We do have AV software running. From the console, I can see we do have people with out of date virus defs, which could explain it. However, after reading the Symantec article in more detail, I am not 100% sure this is the same virus. All the characteristics of the message are the same (from, subject, message text), but the exploit link in the email points to a different IP address than the one in that article. I can't find any articles which reference this particular IP address. I also don't see any activity on the port that article references an infected computer would try to attempt to. So, it looks like this might be a new variant. -----original message----- Bill, Do you not have AV software on your PC's and Exchange server? _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/read/?forum=exchange To subscribe: http://e-newsletters.internet.com/discussionlists.html/ To unsubscribe send a blank email to [EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] To unsubscribe via postal mail, please contact us at: Jupitermedia Corp. Attn: Discussion List Management 475 Park Avenue South New York, NY 10016
Please include the email address which you have been contacted with.
