![](https://seccdn.libravatar.org/avatar/34f1a162b179a7af652b19e1f4f5abf1.jpg?s=120&d=mm&r=g)
9 Oct
2001
9 Oct
'01
18:48
Am Son, 07 Okt 2001 schrieb John Trickey:
Actually this is an attempt to use the backdoor which is installed by CodeRed II. It copies the cmd.exe to the scripts directory as root.exe and, if the backdoor is active, allows
I think the best in this case if you get such thing as attachment and you are using qmail with maildirmethod is a script like checkattach. I think you can get this in the antispamhowto. The script will kill all vbs- and other dangerous attachment (.exe, .ocx, ...). I think the part of deleting of such messages is missing, but no poblem to insert. I think one method to fight against viruses. Regards, Ruprecht