Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- David Magda
April 25, 2005, 7:17 pm
rate this thread
Is there a way to restore quarantined e-mails? I need to get at
e-mail message to look at its headers so I can trace its flow.
Unfortunately NAV doesn't allow me to perform a "clean" operation
because the infected object is a mail message. It is not the inbox
that is infected because the user has all of their messages (the
injected message was caught on download).
The "export" operation simply saves a CSV file with the fields that
are present in the dialogue box (which are useless; at the very least
I need a message ID or an SMTP transaction ID (sendmail and postfix
logs can be searched)).
I am willing to go in with a hex editor and examined the contents of
the file / message, so if someone can tell me where these things are
hidden I can start from there.
This is with a recent version of Norton Anti-virus (2001+) on
XP. Don't have it handy to check the exact version of NAV. The virus
that was caught is Netsky (D variant I believe).
Thanks for any info.
David Magda <dmagda at ee.ryerson.ca>, http://www.magda.ca /
Because the innovator has for enemies all those who have done well under
the old conditions, and lukewarm defenders in those who may do well
under the new. -- Niccolo Machiavelli, _The Prince_, Chapter VI