• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 750
  • Last Modified:

Exchange 2007, Symantec Mail Security Running, but getting Bloodhound.RLTrap detected and deleted

Exchange 2007, Symantec Mail Security Running, but getting Bloodhound.RLTrap detected and deleted
I am currently running Windows 2008, Exchange 2007, Symantec Mail Security for Microsoft Exchange ver 6.0.13.302.  Constantly getting the Bloodhound RL Trap, and always deleted, over 20 per day
0
jaschmerold
Asked:
jaschmerold
1 Solution
 
Sudeep SharmaTechnical DesignerCommented:
Bloodhound is the advance heuristic technology used by Symantec products to detect the viruses and worm for which virus definitions are not created yet or you may say they are unknow viruses. But they are detected since the behaviour of the files detected are similar to the know viruses.

If you are getting those alerts it means that Symantec Mail Security for Exchange is removing the message which may contain the malicious code in them.

So I would say that your mail server is been targeted by the spammer and they are sending malware/spyware attached to the email messages.

Further, it is also been found that some legitimate files are also been detected by Bloddhound as malicious but they were not. So in some case it is just false positive. But you are getting 20 or more in a day so I think it is not the case here.

More info on Bloodhound RL Trap

http://www.symantec.com/security_response/writeup.jsp?docid=2011-090504-3041-99

I hope that would help.

Sudeep
0
 
jaschmeroldAuthor Commented:
Thanks very much for your response, I also talked to Symantec, seems like the virus attempt has died down.  Thanks for your detailed response, was very helpful
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now