Hi, Below an internal mail that was caught. The section header was (server/share substituted): ------=_NextPart_000_0001_01C835BD.DC8E3F20 Content-Type: application/octet-stream; name="BacoDiscussionsBlob.asp?ID={A1243322-3030-48BF-BD72-8A248CB26090}" Content-Transfer-Encoding: base64 Content-Location: http://server/share/docs/BacoDiscussionsBlob.asp?ID={A1243322-3030-48BF-BD72-8A248CB26090}
I'm assuming this Content-Location can be easily spoofed right? Or could I somehow convince Declude to pass these mails when there is a specific Contect-Location Met vriendelijke groet, Bonno Bloksma hoofd systeembeheer tio hogeschool hospitality en toerisme begijnenhof 8-12 / 5611 el eindhoven t 040 296 28 28 / f 040 237 35 20 [EMAIL PROTECTED] / www.tio.nl ----- Original Message ----- From: Postmaster To: [EMAIL PROTECTED] Sent: Monday, December 03, 2007 3:05 PM Subject: Declude Virus caught a virus Declude Virus v4.3.46 caught the CLSID Vulnerability virus in BacoDiscussionsBlob.asp?ID={A1243322-3030-48BF-BD72-8A248CB26090} from [EMAIL PROTECTED] to: [EMAIL PROTECTED] Date: 03 Dec 2007 15:05:04 Subject: offerte Krasnapolsky mrt07 (dekanendag) Spool File: D0d06059200009ba9.smd Remote IP: 217.114.99.194 Headers: Received: from hglfin02 [217.114.99.194] by tio.nl with ESMTP (SMTPD-9.21) id AD061154; Mon, 03 Dec 2007 15:04:54 +0100 Message-ID: <[EMAIL PROTECTED]> From: "Lidie Kuipers" <[EMAIL PROTECTED]> To: "Geert A. van der Meer" <[EMAIL PROTECTED]> Subject: offerte Krasnapolsky mrt07 (dekanendag) Date: Mon, 3 Dec 2007 15:04:54 +0100 MIME-Version: 1.0 Content-Type: multipart/related; type="multipart/alternative"; boundary="----=_NextPart_000_0001_01C835BD.DC8E3F20" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1914 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1914 --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.