There's a new variant out.
http://vil.nai.com/vil/content/v_101048.htm
~Patrick
---
[This E-mail scanned for viruses by Declude/McAfee]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscrib
Hello David,
> BANEZIPEXTS ON
Sorry to jump in but just a couple of thoughts.
Are you running the "Pro" version of Declude? I don't think BANEZIPEXTS
works on the "Standard" version. Secondly, I believe, in special
circumstances, some admins configure "Declude Junkmail" to run before
"Declud
Title: Message
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100715
HTH,
~Patrick
Title: Message
You could add a comma and then another address on the TO:
line. This is what I do for my BANnotify message.
FROM:
[EMAIL PROTECTED]
TO:
%ALLRECIP%, [EMAIL PROTECTED]
SUBJECT: blah
blah blah
HTH,
Patrick
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Beha
Title: Message
I agree...
~Patrick
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Goran
JovanovicSent: Wednesday, June 01, 2005 3:11 PMTo:
Declude.Virus@declude.comSubject: RE: [Declude.Virus] .EML file
syntax
Yes that is what I
have resorted to
Title: Message
We block .exe's and zips containing exe's. Check out
item #15 (Banning files based on
extension) in the Declude Virus Manual at http://www.declude.com/Articles.asp?ID=117 .
You must be running the "Standard" or "Pro" version of Declude
Virus.
HTH,
~Patrick
From: [E
Title: Message
From the 4th paragraph of section 15 (of the link I
posted):
"If you wish the banned file
extensions to apply to files with .ZIP files, you can add a line "BANZIPEXTS ON"
to your \{MAILSERVER}\Declude\virus.cfg file. For example, if you have a
line "BANEXT EXE" and "BANZIPEX
How much are we willing to pay?
It doesn't matter if it costs $5 or $5000 if the product doesn't work.
Especially when you, the developer, doesn't notice the problem for a month
and a half - especially when the problem has been reported by end users. Do
you not run your own product?
Maybe you d
about me as a
customer, I will pay much more than I would to a >company that doesn't
project those qualities.
>Oh, and by the way, I know how to setup a firewall. So, why don't you guys
concentrate on your code instead.
>Thanks,
>Patrick
Thanks
David
Fro
upp...@declude.com] On Behalf Of Patrick
Childers
Sent: Thursday, June 04, 2009 12:50 PM
To: declude.virus@declude.com
Subject: RE: [Declude.Virus] Declude Virus inoperable for 13% of th year?
Comments are in-line.
_
From: supp...@declude.com [mailto:supp...@declude.com] On Behalf Of David
Bar
I have caught only two, and that was late yesterday. I am using McAfee. It
identified it as "W32/Braid@MM"
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:Declude.Virus-owner@;declude.com]On Behalf Of John Tolmachoff
> Sent: Friday, November 08, 2002 9:51 AM
> To: [EMAIL PROTECTED
> I tried your "body" test and it did NOT catch that email! May be it will
> catch the redistribution mails that are sent after a machine has
> caught the
> worm.
>
> Best Regards
> Andy Schmidt
I filtered on F r i e n d - g r e e t i n g s . c o m (without the spaces)
because of the copy of this
> Why bother if you are adding a weight of "0"?
>
> Bill
I'm bouncing the message...
-Patrick
---
[This E-mail scanned for viruses by Declude/McAfee]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
John,
Please excuse my ignorance, but what does the backslash variable do to the
filter?
-Patrick
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:Declude.Virus-owner@;declude.com]On Behalf Of John Tolmachoff
> Sent: Monday, November 11, 2002 12:54 PM
> To: [EMAIL PROTECTED]
> Subj
> That is not a variable.
>
> Some of the messages had that as part of the address.
>
> Again, that is without the spaces. (Which are there in this posting so it
> does not get caught by everyone's filters and rules.)
Thank You John,
-Patrick
---
[This E-mail scanned for viruses by Declude/McAfe
Good Morning All,
For the last couple of days, Declude has been catching many "Outlook 'MIME
segment in MIME Preamble' Vulnerability" messages. They have all been SPAM.
I don't want to send any bounce messages (for this vulnerability) to my
users.
Is this OK?
SKIPIFVIRUSNAMEHAS Outlook 'MIME
Thanks Scott!
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:Declude.Virus-owner@;declude.com]On Behalf Of R. Scott Perry
> Sent: Friday, November 15, 2002 8:29 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [Declude.Virus] Stopping bounce messages for "MIME segment
> in MIME Preamble
> I have two scanners running, McAfee and F-Prot. On the McAfee
> side, I believe I'm running the 4.2.60 engine and the 4273
> DAT file, but I'm not at the shop where I can triple check.
> F-Prot is catching these So-Big-E [name munged to protect the
> guilty] viruses like a champion, but the
18 matches
Mail list logo
