Solved

Exchange 2007, Symantec Mail Security Running, but getting Bloodhound.RLTrap detected and deleted

Posted on 2011-09-27
2
724 Views
Last Modified: 2013-12-09
Exchange 2007, Symantec Mail Security Running, but getting Bloodhound.RLTrap detected and deleted
I am currently running Windows 2008, Exchange 2007, Symantec Mail Security for Microsoft Exchange ver 6.0.13.302.  Constantly getting the Bloodhound RL Trap, and always deleted, over 20 per day
0
Comment
Question by:jaschmerold
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Accepted Solution

by:
Sudeep Sharma earned 500 total points
ID: 36719936
Bloodhound is the advance heuristic technology used by Symantec products to detect the viruses and worm for which virus definitions are not created yet or you may say they are unknow viruses. But they are detected since the behaviour of the files detected are similar to the know viruses.

If you are getting those alerts it means that Symantec Mail Security for Exchange is removing the message which may contain the malicious code in them.

So I would say that your mail server is been targeted by the spammer and they are sending malware/spyware attached to the email messages.

Further, it is also been found that some legitimate files are also been detected by Bloddhound as malicious but they were not. So in some case it is just false positive. But you are getting 20 or more in a day so I think it is not the case here.

More info on Bloodhound RL Trap

http://www.symantec.com/security_response/writeup.jsp?docid=2011-090504-3041-99

I hope that would help.

Sudeep
0
 

Author Closing Comment

by:jaschmerold
ID: 36975024
Thanks very much for your response, I also talked to Symantec, seems like the virus attempt has died down.  Thanks for your detailed response, was very helpful
0

Featured Post

SendBlaster Pro 4 - Bulk Email Sending Software

SendBlaster 4 Pro - Best Bulk Emailing Sending Software
Automatic Subscribe / Unsubscribe Processing
Great for Newsletters & Mass Mailings
Optional HTML & Text Composition
Integration with Google Features
Built in Spam Score Checking
Free Professional Templates - Feature Packed!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
unable to move object using ADMT due to leaf active sync device 9 30
EXCH2013 reports 4 39
exchange 16 47
Iphone new exchange 2016 8 17
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
how to add IIS SMTP to handle application/Scanner relays into office 365.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question