Hi, Thomas Baker wrote:
>I use Cygwin Mutt 1.2.5i (2000-07-05) on Win2000 and just >got messages from two people with a short text message >saying "Your password is 12zxjkjl123kjl12jz". But the >size of each of the messages, according to Mutt, was 65k. >After viewing the message with the default viewer (only), >my virus protector popped up with a message to the effect >that c:\tmp\mutt-mutt-LEPIDUS-2136-12 was infected with >the Exploit.IFrame.FileDownload virus. Before deleting, >I looked at its file entry -- it was roughly 250k and bore >a time-stamp of several minutes earlier, when I had been >reading the message. I saved one of the messages to a file >named "virus" and tried opening it with vim, but got a >message like "file is readonly". I deleted that too. > >According to F-Secure Web site, this is a virus that exploits >a flaw in Internet Explorer, and by extension mail readers >that use it, such as Outlook. No surprise there! The only >surprise to me is that 250k infected file which appeared >in my c:/tmp. What kind of things does Mutt park there, >and where could that big file have come from?? Surely Mutt >would not have uncompressed anything without telling me...? > When I used cygwin mutt to read over IMAP, it always cached every message in /tmp, causing my virus scanner to have a bad day. mutt never ran them, it just stored them there whilst processing them (why I don't know). Luke
