Eric, A vulnerability is not a virus, and cannot be detected by virus software.
When a virus uses a vulnerability, it will bypass a standard mailserver virus scanner, and get delivered to the recipient. This is the benefit of using the Declude rather than the traditional virus scanner to protect you mail server. Declude detects vulnerabilities. The Outlook 'Space Gap' vulnerability occurs when there is a space in one of the MIME headers where there is not normally a space (such as "Content-Type :" instead of "Content-Type:"). This is not RFC-compliant, but Outlook will treat it as valid and be able to execute a virus that virus scanners will not usually see. There is no legitimate reason for an E-mail to be formed like this. To turn off this vulnerability check in the virus.cfg ALLOWVULNERABILITY OLSPACEGAP But be aware that you will be potentially allowing a virus to get past your av scanner if it exploits this vulnerability. David Barker Director of Product Management Your Email security is our business 978.499.2933 office 978.988.1311 fax [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Heimir Eidskrem Sent: Thursday, January 25, 2007 11:20 AM To: [email protected] Subject: [Declude.Virus] Outlook 'Boundary Space Gap' Vulnerability I see several emails with this listed as the virus detected. Is this really a problem and a virus? I did download the file and uploaded to one of the virus test sites and it did come back as no virus found. How do I turn this off? --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
