The nature of SMTP virus detection

    Date: 04/27/06 (IT Professionals)    Keywords: virus, antivirus

    I have a question about SMTP mass mail viruses.

    My client is running Symantec Corporate Antivirus with AV Exchange as well.

    In the last two days the system has reported a small flood of virus infected attachments coming from inside the SMTP transport.
    As far as i can tell, the system is saying the viruses are coming from inside the network.

    The "from" addresses are all bogus but of course contain the clients domain name.

    I am as I type this running a full virus sweep on all the connected PC's and the 2 servers. So far nothing is showing up (if only Symantec AV recorded IP as well).

    Now I am thinking that these are actually INCOMING viruses, probably addressed to bogus addresses.

    Am I right in that assessment? If so, why on earth do the Symantec logs show the "target" as the "author"?

    Source: http://community.livejournal.com/itprofessionals/37035.html

« LDAP and AD || Practical question about... »
Search  •  Site Map  •  Set as Homepage  •  Add to Favourites  • 
antivirus | apache | asp | blogging | browser | bugtracking | cms | crm | css | database | ebay | ecommerce | google | hosting | html | java | jsp | linux | microsoft | mysql | offshore | offshoring | oscommerce | php | postgresql | programming | rss | security | seo | shopping | software | spam | spyware | sql | technology | templates | tracker | virus | web | xml | yahoo | home