No, the virus patterns for Scanmail don't protect you from users sending or receiving e-mail.
And no, technically, this isn't a virus (as much as it hurts to agree with Precht), but that doesn't stop an AV company from writing definitions which will block 'harmful' executables. Trend already does this, and I suspect that if you send the actual exe through e-mail, it might very well be blocked and/or deleted. However, that's not how the thing propagates. If this is a significant issue, who handles your DNS? If it's handled in house, the list of URLs the thing currently uses ought to have been entered into bogus DNS zones on your DNS servers so user don't have the opportunity to access the URLs in question. > -----Original Message----- > From: Young, Phil [mailto:phil.young@;wcom.co.uk] > Sent: Tuesday, November 12, 2002 10:12 AM > To: Exchange Discussions > > OK so the pattern is just protecting us from the other actions that take > place if someone clicks on the URL, and the WORM_FRIENDGRT.B is not really > a > virus? > I am happy to delete these messages but some users still ignore the > warnings > we have given and it starts sending messages which I would have hoped > would > be caught by the pattern file. > > -----Original Message----- > From: Chris Scharff [mailto:chris_scharff@;messageone.com] > Sent: 12 November 2002 15:40 > To: Exchange Discussions > Subject: RE: Virus heads up > > > Um... there's no virus sent via e-mail, thus Scanmail has nothing to > clean. > > > -----Original Message----- > > From: Young, Phil [mailto:phil.young@;wcom.co.uk] > > Sent: Tuesday, November 12, 2002 8:55 AM > > To: Exchange Discussions > > > > Hi, > > Has anyone successfully cleaned this virus using Trend Scanmail. We are > > running Trend 3.52 in AVAPI mode with pattern 382 and I am yet to see it > > successfully clean the virus. Are there any specific settings I should > set > > in Scanmail? > > Thanks in advance. > > Phil > > > > -----Original Message----- > > From: Darcy Adams [mailto:Darcy.Adams@;gettyimages.com] > > Sent: 11 November 2002 14:48 > > To: Exchange Discussions > > Subject: RE: Virus heads up > > > > > > Well, our Help Desk staff has proven that it *is* possible to ignore me. > > But bad things tend to happen every time they do. Like users infecting > > themselves with a new virus. > > > > Darcy > > > > -----Original Message----- > > From: William Lefkovics, WLKMMAS [mailto:william@;techsanctuary.org] > > Sent: Sunday, November 10, 2002 4:08 AM > > To: Exchange Discussions > > Subject: RE: Virus heads up > > > > > > > > I don't believe you. > > > > You are impossible to ignore. > > > > I think these are also associated... > > www.cool-downloads.com > > www.cool-downloads.net > > www.friend-greetings.com > > www.friend-greeting.com > > www.friend-greetings.net > > www.friend-greeting.net > > www.friend-cards.net > > > > William > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:bounce-exchange-104116@;ls.swynk.com] On Behalf Of Darcy Adams > > Sent: Friday, November 08, 2002 9:24 AM > > To: Exchange Discussions > > > > I'm still going to forward this to our Help Desk. I warned them, and > > our security and network teams, about it when it first came around. A > > few days later our Security team sent out a notice that it had made it > > in and infected some desktops. > > > > HELLOOO!! Desktop support - I SENT YOU the FRIGGIN NOTICE days ago. > > Apparently they ignored the warning. > > > > Darcy > > > > -----Original Message----- > > From: Roger Seielstad [mailto:roger.seielstad@;inovis.com] > > Sent: Friday, November 08, 2002 9:09 AM > > To: Exchange Discussions > > Subject: RE: Virus heads up > > > > > > That's not *technically* a virus, but its been around for close to a > > month > > now. > > > > It says in the EULA-that-noone-ever-reads that it will send messages to > > all > > your contacts. > > > > ------------------------------------------------------ > > Roger D. Seielstad - MCSE > > Sr. Systems Administrator > > Inovis - Formerly Harbinger and Extricity > > Atlanta, GA > > > > > > > -----Original Message----- > > > From: Couch, Nate [mailto:nate.couch@;eds.com] > > > Sent: Friday, November 08, 2002 11:59 AM > > > To: Exchange Discussions > > > Subject: Virus heads up > > > > > > > > > Just to let you all know one of our customer got hit with the > > > Friend-Greeting virus a little bit ago. From what I have > > > learned Trend is > > > the only one talking about this now and are calling it FRIENDGRT.B. > > > > > > The actions we are taking are blocking the following domain > > > at the firewall > > > > > http://www.Friend-Greetings.com > > > > Hope this helps. > > > > Cheers. > > > > Nate Couch > > EDS Messaging > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:leave-exchange@;ls.swynk.com > > Exchange List admin: [EMAIL PROTECTED] > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:leave-exchange@;ls.swynk.com > > Exchange List admin: [EMAIL PROTECTED] > > > > > > ======================================================= > > This email and its contents are confidential. If you > > are not the intended recipient, please do not disclose > > or use the information within this email or its > > attachments. If you have received this email in error, > > please delete it immediately. Thank you. > > ======================================================= > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:leave-exchange@;ls.swynk.com > > Exchange List admin: [EMAIL PROTECTED] > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:leave-exchange@;ls.swynk.com > > Exchange List admin: [EMAIL PROTECTED] > > > > > > ======================================================= > > This email and its contents are confidential. If you > > are not the intended recipient, please do not disclose > > or use the information within this email or its > > attachments. If you have received this email in error, > > please delete it immediately. Thank you. > > ======================================================= > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:leave-exchange@;ls.swynk.com > > Exchange List admin: [EMAIL PROTECTED] > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Archives: http://www.swynk.com/sitesearch/search.asp > > To unsubscribe: mailto:leave-exchange@;ls.swynk.com > > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:leave-exchange@;ls.swynk.com > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:leave-exchange@;ls.swynk.com > Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:leave-exchange@;ls.swynk.com Exchange List admin: [EMAIL PROTECTED]
