>Wondering if it is possible to set Declude standard to allow emails from a
>specific IP or email address to pass without catching and quarantining
>messages.
With Declude Virus Pro, you can use the per-user settings to prevent E-mail
*to* a specific address from being scanned. It should also be possible to
use the per-user settings to have the E-mail from a specific address
automatically not scanned (by having it set to OFF or INONLY), but that
isn't a standard setup.
>So far all of the requests I have submitted in testing this page, which is
>just a cgi form that uses sendmail on the Linux box to send the request to
>me, have been flagged, caught and killed by Declude as containing the
>Outlook 'Blank Folding' Vulnerability.
The best option is to fix the problem with the CGI script. That way, there
won't be any future problems (IE if you copy that script to use somewhere
else, or change the E-mail address that the forms are sent to). The
problem is that there is a line in the headers of the E-mail that it sends,
which contains just a single space or tab, which opens up the possibility
that there may be a hidden virus that Outlook will be able to run (even
though it bypassing virus scanning).
The other option, if you feel comfortable allowing E-mail through that
takes advantage of an Outlook vulnerability, is to disable the Outlook
vulnerability detection by changing the "BANCRVIRUSES ON" setting in the
\IMail\Declude\virus.cfg file to "BANCRVIRUSES OFF". That will, however,
potentially allow viruses through the Outlook users may get infected by.
-Scott
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus". You can E-mail
[EMAIL PROTECTED] for assistance. You can visit our web
site at http://www.declude.com .
