I doubt this is due to the MIME header problem. W32.Goner.A@mm uses Outlook via MAPI to send it's message. It doesn't have its own SMTP engine and doesn't generate its own MIME headers. The MIME headers should be RFC compliant. I'd double check configurations from properly updated DATs to verifying you are scanning SCR extensions. Good luck, ...Eric At 03:10 PM 12/4/2001 -0500, you wrote: >Note: the newest virus (w32/gone.a-mm) is blowing thru the WebShield product >that runs on NT in front of our email server. >We have just updated to the newest DAT files from McAfee . 4174. > >It seems to be a continuation of the other problem. Bottom line here, we are >using GroupShield in conjunction with WebShield and it is set to delete most >extensions on sight. The only way we saved ourselves from what looks to be a >very bad outbreak.
