[Full-Disclosure] viruses being sent to list
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Fri Apr 30 20:35:47 BST 2004
On Thu, 29 Apr 2004 12:18:51 PDT, John Lalla <john.lalla at cox.net> said:
> --8323584-424238335-1083266341=:2613
> Content-Type: TEXT/plain; charset=us-ascii
>
> I have recieved two virus infected emails from this list in the last
> week. Is it possible to have our list admin run clamav or amavis-new. I
> can deal with them on my own, but list-wide screening seems fundamental.
>
> From: wflahr at yahoo.com
> Date: Mon, 26 Apr 2004 19:03:23 -0400
> Virus Name: W32/Bagle.z at MM
> Infected Attachments: 00000070.EML, /00000070.EML�, /00000070.EML/me3.jpeg�, /0
0000070.EML/Details.exe�
>
> From: full-disclosure-admin at lists.netsys.com
> Date: Thu, 29 Apr 2004 11:17:21 -0400
> Virus Name: W32/Bagle.aa at MM
> Infected Attachments: 00000070.EML, /00000070.EML�, /00000070.EML/Smoke.scr�
Thanks for including sufficient Received: lines to prove that the two items
in question even actually passed through the list.
If you're going to beat a dead horse, at least prove you know which equine
corpse you are in the process of flogging....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040430/38703194/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.