On Mon, 31 May 2004 17:53:17 +0800 "mangyun" <[EMAIL PROTECTED]> wrote:
> this is from tail -f /var/log/maillog, when i send an email containing > the virus > > May 31 17:46:13 kube3 sendmail[32359]: i4V9k2B32342: > to=<[EMAIL PROTECTED]>, delay=00:00:09, xdelay=00:00:00, > mailer=local, pri=230110, dsn=2.0.0, stat=Sent May 31 17:46:15 kube3 > MailScanner[28028]: Filename Checks: Allowing msg-28028-16.txt May 31 > 17:46:15 kube3 MailScanner[28028]: Filename Checks: Allowing > msg-28028-17.html (no rule matched) May 31 17:46:15 kube3 > MailScanner[28028]: Filename Checks: Allowing Information.zip May 31 > 17:46:15 kube3 MailScanner[28028]: Uninfected: Delivered 1 messages > > > symantec anti virus corporate edition recognise it by -> Virus name: > [EMAIL PROTECTED] > > freshclam is up to date > > # freshclam -v > Current working dir is /var/clamav > Checking for a new database - started at Mon May 31 17:50:35 2004 > Connected to clamav.elektrapro.com. > Reading md5 sum (viruses.md5): OK > viruses.db is up to date. > Reading md5 sum (viruses2.md5): OK > viruses.db2 is up to date. You're using a completely outdated clamav version. Only ClamAV >= 0.70 is able to detect some Bagle-zippwd mutations (those "big" ones). -- oo ..... Tomasz Kojm <[EMAIL PROTECTED]> (\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg \..........._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Mon May 31 13:11:12 CEST 2004
pgpQYlxLXXrIU.pgp
Description: PGP signature
