Author Topic: MY DOOM  (Read 6186 times)

0 Members and 1 Guest are viewing this topic.

Felix

  • Guest
MY DOOM
« on: March 07, 2004, 09:18:06 PM »
HI !

I'm Felix from Portugal

I have a Exchange Server 5.5 that makes de mail relay, but because de virus MyDOOM, i'm receiving a lot of invalid emails in my Server, but that emails has and invalid combination of host@domain.
I receive so much that it delay de normal delivery of the valid emails..
Have you have any tool to protect that ?

best regards
FELIX

Summoner Yuna

  • Guest
Re:MY DOOM
« Reply #1 on: March 10, 2004, 01:18:00 AM »
Avast4 exchane server edition.
http://www.avast.com/i_idt_1384.html
Is this what you are looking for?

Felix

  • Guest
Re:MY DOOM
« Reply #2 on: March 10, 2004, 05:09:06 PM »
Hi Summmoner Yuna !

I already have a Anti Virus Protection for Exchange.
It cleans all message whit the virus My DOOM.
But my problem is all the invalid emails created by that virus (its not message whit virus, it's just emails created and send by people that have that virus)
That emails are, many of them, invalid (Eg: invalid combination of host/domain,  or mailboxs that do not exist) and I receive so much, that cause delay of the delivery of the valid emails !
Im looking for a tool that can abort that invalid emails or even rejected (Eg: if all that invalid emails have the same size it cleans all by that size)

:)

I will aprecciatte you help :))
Best Regards

whocares

  • Guest
Re:MY DOOM
« Reply #3 on: March 10, 2004, 05:24:12 PM »
Hi,

I think hat happens is this (correct me if I'm wrong):

Some PC(s)  infected with mydoom has your Email/Domain-Address stored somewhere and sends out infected Mails with your address (and/or a ficticious address in your domain) as faked sender adress (see mydoom descriptions)

then you get the answers from Mailserverscanners that suppose the infected mails come from you

There's not really much ou can do about it easily:
- setup filters that filter out ANY replys from mailservers due to invalid adresses/viruses (risky and difficult)
- setup filters that filter out ANY replys from mailservers due to mydoom/viruses: would probably only work, if you could analyse the mailtext and/or header for occurences of "mydoom" and its alias names, or at least for the usual attachment names used by mydoom