DennisD Posted July 26, 2004 Share Posted July 26, 2004 I just received 3 email messages through SpamCop with the MyDoom virus. Previously SpamCop checked for viruses and blocked content and just sent me an email notifying me of the fact. What changed to allow the virus to slip through? I automatically forward all mail from my domain biz-builder.com hosted by DirectNIC to SpamCop for filtering and then I POP using Outlook. My domain has been spoofed in the infecteded email and one looks like a normal return mail with an attachment infected with MyDoom caught locally by NortonAV. What happened to the SpamCop AntiVirus checking? Header: Return-Path: <noreply[at]biz-builder.com> Delivered-To: spamcop-net-dennis[at]spamcop.net Received: (qmail 20319 invoked from network); 26 Jul 2004 15:45:44 -0000 Received: from unknown (192.168.1.101) by blade1.cesmail.net with QMQP; 26 Jul 2004 15:45:44 -0000 Received: from iris1.directnic.com (204.251.10.81) by mailgate.cesmail.net with SMTP; 26 Jul 2004 15:45:44 -0000 Received: by iris1.directnic.com (iris/0.153:relay); 26 Jul 2004 15:45:40 +0000 Message-Id: <41052724.C73.72C[at]iris2.directnic.com> X-Iris-Host: 3467912726/[206.180.38.22] X-Forward: from <cds[at]biz-builder.com> to <dennis[at]spamcop.net> Received: from [206.180.38.22] (EHLO biz-builder.com) (206.180.38.22) by iris2.directnic.com (iris/0.153) with ESMTP for <cds[at]biz-builder.com> (rule 627606); 26 Jul 2004 15:45:39 +0000 Return-Path: noreply[at]biz-builder.com From: "MAILER-DAEMON" <noreply[at]biz-builder.com> To: cds[at]biz-builder.com Subject: Returned mail: Data format error Date: Mon, 26 Jul 2004 11:45:25 -0400 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0000_40761DCC.89719A46" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on blade1 X-spam-Level: **** X-spam-Status: hits=4.1 tests=FORGED_MUA_OUTLOOK,MIME_BASE64_ILLEGAL, MSGID_FROM_MTA_HEADER version=2.63 X-SpamCop-Checked: 192.168.1.101 204.251.10.81 206.180.38.22 206.180.38.22 X-SpamCop-Disposition: Blocked SpamAssassin=4 X-SpamCop-Whitelisted: biz-builder.com Link to comment Share on other sites More sharing options...
Wazoo Posted July 26, 2004 Share Posted July 26, 2004 As stated everywhere, if you read the fine print. Anti-virus tools are reactionary, thus offer little to no protection against a "new" virus or variant. And this is a new variant. And even better, at least one version of the spew appears to be a bounce message from the fine folks at the SpamCop Technical Support Team <g> Link to comment Share on other sites More sharing options...
Merlyn Posted July 26, 2004 Share Posted July 26, 2004 As stated everywhere, if you read the fine print. Anti-virus tools are reactionary, thus off little to no protection against a "new" virus or variant. And this is a new variant. And even better, at least one version of the spew appears to be a bounce message from the fine folks at the SpamCop Technical Support Team <g> 13949[/snapback] Wow, directed right at Spamcop. Must have been someone in "Help" complaining they were blocked and they only send legitimate email. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.