Thanks, David! So what's the first safe version of Declude 2.x that I can upgrade to without going through all of the grief that the current beta testers are going through yet gain this functionality?
----- Original Message ----- From: "David Barker" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Thursday, March 24, 2005 3:20 PM Subject: RE: [Declude.Virus] BANCRVIRUSES OFF for 1 Domain > In version 2.0+ > > ALLOWVULNERABILITIESFROM option instructs Declude Virus to allow > vulnerabilities from a specific E-mail address or domain. > > Details: A line such as ALLOWVULNERABILITIESFROM @ual.com will force Declude > Virus to bypass vulnerability detection if an E-mail is sent from @ual.com. > This works with a partial match on the return address, so just "ual.com" > would also match "[EMAIL PROTECTED]". > > "Allowing a user to send vulnerabilities" > > Occasionally, legitimate mailers will send out E-mails with vulnerabilities. > Usually, they stop doing so quickly, as any up-to-date mailserver virus > scanner should block their E-mail. The best thing to do if this happens is > to contact the sender, and get them to fix the problem. However, in the rare > cases where this is not possible, you can instruct Declude Virus to allow > the user to send vulnerabilities. To do so, you can add a line such as > "ALLOWVULNERABILITIESFROM [EMAIL PROTECTED]" to your Imail Declude > virus.cfg file. In this case, it would allow any vulnerabilities from > [EMAIL PROTECTED], while not allowing detected viruses from > [EMAIL PROTECTED] > > That means that a virus not using any mailserver AV vulnerabilities would > get caught, but a virus that does use a mailserver AV vulnerability might > not be caught. This is a big risk, but there is no risk-free way to allow > someone to send potentially dangerous E-mail. > > David B > www.declude.com > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dan Geiser > Sent: Thursday, March 24, 2005 3:13 PM > To: [email protected] > Subject: [Declude.Virus] BANCRVIRUSES OFF for 1 Domain > > Hello, All, > An e-mail hosting customer is complained because some e-mails were blocked > by Declude AV with the "Outlook 'Boundary Space Gap' Vulnerability". > > I know we can use "BANCRVIRUSES OFF" in \IMail\Declude\virus.cfg to turn > this off but I also assume that this will turn it off for all domains. Is > there a way to turn these off for one domain or set of domains? > > We are currently running Declude 1.82. > > Thanks In Advance, > Dan Geiser > [EMAIL PROTECTED] > > > ------------------------------------------------------------------- > E-mail scanned for viruses by Nexus (http://www.ntgrp.com/mailscan) > > --- > This E-mail came from the Declude.Virus mailing list. To unsubscribe, just > send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.Virus". The archives can be found > at http://www.mail-archive.com. > > > __________ NOD32 1.1034 (20050324) Information __________ > > This message was checked by NOD32 antivirus system. > http://www.nod32.com > > > --- > This E-mail came from the Declude.Virus mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.Virus". The archives can be found > at http://www.mail-archive.com. > ------------------------------------------------------------------- > E-mail scanned for viruses by Nexus (http://www.ntgrp.com/mailscan) > > ------------------------------------------------------------------- E-mail scanned for viruses by Nexus (http://www.ntgrp.com/mailscan) --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus". The archives can be found at http://www.mail-archive.com.
