I can see also a lot of this "unknown virus" reports. (Se attched admin-notify message)
All are comming from <>, [EMAIL PROTECTED] or are NDRs. F-Prot reports an unknown virus. I don't know why, but from the message headers I can see that practically all of this NDRs are "useless" because they are generated from worm messages with forged mailfrom addresses. Markus > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry > Sent: Friday, May 07, 2004 1:10 PM > To: [EMAIL PROTECTED] > Subject: Re: [Declude.Virus] Unknown Viruses? > > > >I am using F-Prot and it is working but I keep getting these > >unidentified viruses. > > > >Unknown Virus virus in the Unknown File attachment > > > >Can anyone shed any light on this? > > Do you ever get the correct virus name (without > "Vulnerability" in the name)? If not, then the F-Prot > settings aren't correct (either it is not saving the > report.txt file, or there is no REPORT line or an invalid > REPORT line in the \IMail\Declude\virus.cfg file). > > If the virus name is shown sometimes, the log file entries > should help determine what happened. If you are blocking > suspicious files (with "VIRUSCODE 8" in the virus.cfg file), > then the "Unknown Virus" will appear if F-Prot detects a > suspicious file (since it can't know the name of a virus that > it cannot detect). > > -Scott > --- > Declude JunkMail: The advanced anti-spam solution for IMail > mailservers since 2000. > Declude Virus: Ultra reliable virus detection and the leader > in mailserver vulnerability detection. > Find out what you've been missing: Ask for a free 30-day evaluation. > > --- > [This E-mail was scanned for viruses by Declude Virus > (http://www.declude.com)] > > --- > This E-mail came from the Declude.Virus mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.Virus". The archives can be found > at http://www.mail-archive.com. >
--- Begin Message --- Title: Virus Report
Virus in einer Email gefunden.
Virus: Unknown Virus
Datei: Unknown File
von: <>
an: [EMAIL PROTECTED]
Betreff: Mail delivery failed: returning message to sender
Empfänger: 1
Queuename: D609901dc0098aeb0.SMD
Datum: 05/03/2004
Zeit: 17:09:15
Remotehost: Unknown (194.123.123.82)
Localhost: local-domain.it
D.Version: 1.79i6Header:
Received: from mailout05.sul.t-online.com [194.25.134.82] by mail.zcom.it with ESMTP
(SMTPD32-7.15) id A0991DC0098; Mon, 03 May 2004 17:09:13 +0200
Received: from mailin05.aul.t-online.de
by mailout05.sul.t-online.com with smtp
id 1BKf4C-00072N-00; Mon, 03 May 2004 17:09:12 +0200
X-Failed-Recipients: [EMAIL PROTECTED]
From: Mail Delivery System <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Mail delivery failed: returning message to sender
Message-Id: <[EMAIL PROTECTED]>
Date: Mon, 3 May 2004 17:08:41 +0200
--- End Message ---
