On Tue, May 20, 2014 4:22 am, anctop wrote: >> The file 42.zip was sent 2 times. If there is an antivirus in your MTA, >> it might have crashed. Please check its status right now, as it is not >> possible to do so remotely
Just for info... Summary: This script sends the 42.zip recursive archive to the mail server. If there is an antivirus filter, it may start eating huge amounts of CPU or memory. Source: http://openvas.komma-nix.de/index.php?oid=11036 VirusTotal Report 42.zip as.... Agnitum Trojan.ZipBomb.D 20140519 AntiVir Bomb/Libit.A 20140520 BitDefender Trojan.Script.ATU 20140520 ClamAV Trojan.ArcBomb-1 20140520 Commtouch ZIP/ArchiveBomb.A!Camelot 20140520 DrWeb Trojan.MailBomb.34902 20140520 F-Secure Trojan.Script.ATU 20140519 Fortinet W32/ArchBomb.B!tr 20140520 GData Trojan.Script.ATU 20140520 Kaspersky Trojan-ArcBomb.ZIP.Bubl.b 20140520 McAfee ZIP-Crash 20140520 McAfee-GW-Edition ZIP-Crash 20140519 MicroWorld-eScan Trojan.Script.ATU 20140520 Microsoft DoS:Win32/ZipBomb.A 20140520 NANO-Antivirus Trojan.Zip.Arch-Bomb.yngkq 20140520 TrendMicro TROJ_ZIPBOMB.B 20140520 TrendMicro-HouseCall TROJ_ZIPBOMB.B 20140520 VBA32 suspected of ZIP.MailBomb 20140519 Cheers, Steve Sanesecurity _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
