>Question for Scott: >Does the new mime exploit processing work like banned extensions? Does the >message have a chance to be scanned and assigned a "real" virus name >before the "Outlook 'MIME Header' Vulnerability" name is assigned?
Yes, the virus detection will still take precedence. For example, if you are catching the Klez virus now and using LOGLEVEL MID, you'll see an "Outlook MIME exploit" message in the logs, that shows the MIME type that is being used and the name of the file (and extension). For example: Outlook MIME exploit: type=audio/x-wav, name=openme.pif but, in the virus notification, you'll see the virus as "Klez". -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". You can E-mail [EMAIL PROTECTED] for assistance. You can visit our web site at http://www.declude.com .