* Suresh Ramasubramanian <mallet@???> [20010725 18:24]: writing on the subject 'Re: [Exim] W32/Sircam worm'
Suresh> Phillips, Alan [exim-users] <25/07/01 11:23 +0100>:
Suresh> > Does anyone know how the SMTP engine in SirCam actually works? Does it simply
Suresh> > try to find an A record for the target domain, or is it smart enough to do MX
Suresh> > lookups? Or does it do something like assume a machine called "mail" in the
Suresh> > default domain is a smarthost?
Suresh>
Suresh> I haven't analyzed it - but smtp engine or not, it seems to just deliver to
Suresh> the user's smarthost / smtp server for forwarding.
Suresh>
Suresh> I haven't seen too many direct to MX connections from my luzers, most of whom
Suresh> have got themselves infected, despite dire threats of bodily harm from us
Suresh> long suffering admins :)
Suresh>
Suresh> -suresh
FYI:
With the system_filter.exim working perfectly on my system, and having
also added the 'possible' .lnk extension that SIRCAM also permutates to, I
still received an e-mail that had a Word.doc.bat !! Is the filter gone
impotent or is there something I missed on the list?
TIA
-Wash
--
Odhiambo Washington
Wananchi Online Ltd.,
wash@??? 1st Flr Loita Hse.
Tel: 254 2 313985 Loita Street.,
Fax: 254 2 313922 PO Box 10286,00100-NAIROBI,KE.
All men are born, but not all men really die.
-William Wallace (Mel Gibson), "Braveheart"
