Re: OT: virus in list

• From: "Edward Sullivan" <esullivan@xxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 5 Jun 2003 16:43:05 -0500

BEDEVERE:
Exactly. So, logically...
VILLAGER #1:
If... she... weighs... the same as a duck,... she's made of wood.
BEDEVERE:
And therefore?
VILLAGER #2:
A witch!
VILLAGER #1:
A witch!
CROWD:
A witch! A witch!... Ohh! Ohh! Burn the witch!

----------------------------------------------------------------

This was more than likely an honest error, not worth burning anyone at the 
stake over.


-----Original Message-----
From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: Thursday, June 05, 2003 4:36 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: OT: virus in list


http://www.ISAserver.org


This may be a case of an improperly configured notice from the same software
I use. I have requested that Jim send me more information so I can follow up
directly with the admin involved.

John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com


> -----Original Message-----
> From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> Sent: Thursday, June 05, 2003 2:16 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: OT: virus in list
> 
> http://www.ISAserver.org
> 
> 
> Here was my response to this kind of "auto-advisor" code today:
> 
> (his mail)
> ----- Original Message -----
> From: "Postmaster" <postmaster@xxxxxxxxxxxxxxxxxxxxxx>
> To: <postmaster@xxxxxxxxxxxx>
> Sent: Thursday, June 05, 2003 00:32
> Subject: Your mail server sent us a virus
> 
> 
> The Virus software on our mail server detected the  W32/Sobig.C@mm virus
> that appears to have come from your mail server.  It was sent in
> an attachment application.pif, from jim@xxxxxxxxxxxx to
> kosmoski@xxxxxxxxxxxxxxxxxx,
> with the subject "Re: Movie".  The Message-ID was:
> <20030605023254.SM01532@FREMIOT-PC>.
> 
> If your mail server had virus protection, it would have caused less work
for
> our server and would have likely prevented one of your users from getting
a
> virus in the first place!
> 
> (my response)
> 
> Hello,
> 
> Five points for you to ponder:
> 1. I've examined my mail server logs for the past week and no such mail
ever
> left my server.
> 2. I have server-based AV scanning and it has been catching Sobig for the
> last week.
> 3. It's one of the attributes of Sobig that the source email addr is
> spoofed.
> 4. If you examine the mail header and your own mail logs, you'll likely
see
> that regardless of the "source email address", the source IP is not mine.
> 5. If your automation was smarter, I wouldn't have to respond to inane
> comments like "If your mail server had virus protection, it would have
> caused less work for our server and would have likely prevented one of
your
> users from getting a virus in the first place!"
> 
> The fact is, if you used smarter virus response automation, I wouldn't
have
> to waste my time educating you.
> Get a clue; they're free.
> 
>  Jim Harrison
>  MCP(NT4, W2K), A+, Network+, PCG
>  http://www.microsoft.com/isaserver
>  http://isaserver.org/Jim_Harrison
>  http://isatools.org
> 
>  Read the help, books and articles!
> 
> ----- Original Message -----
> From: "Dan Gabbard" <intellihome@xxxxxxxxx>
> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
> Sent: Thursday, June 05, 2003 12:47
> Subject: [isalist] OT: virus in list
> 
> 
> http://www.ISAserver.org
> 
> 
> 
> 
> I just sent a reply to a post and then received an out-of-office reply
that
> had a virus attached, according to Norton AV. The virus came from
> "NAVMSE-BRUMAIL@xxxxxxxxxxx" I think, not sure how Norton handle these.
> Has
> this happened to anyone else on the list?
> 
> 
> 
> 
> 
>        Dan
> 
> 
> 
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> johnlist@xxxxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
esullivan@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » OT: virus in list
• » RE: OT: virus in list
• » RE: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list
• » Re: OT: virus in list

1. Home
2. isalist
3. Archive
4. 06-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---