mailmarshal@dealeremail.co.nz
2004-May-01 06:57 UTC
[Rd] A Virus is in a message was sent by you.
MailMarshal has stopped the following message: From : r-devel@r-project.org To : sales@gisbornemotors.co.nz Subject : i have received this. Message : B000228947.00000001.mml Message ID : Server IP : 219.89.138.232 Helo Name : gisbornemotors.co.nz Date/Time : 1/05/2004 - 16:58:56 File : B000228947.00000001.mml; ps.zip The message contains a virus: W32/Netsky.c@MM!zip Please clean the file and resend B000228947.00000001.mml; ps.zip -------------- next part -------------- 3136 16:58:50.681 Message From <r-devel@r-project.org>, Return-path <r-devel@r-project.org>, Recipients (1) - <sales@gisbornemotors.co.nz> 3136 16:58:50.681 Thread 2 Starting to unpack <B000228947.00000001.mml> 3136 16:58:50.711 Type=MAIL, size=35801, Name=B000228947.00000001.mml 3136 16:58:50.711 Type=MHDR, size=444, Name=MsgHeader.txt 3136 16:58:50.711 Type=MBODY, size=13, Name=Plain.txt 3136 16:58:50.711 Type=ZIP, size=25471, Name=ps.zip 3136 16:58:50.711 Type=EXEW32, size=25353, Name=ps.doc.com 3136 16:58:50.711 0 user(s) match ruleset - AAC Messages 3136 16:58:50.711 0 user(s) match ruleset - Waikato Motor Group 3136 16:58:50.711 0 user(s) match ruleset - Sydenham Motor Group 3136 16:58:50.711 1 user(s) match ruleset - Inbound Messages 3136 16:58:50.711 1 user(s) match rule - Archive Message 3136 16:58:50.711 Name=U1\B000228947.00000001.mml (MAIL,35801) TRUE 3136 16:58:50.711 Requesting Action <Inbound Messages:Archive Message:CopyMessage> be run 3136 16:58:50.711 1 user(s) match rule - Block VIDEO Files 3136 16:58:50.711 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:50.711 Name=U2\MsgHeader.txt (MHDR,444) False 3136 16:58:50.711 Name=U2\Plain.txt (MBODY,13) False 3136 16:58:50.711 Name=U2\ps.zip (ZIP,25471) False 3136 16:58:50.711 Name=U3\ps.doc.com (EXEW32,25353) False 3136 16:58:50.711 1 user(s) match rule - Spam Filter 3136 16:58:50.721 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:50.721 Name=U2\MsgHeader.txt (MHDR,444) False 3136 16:58:50.721 Name=U2\Plain.txt (MBODY,13) False 3136 16:58:50.721 Name=U2\ps.zip (ZIP,25471) False 3136 16:58:50.721 Name=U3\ps.doc.com (EXEW32,25353) False 3136 16:58:50.721 0 user(s) match rule - Block Junk Mailers 3136 16:58:50.721 1 user(s) match rule - Suspected Virus 3136 16:58:50.721 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:50.721 Name=U2\MsgHeader.txt (MHDR,444) False 3136 16:58:50.721 Name=U2\Plain.txt (MBODY,13) False 3136 16:58:50.721 Name=U2\ps.zip (ZIP,25471) False 3136 16:58:50.721 Name=U3\ps.doc.com (EXEW32,25353) False 3136 16:58:50.721 1 user(s) match rule - Multimedia Inbound 3136 16:58:50.721 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:50.721 Name=U2\MsgHeader.txt (MHDR,444) False 3136 16:58:50.721 Name=U2\Plain.txt (MBODY,13) False 3136 16:58:50.721 Name=U2\ps.zip (ZIP,25471) False 3136 16:58:50.721 Name=U3\ps.doc.com (EXEW32,25353) False 3136 16:58:50.721 1 user(s) match rule - Porn Spam 3136 16:58:50.731 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:50.731 Name=U2\MsgHeader.txt (MHDR,444) False 3136 16:58:50.731 Name=U2\Plain.txt (MBODY,13) False 3136 16:58:50.731 Name=U2\ps.zip (ZIP,25471) False 3136 16:58:50.741 Name=U3\ps.doc.com (EXEW32,25353) False 3136 16:58:50.741 1 user(s) match rule - Spam Filter - One 3136 16:58:50.751 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:50.751 1 user(s) match rule - Spam Filter - Two 3136 16:58:56.420 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:56.420 0 user(s) match rule - Team Hutch Language 3136 16:58:56.420 1 user(s) match rule - Block Chain Letters 3136 16:58:56.420 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:56.420 Name=U2\MsgHeader.txt (MHDR,444) False 3136 16:58:56.420 Name=U2\Plain.txt (MBODY,13) False 3136 16:58:56.420 Name=U2\ps.zip (ZIP,25471) False 3136 16:58:56.420 Name=U3\ps.doc.com (EXEW32,25353) False 3136 16:58:56.420 1 user(s) match rule - Block Known Worms 3136 16:58:56.420 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:56.420 Name=U2\MsgHeader.txt (MHDR,444) False 3136 16:58:56.420 Name=U2\Plain.txt (MBODY,13) False 3136 16:58:56.420 Name=U2\ps.zip (ZIP,25471) False 3136 16:58:56.420 Name=U3\ps.doc.com (EXEW32,25353) False 3136 16:58:56.420 1 user(s) match rule - Block Virus Hoax Messages 3136 16:58:56.420 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:56.420 Name=U2\MsgHeader.txt (MHDR,444) False 3136 16:58:56.420 Name=U2\Plain.txt (MBODY,13) False 3136 16:58:56.420 Name=U2\ps.zip (ZIP,25471) False 3136 16:58:56.430 Name=U3\ps.doc.com (EXEW32,25353) False 3136 16:58:56.430 1 user(s) match rule - Block VBScript 3136 16:58:56.430 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:56.430 Name=U2\MsgHeader.txt (MHDR,444) False 3136 16:58:56.430 Name=U2\Plain.txt (MBODY,13) False 3136 16:58:56.430 Name=U2\ps.zip (ZIP,25471) False 3136 16:58:56.430 Name=U3\ps.doc.com (EXEW32,25353) False 3136 16:58:56.430 1 user(s) match rule - Block Virus 3136 16:58:56.450 virus scanner OK <NetIQ Integrated McAfee AntiVirus> file <B000228947.00000001.mml> after 20 millisecs 3136 16:58:56.460 virus scanner OK <NetIQ Integrated McAfee AntiVirus> file <MsgHeader.txt> after 10 millisecs 3136 16:58:56.460 virus scanner OK <NetIQ Integrated McAfee AntiVirus> file <Plain.txt> after 0 millisecs 3136 16:58:56.460 virus scanner FOUND virus <NetIQ Integrated McAfee AntiVirus> name <W32/Netsky.c@MM!zip> file <ps.zip> after 0 millisecs 3136 16:58:56.490 virus scanner OK <NetIQ Integrated McAfee AntiVirus> file <B000228947.00000001.mml> after 30 millisecs 3136 16:58:56.490 Name=U1\B000228947.00000001.mml (MAIL,35801) False 3136 16:58:56.490 virus scanner OK <NetIQ Integrated McAfee AntiVirus> file <MsgHeader.txt> after 0 millisecs 3136 16:58:56.490 Name=U2\MsgHeader.txt (MHDR,444) False 3136 16:58:56.500 virus scanner OK <NetIQ Integrated McAfee AntiVirus> file <Plain.txt> after 10 millisecs 3136 16:58:56.500 Name=U2\Plain.txt (MBODY,13) False 3136 16:58:56.500 virus scanner FOUND virus <NetIQ Integrated McAfee AntiVirus> name <W32/Netsky.c@MM!zip> file <ps.zip> after 0 millisecs 3136 16:58:56.500 Name=U2\ps.zip (ZIP,25471) TRUE Terminal 3136 16:58:56.500 Requesting Action <Inbound Messages:Block Virus:MailTemplate> be run