Note: the newest virus (w32/gone.a-mm) is blowing thru the WebShield product
that runs on NT in front of our email server.
We have just updated to the newest DAT files from McAfee . 4174.
It seems to be a continuation of the other problem. Bottom line here, we are
using GroupShield in conjunction with WebShield and it is set to delete most
extensions on sight. The only way we saved ourselves from what looks to be a
very bad outbreak.
FYI
Be like water my friend ...
Alan G. Monaghan
MCSE+I - Win4.0; MCSE - Win2k
BJCP # C0389 (Recognized)
Gardner Publications, Inc.
Internet Administrator
? Phone 1-513-527-8867
? Fax 1-513-527-8801
( Car 1-513-520-6866
? Cell 1-513-378-0919
? E-mail AlanM@Gardnerweb.com
? URL http://Bullwinkle.GardnerWeb.Com/
-----Original Message-----
From: Jari Helenius [mailto:jari.helenius@mawaron.com]
Sent: Saturday, December 01, 2001 11:38 AM
To: bugtraq@securityfocus.com
Subject: RE: NAI Webshield SMTP for WinNT MIME header vuln that
allowsBadTrans to pass
After this message was published in Bugtraq, one person from NAI Europe
contacted me. They asked sample of virus (which I had sent them already
