Rich, these numbers beg the question of how many mails in total were in bound during that 8 hour period? Don Bosman Information Technologist Michigan State University Libraries 517-432-6123 ext 233 [log in to unmask] -----Original Message----- From: Rich Wiggins [mailto:[log in to unmask]] Sent: Wednesday, December 17, 2003 12:48 PM To: [log in to unmask] Subject: [MSUNAG] Anti-virus on mail.msu.edu - clarification The new anti-virus feature in mail.msu.edu has already found and blocked a number of virus-laden messages. Here's a breakdown as of 12:30 pm on December 17 (approx. 8 hours): 4 Eicar-Test-Signature 3 Sircam 20 Suspected.Zip 75 Trojan.Dropper.C 1 W32/Magistr.A 1 W32/Yaha.g.dam 1 W95/Hybris.PI.002 1 W95/Hybris.PI.003 9 Worm.BugBear.B 644 Worm.Dumaru.A 1 Worm.Fizzer.A 2 Worm.Galil.C 326 Worm.Gibe.F 3 Worm.Gibe.F.UPX.2 15 Worm.Mimail.G 127 Worm.Mimail.I 1640 Worm.Mimail.J 99 Worm.Sobig.F 1275 Worm/Klez.H 1 Yaha.K 4248 Total Just to clarify how the new anti-virus feature works: mail coming into mail.msu.edu is scanned for viruses. When a virus is detected, the sender's e-mail service is notified that delivery has been rejected. If you send mail through mail.msu.edu using an e-mail client such as Eudora or Outlook, each message will be scanned for viruses. Viruses such as Sobig that try to send through mail.msu.edu will also face virus detection and blocking. However, if you are using the Webmail client for mail.msu.edu to send mail, that mail will not be scanned for viruses due to the current architecture of the system. The mail team is looking into adding scanning to outbound Webmail messages. Based on the numbers so far and the nature of how Sobig, Klez and the like are commonly spread, the system should help contain future such outbreaks. Again, we continue to strongly suggest use of anti-virus software on individual computers. /rich