--
Am 2004-07-27 08:52:50, schrieb Peter Bowyer:
>OK, nothing special, but what SA rule triggers to detect the virus?
OK, I was looking in some of the Messages...
____ ( 'stdin' ) _____________________________________________________
/
| Content analysis details: (5.5 points, 4.0 required)
|
| pts rule name description
| ---- ----------------------
--------------------------------------------------
| 2.3 BAYES_70 BODY: Bayesian spam probability is 70 to 80%
| [score: 0.7700]
| 0.7 DATE_IN_PAST_06_12 Date: is 6 to 12 hours before Received: date
| 2.6 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
|
|
|
| Content analysis details: (4.0 points, 4.0 required)
|
| pts rule name description
| ---- ----------------------
--------------------------------------------------
| -0.9 BAYES_30 BODY: Bayesian spam probability is 30 to 40%
| [score: 0.3952]
| 1.6 MIME_BASE64_ILLEGAL RAW: base64 attachment uses illegal characters
| 2.6 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
| 0.8 AWL AWL: Auto-whitelist adjustment
|
|
|
| Content analysis details: (9.5 points, 4.0 required)
|
| pts rule name description
| ---- ----------------------
--------------------------------------------------
| 5.4 BAYES_99 BODY: Bayesian spam probability is 99 to 100%
| [score: 0.9999]
| 1.6 MIME_BASE64_ILLEGAL RAW: base64 attachment uses illegal characters
| 0.0 UPPERCASE_25_50 message body is 25-50% uppercase
| 2.6 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
|
|
|
| Content analysis details: (4.7 points, 4.0 required)
|
| pts rule name description
| ---- ----------------------
--------------------------------------------------
| 2.1 BAYES_90 BODY: Bayesian spam probability is 90 to 99%
| [score: 0.9567]
| 2.6 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
|
|
|
| Content analysis details: (5.0 points, 4.0 required)
|
| pts rule name description
| ---- ----------------------
--------------------------------------------------
| 0.2 NO_REAL_NAME From: does not include a real name
| -0.0 BAYES_40 BODY: Bayesian spam probability is 40 to 44%
| [score: 0.4229]
| 1.6 MIME_BASE64_ILLEGAL RAW: base64 attachment uses illegal characters
| 0.7 MSGID_FROM_MTA_HEADER Message-Id was added by a relay
| 2.6 FORGED_MUA_OUTLOOK Forged mail pretending to be from MS Outlook
\______________________________________________________________________
So all Messages are coming with a forged Outlook Header...
>Peter
I hope this help you...
Greetings
Michelle
--
Linux-User #280138 with the Linux Counter,
http://counter.li.org/
Michelle Konzack Apt. 917 ICQ #328449886
50, rue de Soultz MSM LinuxMichi
0033/3/88452356 67100 Strasbourg/France IRC #Debian (irc.icq.com)
--
Content-Description: Digital signature
[ signature.pgp of type application/pgp-signature deleted ]
--
--
## List details at
http://www.exim.org/mailman/listinfo/exim-users Exim details
at
http://www.exim.org/ ##
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
Send Email