[windows2000] Re: Odd Email
- From: Daniel Ensor <densor@xxxxxxxxx>
- To: "'windows2000@xxxxxxxxxxxxx'" <windows2000@xxxxxxxxxxxxx>
- Date: Wed, 5 Nov 2003 16:55:34 -0000
I don't know if this is relevant for Trend but I know it is an issue with
some programs
This is from Clearswift.
Cheers Dan
Dear Subscriber,
Over the weekend variants D, E, F, G and H of the W32/Mimail mass mailing
worm were identiifed in the wild, but did not generally spread in
significant numbers. These variants are of particular interest to
MAILsweeper for SMTP users due to malformation of the zip file attachments.
We have seen samples of the zip files (all called readnow.zip and containing
readnow.doc.scr) that are deliberately malformed and may be classified as
binary by MAILsweeper.
We advise any customers who are not already doing so to block the
attachments with a File Detector scenario, using the explicit masks
"photos.zip" and "readnow.zip".
Work is under way to provide a patch to enable correct decomposition of
similarly malformed zip files and customers will be advised of availability
in due course.
Pete Simpson
ThreatLab Manager
-----Original Message-----
From: Greg Reese [mailto:GReese@xxxxxxxxxxxxxxxx]
Sent: Wednesday, November 05, 2003 4:46 PM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: Odd Email
yeah it looks like the mimail but it really bothers me that my AV did not
catch it.
My users are dumb enough to open it right up to see what it is.
Greg
-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Daniel Ensor
Sent: Wednesday, November 05, 2003 11:26 AM
To: 'windows2000@xxxxxxxxxxxxx'
Subject: [windows2000] Re: Odd Email
Greg
I think that's Minmail F the new variant? But I could be wrong.
Cheers
Dan
-----Original Message-----
From: Greg Reese [mailto:GReese@xxxxxxxxxxxxxxxx]
Sent: Wednesday, November 05, 2003 4:11 PM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Odd Email
I got an email this morning that has all the markings of a virus.
I don't know the person, the story sounds fishy and the attachment is a zip
file containing an exe.
Several other identical messages from different senders have been kicked to
me from exchange as delivery failures for users that no longer exist here.
Anyway, the email made it through my Trend ScanMail which updates every
hour. I double checked and I am up to date. Trend does not see this as a
virus. Yet.
Anyone else seen any goofy emails with a file attached called MyMovies.zip?
Greg
********************************************************
This Weeks Sponsor Pearl Software
Internet Monitoring, Filtering, and Control Solutions
Enabling User & Group Level Oversight & Access Policies
Fully Functional in a Thick or Thin Client Environment
http://www.pearlsw.com
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Visit the new FDL web - site designed to serve you better -
http://www.fdl.co.uk
This message has been sent from Fuerst Day Lawson Ltd and confirms that the
email has been scanned and to the best of our knowledge is free from virus
infection. The unauthorised use, disclosure, forwarding or copying of this
message and any attachments is strictly prohibited. If you have received
this message in error, please email moderator@xxxxxxxxx This message and any
attachments, which are confidential and may be privileged, are for the use
of the addressee(s) only. The views and opinions expressed in this email
message are the author's own and may not reflect the views and opinions of
Fuerst Day Lawson Ltd.
********************************************************
This Weeks Sponsor Pearl Software
Internet Monitoring, Filtering, and Control Solutions
Enabling User & Group Level Oversight & Access Policies
Fully Functional in a Thick or Thin Client Environment
http://www.pearlsw.com
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
********************************************************
This Weeks Sponsor Pearl Software
Internet Monitoring, Filtering, and Control Solutions
Enabling User & Group Level Oversight & Access Policies
Fully Functional in a Thick or Thin Client Environment
http://www.pearlsw.com
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Visit the new FDL web - site designed to serve you better -
http://www.fdl.co.uk
This message has been sent from Fuerst Day Lawson Ltd and confirms that the
email has been scanned and to the best of our knowledge is free from virus
infection. The unauthorised use, disclosure, forwarding or copying of this
message and any attachments is strictly prohibited. If you have received
this message in error, please email moderator@xxxxxxxxx This message and any
attachments, which are confidential and may be privileged, are for the use
of the addressee(s) only. The views and opinions expressed in this email
message are the author's own and may not reflect the views and opinions of
Fuerst Day Lawson Ltd.
********************************************************
This Weeks Sponsor Pearl Software
Internet Monitoring, Filtering, and Control Solutions
Enabling User & Group Level Oversight & Access Policies
Fully Functional in a Thick or Thin Client Environment
http://www.pearlsw.com
**********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
Other related posts:
