Re: AXB_XMAILER_MIMEOLE_OL

Sebastijan Šilec Wed, 25 Jul 2012 06:46:46 -0700

On 25. 07. 2012 15:43, Bowie Bailey wrote:

On 7/25/2012 9:33 AM, Sebastijan Šilec wrote:

I'm getting a lot of AXB_XMAILER_MIMEOLE_OL_4379D and
AXB_XMAILER_MIMEOLE_OL_024C2 hits lately from legit users.

What triggers this scores?

meta AXB_XMAILER_MIMEOLE_OL_024C2 (__AXB_XM_OL_024C2 && __AXB_MO_OL_024C2)

header __AXB_MO_OL_024C2 X-MimeOLE =~ /Produced\ By\ Microsoft\ MimeOLE\ V6\.00\.2600\.0000/

header __AXB_XM_OL_024C2 X-Mailer =~ /Microsoft\ Outlook\ Express\ 6\.00\.2600\.0000/

So it's looking for an email that contains both the X0MimeOLE string and the X-Mailer string specified in those two rules.

Thanks.

So it is just an old outdated outlook

S.

Sebastijan Šilec, sistemska podpora




http://www.agenda.si

ODPRTA KODA IN LINUX
STORITVE : POSLOVNE RESITVE : UPRAVLJANJE IT : INFRASTRUKTURA IT :
IZOBRAZEVANJE : PROGRAMSKA OPREMA

http://www.agenda.si

OPEN SOURCE AND LINUX
SERVICES : BUSINESS SOLUTIONS : IT MANAGEMENT : IT INFRASTRUCTURE :
TRAINING : SOFTWARE

<<attachment: sebastijan_silec.vcf>>

Re: AXB_XMAILER_MIMEOLE_OL

Reply via email to