Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 14 Apr 2002 16:43:29 -0500
From:      "Craig Boston" <craig@meoqu.gank.org>
To:        "Juha Saarinen" <juha@saarinen.org>
Cc:        <stable@freebsd.org>
Subject:   Re: Antigen Notification:Antigen found VIRUS= HTML\MimeExploit.IFRAME (CA(InoculateIT),CA(Vet)) virus (fwd)
Message-ID:  <00fc01c1e3fd$6b3a79f0$5f45a8c0@auir.gank.org>
References:  <Pine.WNT.4.43.0204150932570.3044-100000@den2>
next in thread | previous in thread | raw e-mail | index | archive | help 
No, from the headers it looks like tig-msxproto1.tig.mizzou.edu is.  It also
looks like their antigen server is using an invalid envelope sender (simply
<antigen> with no domain name).

AFAIK, freebsd.org *DOES* use Postfix, however, and it assumes unqualified
addresses are local and rewrites them with its own domain name...  So
<antigen> becomes <antigen@freebsd.org>.  Maybe one of the Postfix gurus can
come up with a regex match to prevent stuff like this from masquarading as a
valid address.

cb

----- Original Message -----
From: "Juha Saarinen" <juha@saarinen.org>
To: <freebsd-stable@freebsd.org>
Sent: Sunday, April 14, 2002 4:33 PM
Subject: Antigen Notification:Antigen found VIRUS= HTML\MimeExploit.IFRAME
(CA(InoculateIT),CA(Vet)) virus (fwd)


> Errr... "antigen@freebsd.org"? Is the list running $Exchange?
>
> --
> Juha Saarinen
>
> ---------- Forwarded message ----------
> Date: 14 Apr 2002 16:23:14 -0500
> From: "Antigen@FreeBSD.ORG" <Antigen@FreeBSD.ORG>
> To: "freebsd-stable@FreeBSD.org" <freebsd-stable@FreeBSD.org>
> Subject: Antigen Notification:Antigen found VIRUS= HTML\MimeExploit.IFRAME
>     (CA(InoculateIT),CA(Vet)) virus
>
> Antigen for Exchange found Unknown infected with VIRUS=
HTML\MimeExploit.IFRAME (CA(InoculateIT),CA(Vet)) virus.
> The file is currently Removed.  The message, "Height", was
> sent from Sylvia.Patai  and was discovered in SMTP Messages\Outbound
> located at University of Missouri/Tigers/TIG-MSXPROTO1.
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
>
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00fc01c1e3fd$6b3a79f0$5f45a8c0>