that we cut off an AT&T backbone on Saturday because they were getting hit and we didn't want to coming into our networks. Dan Phillips www.CFXHosting.com 1-866-239-4678 [EMAIL PROTECTED] Do you want complete ColdFusion Administrator access? RDS? Terminal Server?- CFX-Advanced VPS - http://www.cfxhosting.com/Plans/s_cfxadvancedVPS.cfm -----Original Message----- From: Heald, Tim [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 20, 2003 12:29 PM To: CF-Community Subject: RE: Clean off Thankfully between gov't email and speakeasy's amazing services I am relatively untouched by the madness around me. How bad is it for other people? I am writing a special topic paper on soBig and the blaster variants, and tying it into change/patch management practices. I would really love to hear back from anyone that's been hit, about how they have dealt with it. Also those that weren't affected, what practices and policies do you have in place to help you mitigate some of the threat? Thanks, Timothy Heald Information Systems Specialist Overseas Security Advisory Council U.S. Department of State 571.345.2235 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 20, 2003 12:26 PM To: CF-Community Subject: Clean off I'm assuming everyone is covered by spam at the moment can can't post. If so, how about using CF to do your cleanup for you. Use CFPOP to get all the headers from your mail box (or maybe the first 20-50 at a time) and then run this against the returned query: SELECT Subject FROM Spam WHERE (DomainChecked = 0) AND (Subject LIKE '%Thank you%' OR Subject LIKE '%Approved%' OR Subject LIKE '%Details%' OR Subject LIKE '%Wicked screensaver%' OR Subject LIKE '%movie%' OR Subject LIKE '%your application%' OR Subject LIKE '%attachment%' OR Subject LIKE '%failure%' OR Subject LIKE '%failed%' OR Subject LIKE '%returned%' OR Subject LIKE '%virus%') ORDER BY Subject Anything that comes back can be routed to the screen so you can view the subject and other info. If its spam, just tell CFPOP to delete it. Saves on the downloading and can even be automated more. If you have access to your mail server, I've got an additional script suggestion that'll do the job automatically by detecting any mail files with viruses in them. Just needs CF, CFDIRECTORY, a CFX and a CFIF. Michael Dinowitz Finding technical solutions to the problems you didn't know you had yet ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:5 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5 Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm
