I got this same bogus file showing up in the log (MID) when I sent the eicar virus
(zipped format) off the eicar.com website to our server.
Keith
-----Original Message-----
From: John Tolmachoff [mailto:[EMAIL PROTECTED]]
Sent: Thu 12/19/2002 7:14 PM
To: [EMAIL PROTECTED]
Cc:
Subject: RE: [Declude.Virus] bogus files.....
> > > That log file entry is part of an experimental system in Declude Virus
> > > designed to find files that aren't what they claim to be (for example,
if
> > > someone renamed an .exe file to a .jpg extension). However, I believe
> > > there was a recent beta that would falsely detect these "bogus" files.
In
> > > any case, the only damage is the extra log file entries.
> >
> >Ok, that's what I figured it had to be, as it appeared no actions are
taken.
> >Is that planned for a later release? If the attachment is bogus to
> >hold/warn/delete?
>
> That's planned for a future release. We haven't decided yet how the
> E-mails would be handled (HOLD/WARN/DELETE sound like they would be good
> options).
Hold with postmaster and possible recipient notification sounds good.
John Tolmachoff MCSE, CSSA
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft.com
---
[This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus". The archives can be found
at http://www.mail-archive.com.
<<winmail.dat>>
