[EMAIL PROTECTED] said the following on 6/14/2005 7:35 PM:
I have an intra VLAN network which hops subnets and networks. All Cisco, all working normally. We presently have a virus on one computer and we are trying to zero in on its origin on our LAN QMail will tell us the user name ([EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>) but not the original true IP address or computer name Level = debug for both ClamAV and Qmail but the only origin IP we get is that of the gateway. I have meticulously examined every possible log in /var/logs/./. and all ClamAV logs and all qmail scanner logs.
nothing
zip
zero
only gateway IP is available!
Does anyone know where to look for an email true origin or initialize a higher level of debug? Brad Sumrall


Just a stab, here - but have you got any emails that this rogue machine has sent?
Anything in the headers?

Reply via email to