In the lat few days, I've received THOUSANDS of these. This looks to be a
real site. Do they really just have a problem with their iCal format, or is
something else up?


Intrusion Protection Alert

An intrusion has been detected. The packet has been dropped automatically.
You can toggle this rule between "drop" and "alert only" in WebAdmin.

Details about the intrusion alert:

Message........: EXPLOIT Microsoft Exchange ical/vcal malformed property
Time...........: 2009:06:25-01:16:09
Packet dropped.: yes
Priority.......: 1 (high)
Classification.: Attempted Administrator Privilege Gain
IP protocol....: 6 (TCP)

Source IP address: (
Source port: 44072
Destination IP address:
Destination port: 25 (smtp)

Novell Knowledge Partner
Time to upgrade to GW8!