A little heads-up about SoBig.F ... 2,000 of my inbound e-mail messages today has been this virus, from a variety of sources.
The messages are the virus itself, neutered versions of the message, and bounces/warnings from dummy antivirus software on mailservers out there that still warn the sender, without regard to whether the virus it is warning about is a mass-mailing from-address spoofing bit of malware. The virus has its own SMTP engine, and puts this in the header - X-MailScanner: Found to be clean presumably to get past text filters that try to whitelist a message based on this header. MailSniffer is apparently a well-regarded and widely used open source solution: http://MailScanner.info There is also a header line that mimics Outlook Express. And the messages fail BADHEADERS, despite the "care" put into it by the author! Andrew 8) --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
