Salam MDaemon
Pak Syafril dan rekan lainya di Cfilter EXE saya masih belum ampuh
untuk hal ini, dan kebetulan yang ngirim file EXE ini dari virusnya
langsung, bisa bantu analisa kenapa dia masih bisa lolos :
Header 1, yang dari virus MX95 dengan mengirimkan file ANTI_CIH.EXE
======================Awal Header 1==========================================
Received: from pop.indosat.net.id [202.155.50.5] by spij.co.id [192.168.0.100]
with DomainPOP (MDaemon.v3.1.1.R)
for <[EMAIL PROTECTED]>; Thu, 12 Oct 2000 10:47:42 +0700
Return-Path: <[EMAIL PROTECTED]>
Received: from spij.co.id ([202.158.48.69]) by jktsm01.indosat.net.id
(InterMail vK.4.02.00.10 201-232-116-110 license
730f8eb5c6a4977202bec32590427e0f)
with ESMTP id <[EMAIL PROTECTED]>
for <[EMAIL PROTECTED]>; Thu, 12 Oct 2000 10:36:58 +0700
Received: from fg.egroups.com by spij.co.id
with SMTP (MDaemon.v3.1.1.R)
for <[EMAIL PROTECTED]>; Thu, 12 Oct 2000 10:32:15 +0700
X-eGroups-Return:
[EMAIL PROTECTED]
Received: from [10.1.10.37] by fg.egroups.com with NNFMP; 12 Oct 2000 03:31:22 -0000
Received: (qmail 17367 invoked by alias); 12 Oct 2000 03:31:20 -0000
X-Sender: [EMAIL PROTECTED]
X-Apparently-To: [EMAIL PROTECTED]
Received: (EGP: mail-6_1_0); 11 Oct 2000 09:49:08 -0000
Received: (qmail 22717 invoked from network); 11 Oct 2000 09:49:08 -0000
Received: from unknown (10.1.10.27) by m1.onelist.org with QMQP; 11 Oct 2000 09:49:08
-0000
Received: from unknown (HELO cache1.telkomsel.co.id) (202.155.14.251) by mta2 with
SMTP; 11 Oct 2000 09:49:05 -0000
Received: from s4.telkomsel.co.id (s4.Telkomsel.co.id [10.1.83.36]) by
cache1.telkomsel.co.id (8.9.3/8.9.3) with ESMTP id QAA96997 for
<[EMAIL PROTECTED]>; Wed, 11 Oct 2000 16:49:01 +0700 (JAVT) (envelope-from
[EMAIL PROTECTED])
Received: from jkt.telkomsel.co.id ([10.1.140.75]) by s4.telkomsel.co.id (8.9.3/8.9.3)
with ESMTP id QAA40837 for <[EMAIL PROTECTED]>; Wed, 11 Oct 2000 16:48:57 +0700
(JAVT) (envelope-from [EMAIL PROTECTED])
Message-Id: <[EMAIL PROTECTED]>
To: undisclosed-recipients:;
From: Dedi Mulyadi 97303 <[EMAIL PROTECTED]>
X-eGroups-Approved-By: [EMAIL PROTECTED] via email; 12 Oct 2000 03:31:20 -0000
MIME-Version: 1.0
Mailing-List: list [EMAIL PROTECTED]; contact [EMAIL PROTECTED]
Delivered-To: mailing list [EMAIL PROTECTED]
Precedence: bulk
List-Unsubscribe: <mailto:[EMAIL PROTECTED]>
Date: Wed, 11 Oct 2000 16:48:57 +0700 (JAVT)
Reply-To: [EMAIL PROTECTED]
Subject: [Job Opportunity] (unknown)
Content-Type: multipart/mixed;
boundary="==i3.9.0oisdboibsd((kncd"
X-Return-Path:
[EMAIL PROTECTED]
X-MDaemon-Deliver-To: [EMAIL PROTECTED]
X-MDRemoteIP: 202.155.50.5
--==i3.9.0oisdboibsd((kncd
Content-Type: application/octet-stream; name="ANTI_CIH.EXE"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="ANTI_CIH.EXE"
TVpQAAIAAAAEAA8A//8AALgAAAAAAAAAQAAaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
.....
--==i3.9.0oisdboibsd((kncd--
========================Akhir Header 1=======================================
Header 2, yang dari versi trial dan sudah bisa di cegah oleh cfilter
========================Awal Header 2========================================
Received: from NT [192.168.0.100] by spij.co.id [192.168.0.100]
with SMTP (MDaemon.v3.1.1.R)
for <[EMAIL PROTECTED]>; Thu, 12 Oct 2000 11:07:37 +0700
Date: Thu, 12 Oct 2000 11:07:32 +0700
From: Bambang <[EMAIL PROTECTED]>
X-Mailer: The Bat! (v1.46) Business
Reply-To: Bambang <[EMAIL PROTECTED]>
Organization: SPIJ
X-Priority: 3 (Normal)
Message-ID: <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: dengan exe
X-Sender: Bambang <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="----------7C1AA1FB2AB3130"
X-MDaemon-Deliver-To: [EMAIL PROTECTED]
X-Return-Path: [EMAIL PROTECTED]
X-MDRcpt-To: [EMAIL PROTECTED]
X-MDRemoteIP: 192.168.0.100
Anda terdaftar di List ini dg alamat : archive@jab.org
[ attachment has been remove by MDaemon ]
------------7C1AA1FB2AB3130
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hello biw,
ini quote dari bambang untuk biw
--
Best regards,
Bambang mailto:[EMAIL PROTECTED]
------------7C1AA1FB2AB3130--
