[Declude.Virus] Swen not tagged as forging?

[Matt]

I just had a client ask me to turn off all virus notifications, and the message that they sent back was for Swen.A. Date: 03/07/2004 17:37:53 Subject: Abort Notice Host: cybermatsa.com.mx [148.233.93.6] Attachment: enqofe.exe Virus: W32/[EMAIL PROTECTED] Is it possible that this isn't in the forging database, or could this have been a failed lookup, or is it possible that this is a bug in the version of Declude Virus that I am running.  I'm on 1.78i14 currently.  I'm thinking that maybe the combination of the 'MIME Header' vulnerability along with the virus being detected might have caused the SKIPIFFORGING to be bypassed: 03/07/2004 17:37:53 Qa43c661500982fd2 MIME file: [text/html][quoted-printable; Length=228 Checksum=17379] 03/07/2004 17:37:53 Qa43c661500982fd2 Outlook 'MIME Header' Vulnerability: type=audio/x-wav, name=enqofe.exe. 03/07/2004 17:37:53 Qa43c661500982fd2 MIME file: enqofe.exe [base64; Length=106496 Checksum=9384207] 03/07/2004 17:37:53 Qa43c661500982fd2 Banning file with EXE extension [audio/x-wav]. 03/07/2004 17:37:53 Qa43c661500982fd2 Scanner 1: Virus=W32/[EMAIL PROTECTED] Attachment=enqofe.exe [1] O 03/07/2004 17:37:53 Qa43c661500982fd2 Scanner 2: Virus=I-Worm/Swen.A Attachment=enqofe.exe [1] O 03/07/2004 17:37:53 Qa43c661500982fd2 File(s) are INFECTED [W32/[EMAIL PROTECTED]: 6] 03/07/2004 17:37:53 Qa43c661500982fd2 Deleting file with virus 03/07/2004 17:37:53 Qa43c661500982fd2 Deleting E-mail with virus! 03/07/2004 17:37:53 Qa43c661500982fd2 Scanned: CONTAINS A VIRUS [Prescan OK][MIME: 2 106748] 03/07/2004 17:37:53 Qa43c661500982fd2 From: ariearazi@example.com.mx To: [EMAIL PROTECTED] [outgoing from 148.233.93.6] 03/07/2004 17:37:53 Qa43c661500982fd2 Subject: Abort Notice Thanks, Matt -- ===================================================== MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ =====================================================