[NVisionIP] SPAM {Virus?} failed

To: <nvisionip@ncsa.uiuc.edu>
Subject: [NVisionIP] *****SPAM***** {Virus?} failed
From: "Bounced mail" <noreply@ncsa.uiuc.edu>
Date: Sun, 5 Mar 2006 04:33:04 -0800
Content-type: multipart/mixed; boundary="----------=_440ADBEE.859161BC"
Reply-to: nvisionip@ncsa.uiuc.edu
Sender: owner-nvisionip@ncsa.uiuc.edu

Spam detection software, running on the system "rimantadine.ncsa.uiuc.edu", has
identified this incoming email as possible spam.  The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email.  If you have any questions, see
postmaster@ncsa.uiuc.edu for details.

Content preview:  Warning: This message has had one or more attachments
  removed Warning: (approved-password.zip, nvisionipncsa.uiuc.edu..exe).
  Warning: Please read the "NCSA-Attachment-Warning.txt" attachment(s) for
  more information. [...] 

Content analysis details:   (10.4 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 2.6 MSGID_OUTLOOK_INVALID  Message-Id is fake (in Outlook Express format)
-2.6 BAYES_00               BODY: Bayesian spam probability is 0 to 1%
                            [score: 0.0000]
 2.4 RCVD_IN_WHOIS_BOGONS   RBL: CompleteWhois: sender on bogons IP block
         [116.210.195.219 listed in combined-HIB.dnsiplists.completewhois.com]
 1.6 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
               [Blocked - see <http://www.spamcop.net/bl.shtml?208.57.59.116>]
 1.7 MSGID_DOLLARS          Message-Id has pattern used in spam
 1.9 RATWARE_MS_HASH        Bulk email fingerprint (msgid ms hash) found
 2.8 RATWARE_OUTLOOK_NONAME Bulk email fingerprint (Outlook no name)
                            found

The original message was not completely plain text, and may be unsafe to
open with some email clients; in particular, it may contain a virus,
or confirm that your address can receive spam.  If you wish to view
it, it may be safer to save it to a file and open it with an editor.

--- Begin Message ---

To: <nvisionip@ncsa.uiuc.edu>
Subject: {Virus?} failed
From: "Bounced mail" <noreply@ncsa.uiuc.edu>
Date: Sun, 5 Mar 2006 04:33:04 -0800
Content-type: multipart/mixed; boundary="----=_NextPart_000_0755_47E22AAC.DCFBD780"

Warning: This message has had one or more attachments removed
Warning: (approved-password.zip, nvisionipncsa.uiuc.edu..exe).
Warning: Please read the "NCSA-Attachment-Warning.txt" attachment(s) for more information.

This is a message from the MailScanner E-Mail Virus Protection Service
----------------------------------------------------------------------
The original e-mail attachment "approved-password.zip"
was believed to be infected by a virus and has been replaced by this warning
message.

If you wish to receive a copy of the *infected* attachment, please e-mail the
NCSA Help Desk (help@ncsa.uiuc.edu) and include this message with your
request. Alternatively, you can call them at +1 217 244 0709 with the
contents of this message on hand when you call.

At Sun Mar  5 06:39:07 2006 the virus scanner said:
   ClamAV Module: approved-password.zip was infected: Exploit.W32.MS05-039
   ClamAV Module: nvisionipncsa.uiuc.edu..exe was infected: Exploit.W32.MS05-039

Note to Help Desk: Look on the NCSA MailScanner (amantadine) in 
/var/spool/quarantine/20060305 (message k25Cd5C07951).
-- 
The NCSA Email guys

--- End Message ---

Prev by Date: [NVisionIP] *****SPAM***** {Filename?} Your Message could not be delivered
Next by Date: [NVisionIP] *****SPAM***** {Filename?} status
Previous by thread: [NVisionIP] *****SPAM***** {Virus?} failed
Next by thread: [NVisionIP] *****SPAM***** {Virus?} Well...

Other Mailing lists | Author Index | Date Index | Subject Index | Thread Index

[NVisionIP] *****SPAM***** {Virus?} failed

[NVisionIP] SPAM {Virus?} failed