[Avcheck] bad virus-alert
Peter Mann
Peter.Mann@tuke.sk
Thu, 18 Apr 2002 09:16:00 +0200
Heyaaa!!!
how to add machine.domain.name and ip address of infected machine to
alerts sending to sender, recipient and administrator?
"virus coming from user@dom.ain - machine.domain.name [1.2.3.4]"
new viruses choose random recipient AND SENDER addresses - this may
confuse some users (fake senders)
of course - message headers are mailed to sender, but ordinary users
don't understand this
recipient are confusing too and they attacks senders: don't send me
viruses!
how solve this problem? (maybe some modifications of "infected" skript,
grep ^Received: $MAIL | tail -1) - any better ideas?
sender, recipient and dministartor alerts are ok, but i want only ADD
this additional informations
(sorry, if my english isn't good)
--
5o Peter.Mann at tuke.sk
KLFMANiK ICQ 12491471
PM2185-RIPE