?
Solved

Exchange 2007, Symantec Mail Security Running, but getting Bloodhound.RLTrap detected and deleted

Posted on 2011-09-27
2
Medium Priority
?
739 Views
Last Modified: 2013-12-09
Exchange 2007, Symantec Mail Security Running, but getting Bloodhound.RLTrap detected and deleted
I am currently running Windows 2008, Exchange 2007, Symantec Mail Security for Microsoft Exchange ver 6.0.13.302.  Constantly getting the Bloodhound RL Trap, and always deleted, over 20 per day
0
Comment
Question by:jaschmerold
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Accepted Solution

by:
Sudeep Sharma earned 1500 total points
ID: 36719936
Bloodhound is the advance heuristic technology used by Symantec products to detect the viruses and worm for which virus definitions are not created yet or you may say they are unknow viruses. But they are detected since the behaviour of the files detected are similar to the know viruses.

If you are getting those alerts it means that Symantec Mail Security for Exchange is removing the message which may contain the malicious code in them.

So I would say that your mail server is been targeted by the spammer and they are sending malware/spyware attached to the email messages.

Further, it is also been found that some legitimate files are also been detected by Bloddhound as malicious but they were not. So in some case it is just false positive. But you are getting 20 or more in a day so I think it is not the case here.

More info on Bloodhound RL Trap

http://www.symantec.com/security_response/writeup.jsp?docid=2011-090504-3041-99

I hope that would help.

Sudeep
0
 

Author Closing Comment

by:jaschmerold
ID: 36975024
Thanks very much for your response, I also talked to Symantec, seems like the virus attempt has died down.  Thanks for your detailed response, was very helpful
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article aims to explain the working of CircularLogArchiver. This tool was designed to solve the buildup of log file in cases where systems do not support circular logging or where circular logging is not enabled
A list of top three free exchange EDB viewers that helps the user to extract a mailbox from an unmounted .edb file and get a clear preview of all emails & other items with just a single click on mailboxes.
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question