I have a user who uses Outlook 2003 to receive mail from our inhouse Exchange, and also collects mail from an ISP. Norton catches the security breach with the filename "W32.Beagle.X@mm". This is what the user gets in an email message- a few times a day (and it is isolated to one user):
[View --> Options --> internet headers]
Microsoft Mail Internet Headers Version 2.0
Received: from S010600e018db7743.vn.shawcable.net ([24.86.24.86]) by myserver.mydomain.local with Microsoft SMTPSVC(5.0.2195.6713);
Fri, 27 Aug 2004 12:28:21 -0700
Received: from 66.112.230.114 by 24.86.24.86; Tue, 25 Mar 2003 03:19:42 +0600
Message-ID: <CEQZYHGMCHXBSTMPIKUXXZG@mail.com>
From: "Ricky Dunbar" <mbeagle@wildmail.com>
Reply-To: "Ricky Dunbar" <jeremymason@mantramail.com>
To: myuser@mydomain.com
Subject: considered this?
Date: Mon, 24 Mar 2003 14:19:42 -0700
X-Mailer: AOL 93.0 for Windows US sub 192
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="--62109839933114120"
X-Priority: 3
X-MSMail-Priority: Normal
X-IP:4.36.96.48
Return-Path: hgraham@bluebottle.com
X-OriginalArrivalTime: 27 Aug 2004 19:28:21.0187 (UTC) FILETIME=[033C8130:01C48C6C]
----62109839933114120
Content-Type: text/html;
Content-Transfer-Encoding: quoted-printable
----62109839933114120--
There are a few variants to this message. I'm pretty sure it's on the users machine and it's bouncing back and forth through each mail account. I tried sophos but they didn't have an exact match for the beaglex@mm
any hints would be great.
thanks.
[View --> Options --> internet headers]
Microsoft Mail Internet Headers Version 2.0
Received: from S010600e018db7743.vn.shawcable.net ([24.86.24.86]) by myserver.mydomain.local with Microsoft SMTPSVC(5.0.2195.6713);
Fri, 27 Aug 2004 12:28:21 -0700
Received: from 66.112.230.114 by 24.86.24.86; Tue, 25 Mar 2003 03:19:42 +0600
Message-ID: <CEQZYHGMCHXBSTMPIKUXXZG@mail.com>
From: "Ricky Dunbar" <mbeagle@wildmail.com>
Reply-To: "Ricky Dunbar" <jeremymason@mantramail.com>
To: myuser@mydomain.com
Subject: considered this?
Date: Mon, 24 Mar 2003 14:19:42 -0700
X-Mailer: AOL 93.0 for Windows US sub 192
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="--62109839933114120"
X-Priority: 3
X-MSMail-Priority: Normal
X-IP:4.36.96.48
Return-Path: hgraham@bluebottle.com
X-OriginalArrivalTime: 27 Aug 2004 19:28:21.0187 (UTC) FILETIME=[033C8130:01C48C6C]
----62109839933114120
Content-Type: text/html;
Content-Transfer-Encoding: quoted-printable
----62109839933114120--
There are a few variants to this message. I'm pretty sure it's on the users machine and it's bouncing back and forth through each mail account. I tried sophos but they didn't have an exact match for the beaglex@mm
any hints would be great.
thanks.