Re: [Declude.Virus] Correct me if I am wrong

[Jim Matuska]

Another example of why that idea is bad is demonstrated by one of McAfee's mail server virus engines.  I have seen messages forwarded my way that say our email server detected a virus you sent, please see attachment for details.  The problem is the virus is a forging one the mail server sent the notification to the wrong recipient and to actually see the information on the virus you have to open the attachment which has the same name as the original virus but with an .htm extension added on ie virusfile.pif.html.  Initially the message looks like a virus that somehow made it past all the scanners, but the attachment is actually a html file from McAfee Antivirus saying it has removed the original attachment.  This is a fine example of why A.  You should not send out notifications for forging viruses and B.  Don't send notifications that look just like the original virus.   Jim Matuska Jr. Computer Tech II CCNA Nez Perce Tribe Information Systems [EMAIL PROTECTED] ----- Original Message ----- From: John Tolmachoff (Lists) To: [EMAIL PROTECTED] Sent: Wednesday, May 19, 2004 5:09 PM Subject: RE: [Declude.Virus] Correct me if I am wrong 99.99% of virus infected e-mails are bogus anyways, so why would you want to let it through?   Oh, the answer to your question is no.   John Tolmachoff Engineer/Consultant/Owner eServices For You   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Goran Jovanovic Sent: Wednesday, May 19, 2004 2:58 PM To: [EMAIL PROTECTED] Subject: [Declude.Virus] Correct me if I am wrong   I believe this is correct.   If a virus in an attachment is detected then the whole message will be held and the recip.eml notification will be sent out.   Is there a way to allow the e-mail to go through to the user with a notification that the attachment was stripped?          Goran Jovanovic      The LAN Shoppe

<<image001.gif>>