PDA

View Full Version : NTL Antivirus


Nidge
04-06-2004, 19:34
Has NTL started it's Antispam software yet? Just had a mail from them telling me NTL Antivirus has blocked a mail.

Chris W
04-06-2004, 19:48
Has NTL started it's Antispam software yet? Just had a mail from them telling me NTL Antivirus has blocked a mail.

what kind of message? were you sending or receiving it?

AFAIK they haven't... they have blocked netsky and bagle being sent by people on their network but i haven't heard anything about filtering on the pop servers. It sounds like a spoof message.

Can you post the message and headers so we can have a look pls?

MB

Nidge
04-06-2004, 19:49
*** Partial message is available!
*** Error: llegal signs in Mail-Routing
*** Mail-Server: ESMTP V1.10



+-+-+ Anti-Virus: No Virus
+-+-+ NTLWORLD- AntiVirus Service
+-+-+ http://www.ntlworld.com

paulyoung666
04-06-2004, 19:50
me now very :confused: :erm: :erm: :erm: :erm:

dilli-theclaw
04-06-2004, 20:02
Something about this message says - DODGY AS HELL to me - MMMmmm

paulyoung666
04-06-2004, 20:04
Something about this message says - DODGY AS HELL to me - MMMmmm


me wonders the same , i wonder if it had an attachment with it , that would be the killer clue :Yikes: :Yikes: :Yikes: :Yikes:

Nidge
04-06-2004, 20:07
This was the attachment

the attachment: p_message.zip.
The W32.Sober.G@mm threat was detected in the attachment.

paulyoung666
04-06-2004, 20:08
This was the attachment

the attachment: p_message.zip.
The W32.Sober.G@mm threat was detected in the attachment.

:Yikes: :Yikes: :Yikes: :Yikes:

looks as though it is another scam aimed at ppl , just delete it :tu:

Nidge
04-06-2004, 20:20
:Yikes: :Yikes: :Yikes: :Yikes:

looks as though it is another scam aimed at ppl , just delete it :tu:

Cheers thought it was NTL's long awaited Antispam software kicking in.

paulyoung666
04-06-2004, 20:27
Cheers thought it was NTL's long awaited Antispam software kicking in.


sure dont look like it somehow :disturbd: :disturbd: :disturbd: :disturbd:

hjf288
04-06-2004, 21:53
Its fake, the virus tries to lure you into opening it by adding stuff like

+++ BITDEFENDER ANTIVIRUS
+++ NO INFECTIONS DETECTED
+++ www.bitdefender.com (http://www.bitdefender.com)

Ive also had em for Mcafee, F-Secure, etc... All in the same format

altis
04-06-2004, 22:37
Yer, I've had several similar to this.

I use Mailwasher and this allows me to preview a message before downloading it. I can also preview the raw message and this reveals the sender's IP address. When I can be bothered, I copy this address and go and paste it into the second box in the middle column of:
http://www.dnsstuff.com/

If it turns out to be from a UK source (and especially NTL) I'll download it. Norton AV will replace the attachment with a simple virus message and then I copy and paste it to the an abuse report for the ISP.

NTL have an abuse report form you can fill in here:
http://www.ntlworld.com/netreport/

...but note I have never ever received any indication from NTL that this does any good. On the other hand, Energis provide loads of follow up information.