I do a weekly scan
with of my Imail sever with F-protect and disturbingly enough it found two
viruses in the main.mbx files of two of my users. F-protect 3.12a reported
them as klez.E@mm and the attachment was
called logon [2].pif. I copied the MBX file to a test user to see
if I could find the attachment via web mail. There were no suspicious
attachments but there was an e-mail titled "colspan". Once that was
deleted, I re-ran the F-protect scan and it was clear. My questions are,
if I'm running Declude and F-protect how did this file get though to my end
user? I also have .pif attachments blocked by rule. The one
comforting thing was that when I clicked on the e-mail, it would not open and I
got a page expired message. But disturbingly enough I have another user
with a similarly infected file named http.exe. (and I have .exe blocked as
well) Why are these being delivered?
I am running Imail
7.12 and a family recent version of declude. Any
ideas?
Marc
