>I just received an email with the magistr.39921@mm virus included.
>
>Norton on my desktop did stop it, not sure why declude and f-prot did not.
You should make sure that you have " /DUMB" on the SCANFILE line in
\IMail\Declude\virus.cfg. That instructs F-Prot to scan all files,
regardless o
>I received an email this AM containing a new virus which got through our
>IMail server running Declude with FPROT.
>
>Anyone else seen this?? My antivirus data files should be current.
This is the new "Nimda" virus, that appears to be related to...
>We're also being pounded by systems infecte
>Is it possible to get the virus name listed in the virus.log ?
If you set the the LOGLEVEL config option to MID or HIGH, it will record
the virus name and attachment name in the log file.
-Scott
This E-mail came from the Declude.Virus mailing l
>Any problems I should expect by using the /DUMB option with fprot command
>scanner?
No. The "/DUMB" switch definitely should be used. It forces all files to
be scanned, regardless of extension.
The history behind it and why it was so poorly named -- they named it
"/DUMB" because they thoug
>I've scheduled to upgrade my Imail server from 6.06 to 7.0x in the near
>future - I've heard mention of possibly having to reinstall Declude or reset
>it in the registry - can anyone give me a heads up?
After you upgrade to 7.x, it may reset the registry entry that Declude
uses. After upgradi
>i've tested this morning after reloading declude but now my recip.eml isn't
>working
First, you should make sure that there are "To: ", "From: ", and "Subject:
" lines before the first blank line in the file. You can also try
downloading a fresh copy, to see if that works. If you are still
>I just upgraded our Imail server, how do I fix this SMTP file problem?
All you have to do is run the \Imail\Declude.exe file once, and then
stop/restart the IMail SMTP service.
-Scott
This E-mail came from the Declude.Virus mailing list. To
unsubscri
>Has anyone been successful in removing
>W32/Nimda@MM from their IIS 4.0 servers?
Microsoft recommends a rebuild. But, this post was seen recently, and
might be worth a try (but remember that not rebuilding might not fix
everything...):
-Scott
>We updated our F-Prot definitions today in response to the nimda virus
>jumping around today. On one server (Imail 5.08) things are fine, but on
>the other (Imail 6.04) Declude is reporting errors accessing the
>report.txt file for each email scanned, and it looks like it's
>quarantining ev
>Is anyone catching nimda with f-prot?
Yes, we have been catching it here. Not nearly as many of them as Sircams,
but no indication that any have gotten through.
>We're using declude and have not caught one yet.
>
>The updated the definitions to the newest too.
Make sure that the SIGN.DEF fi
>this is very confusing - has anyone recieved this virus as an email?
It is confusing.
Yes, we have received it here with a readme.exe attachment.
>symantec's site says that it can't be seen as an attachment and runs
>automatically - on an un-patched system...
That's almost correct.
When spr
>I know I can send mail normally with an IP, and realize that the problem is
>just a limitation of the script.
>
>My question is how can I get some test messages with different encoding
>types sent to my server before it goes production and has to do this for
>real several hundred thousand times
>What is the relation between www.frisk.is and http://www.datafellows.com/ ?
>
>They both have a product called f-prot and their dos version is 3.10c. As
>far as I can tell, they are the same product Are they the same company?
If I understand correctly, Frisk develops F-Prot and licenses th
>I am using Declude on our IMail server and have the latest DAT file from
>McAfee. We catch 100's of SirCam and W32Magistr but still haven't caught a
>single instance of Nimda. We just got our network cleaned up. Is anyone
>having any luck with McAfee. Should I consider switching to FProt.
It s
>It's possible. I thought of that too, but I don't understand why this
>would suddenly just start happening...and..I thought Declude scanned it
>first?
If the are getting messages from McAfee saying that it deleted the virus,
the E-mail will almost certainly be delivered.
If you use an on-acce
> I am a new user of declude virus pro, and I am using it in conjunction with
> Kaspersky's newest NT/2000 server version 3.6.1.3
> Here is a my line I am using for the SCANNAME
> SCANFILE C:\Progra~1\Kasper~1\Kasper~1\avp32.exe /S/Q/N/W
I'm guessing that the problem is that you need a spac
>Here is what I am getting now
>
>09/25/2001 11:24:55 Qa18b154 ERROR: Virus scanner didn't finish after 60
>seconds; terminating.
This is the same error as before. It may be that Kaspersky isn't installed
properly, and is missing a file (or any of a number of other
possibilities). You need t
>I got the termination error cleared, what would be causing the failure to
>delete the vir directory?
The .vir directory will normally be deleted by Declude. It will not,
however, get deleted if there are extra files in there. You should check
to make sure that Kaspersky is not saving any fi
>The only files being saved are filenames like "0.htm" etc.
>
>Kaspersky is scanning the files fine now, but the deletion of the vir
>directories is not happening.
Do you have an on-access scanner running? It could be locking the files
when Declude tries to delete them.
>I am continuing to get these errors in the log file.
>
>10/03/2001 12:24:46 Q57e22a8 WARNING: Virus scanner reported an error #-1.
>
>You said this was due to an error with the virus scanner. I am using Dr.
>Solomon.
This means that Dr. Solomon is reporting an error when it scans the
E-mail.
>So I just put in the fprot scanner and am still having these errors in the
>log file:
>
>10/03/2001 17:11:57 Q9b36446 Could not find parse string found in report.txt
>
>REPORTInfection
>
>I also have this at the end of the virus.cfg:
>
>REPORT Found
The problem is that you have the REPORT
>Scott, any chance of getting declude to support two scanners natively
>without using a batch file?
>Sure would be nice :-)
It's in the suggestion database. It's not requested that often, but I do
think that it would be a nice feature to have built-in support for.
>When using declude, can we still use an externel filter program as in
>http://support.ipswitch.com/kb/IM-2517-DM01.htm ???
Yes. However, that external program will need to call declude.exe instead
of smtp32.exe. If it does that, then the external program and Declude will
be able to wor
>can someone tell me what this means too ...
>
>VIRUSCODE 3
>VIRUSCODE 6
>
>in the virus.cfg file...
Command line virus scanners (the type that work with Declude) are able to
return an "exit code" (also sometimes called "return code" or "error
code"). A virus scanner will return an exit
>By the way... you told me to use the white list so that no mail coming from my
>server is bounced for bad headers etc but doesn't that essentially mean
>that it is "disabled" or not!
Using the WHITELIST feature (part of Declude JunkMail) will prevent a
specific IP or E-mail address fr
>We plan on *enforcing* virus checking for all users.
In that case, Declude Virus Standard should meet your needs.
>I believe I saw somewhere that only the Pro
>version checks outbound mail. Is this correct?
Declude Virus Standard will scan all incoming and outgoing SMTP E-mail.
Declude JunkM
>This is funny, I catch between 1800 and 2600 virii per day but domlist.exe
>tells me I have on a GOOD day, 1000 incoming and 500 outgoing messages.
>Hm.. My log files are typically between 50-100MB per day.
Have you tried going to a command prompt and typing:
FIND "ldeliver" /
>I have gotten many notifications as postmaster with Snow White and Magistr
>and I know that at least some of our users have gotten notifications. Is it
>possible that only certain variants of these viruses do this?
You will get the postmaster notifications.
The problem is that these viruses a
>As you may know I run 2 of the 6 nameservers for the relays.osirusoft.com
>zone, and I'm very surprised that there are Qwest IP's in the DNSBL list.
The DUL and OSDUL tests are *supposed* to have Qwest IP's in there
(assuming that they are dialup IPs). The DUL/OSDUL tests, by design,
should
>What's the command I can add to /virlist to write the list of viruses
>protected against to a file?
F-Prot /virlist >> virlist.txt
-Scott
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTE
>Would there be someway I could get a report on how many viruses were caught
>(incoming and outgoing) on a per domain basis and possibly on a per user
>basis? Similar to the Imail log files that tell me how many e-mails a
>domain and user sends and receives in a day.
>
>The log files only repor
>Any word on when the full release of 1.28 will happen?
v1.28 has been released, and is a beta version.
The way our releases work is that we come out with new releases typically
every few weeks on average, and either label them as betas or public releases.
Sometimes, after a beta version has
>I,m running declude virus software on my Imail server and needs to disable
>it for an hour.
>How do I do that??
You can just rename the \IMail\Declude\virus.cfg file to virus.bak (or
anything other than virus.cfg), and Declude Virus will not scan files until
you rename it back to virus.cfg.
>Does 1.28 include the option to only send to local rcpt ? Where do I get the
>info / instructions ?
Yes, actually, it does. You can add "ONLYSENDIFLOCALRECIPIENT" as the
first line on any of the .eml files, and Declude will only send the
notification if the recipient is a local user of yours
>We just ran a test with the "Test eicar.com file [eicarinline]" and it
>was received. Should this file been blocked?
Yes, it should be caught (all the encoding methods used on that page should
be caught).
That ones uses a ".zl6" extension, which may be the problem. If you are
using F-Prot,
> We are using F-Prot and I have included my cfg file below. What
>am I doing wrong?
It the SCANFILE option all on one line (starting with "SCANFILE" and ending
with "/REPORT=report.txt")? If it is on two separate lines (as it appears
in the E-mail, although that may be due to format
> It was the formatting in the last email. I have attached a
>section of the log file below.
>
>11/09/2001 16:02:31 Q44660b8 Virus scanner reports exit code of 0
Here, we see that F-Prot has reported that it found no viruses. But:
>11/09/2001 16:02:31 Q44660b8 Couldn't delete
>D:\IMA
> Below is the list of files that get threw into my inbox:
>
>Test eicar.com file [eicarbinhexmime]
>Test eicar.com file [eicarbinhex]
>Test eicar.com file [eicarmimeuu]
>Test eicar.com file [eicarquoted]
>Test eicar.com file [eicarrfc822]
>Test eicar.com file [eicarpegasus]
>Test eicar.c
> Does "Imail 7.04 Hotfix 2" affect Declude in any way? We are
>preparing to apply the patch today.
It should not affect Declude in any way.
The only "catch" is that there is a chance that it could overwrite the
registry entry that Declude uses to interface with IMail. To be safe,
a
>We've been having a few issues with those comctl32 crashes, especially
>when large mailing lists are posted to. We've gone through the steps
>noted in the KB, as well as updating IE (which they say updates the
>comctl32), however are still having the issues.
Is it a ".DLL initialization fai
>So, just installing the updated version should "fix" the problem? Should
>I just delete the value MaxQueProc all together?
You should be able to just install the new version, without adding or
making changes to or deleting the MaxQueProc registry entry.
We have just released Declude v1.26. Changes include:
o Files Declude saves are now treated by Windows as temporary files for
increased performance
o %HEADERS% variable added that allows you to include the headers of a
virus-ridden message in E-mail notifications
o Now adds the IP address of t
>I just installed teh 1.26 version and now im getting errors in my logfile
There is a problem with v1.26 that we have not yet identified -- anyone
running 1.26 should go back to 1.25a.
-Scott
This E-mail came from the Declude.Virus mailing list.
>What engine are you running?
We aren't running McAfee here right now (except occasionally for testing
purposes).
-Scott
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe De
>The BADTRANS virus uses different "FROM:" data in the message envelope (from
>the SMTP conversation) vs. what's in the SMTP "From:" headers. I've had
>several people who seemingly got mail from themselves (e.g., the FROM in the
>envelope was my customer, so was the TO.) However, in EACH case,
>1. >> For the Badtrans.B that just came out, the ones we have seen all have
>a "_" before the From: address <<
>
>Yes - I have seen those two - but I've also see the following style header
>at least TWICE. As you can see - the FROM header appears to have a valid
>email address, but the envelop
>Will Declude be affected by the new release of I-Mail's Anti-Virus software?
Yes, but it's too early to say how it will affect Declude. I don't see it
affecting Declude in a negative way. Usually, extra competition benefits
the customers.
We've had a couple weeks now since we first found o
>Not only that but who wants to beta test the @#$# thing for them right now:)
It's interesting that they use the word "reliable" to describe a new
product, especially when that product involves decoding MIME segments, and
Ipswitch doesn't exactly have the best history of decoding MIME segments
>Will this also work with .scr files?
>
>Is that the exact syntax?
Yes, it will work with any file extension. Just add:
BANEXT PIF
BANEXT SCR
to your \IMail\Declude\virus.cfg file, and Declude Virus will quarantine
all E-mail with .PIF and .SCR extensions. Note that it wil
>Where can I get the DOS virus scanner to use with Declude Virus? I just
>purchased this and need to get the scanner now. From what I recall it was
>like $20 or something like that.
There are several URLs; the one we use is http://www.frisk.is (or
http://www.f-prot.com/f-prot/download/ to dow
>11/29/2001 09:55:55 Q76a92be 1 [1 of 2 not deleted] files were deleted. Use
>ONACCESS ON if you use an external ("on access") virus scanner.
That would happen if you already have a "REPORT Found" line in your config
file, along with the "/REPORT c:\imail\spool\virus\report.txt" in the
SCANFI
>At the moment, Declude moves my viruses into the imail/spool/virus
>subdirectory
>
>Anyway to just have declude delete everything ... I have no desire to
>store the messages especially if they are infected.
There is no way to have Declude automatically delete them. That's mainly a
safety feat
> > There is no way to have Declude automatically delete them. That's mainly a
> > safety feature, in case of problems with the virus scanner (if it starts
> > reporting that all files have viruses, for example).
>
>Would you consider adding a "switch" for the config file to do this in
>the next
>Has anyone tried just setting VIRDIR to NUL?
No, but be sure to test it if you try it.
Declude copies the E-mail files from the spool directory to the directory
listed in the VIRDIR option. If you put a non-existant directory in there,
the file will likely stay in the spool directory, where
>Ideally on large lists the sender should have to send the message,
>receive a confirmation request, and then send a confirming message, in
>the same style as a Declude Confirm used for subscription. That way a
>forged message can't get distributed as if it were legitimate.
>
>Any solutions? Coul
>Attached is the Imail Mailbox with a virus tha got thru today
Please do NOT send viruses to this list.
If you need to send us a virus, it should be sent to
"[EMAIL PROTECTED]". Sending viruses intentionally to E-mail addresses
that are not equipped to handle them properly can be dangerous.
>Attached is the Imail Mailbox with a virus tha got thru today
This may be the corrupted version of Magistr, that some AV programs detect
and others do not. I tried F-Prot with the latest definitions, and McAfee,
and neither caught it. The corrupt version of Magistr does not do any
damage i
>I received this message with several attached files, .mbx .srt .iud. So
>either they aren't infected, or Fprot also let them through here.
Since the .mbx file was sent, it may or may not get caught by a virus
scanner (since the file is encoded within the .mbx file).
>Why did this virus get past Declude!!??
For several reasons.
First, it was sent in a .mbx file. That's a proprietary IMail format, with
the virus encoded in there. Most virus scanners won't find a virus MIME
encoded within another file.
Second, it seems that this is the corrupt version of
>Beside, I did state the attachement contain a virus, and all you need to do
>is not open it, I hope for your sake you know that, If you don't know that,
>you probably don't belong on this list.
The problem is that some viruses will load automatically under some
circumstances (such as using cer
>I just installed netshield on my Imail server machine
>It considerably slows POP performance, even though I exluded the spool
>directory, the Imail users mailboxes directory, and later tried to exclude
>the complete Imail drive. still POP3 very slow.
It may not really be excluding those directo
>Scott would it be possible to get a SENDONLYIFLOCALRECIPIENT feature soon
>please?
That should make it to 1.27a, which may be released within the next few
days (or possibly sometime next week).
-Scott
This E-mail came from the Declude.Vir
>In the declude.cfg look for;
>
>SCANNERTIMEOUT 60
>
>I think 60 is the default so if you increase this your scanner is allowed
>more time to scan big files and thus eliminate your problem.
Actually, his problem is with the scanner itself, when it is not being used
with Declude.
The SCANNERTI
>forwarded email from aol (.eml files) have gotten through declude and
>f-prot. users are returning messages to our users that those emails have a
>virus. i need to include eml file attachments in scanning.
Declude with F-Prot should catch those. When the E-mail is forwarded as an
.eml file,
>I exluded all imail directories (spool, domaines, users, ...) and the
>subdirectories from netshield scanning, but it is still trying to scan the
>spool (see below).
>Anyone run into this problem before ? please help !
>
>
>12/10/01 06:32 Cleaned AUTORITE NT\SYSTEM
>E:\imailsrvr\Spool\D8e81268.
Declude Queue is a new piece that we are adding to Declude. It is designed
to help improve the speed of delivery of "overflow" messages (when E-mail
is received, but there aren't any spare SMTP processes to send it), as well
as minimizing the chance of bumping into Microsoft's nasty mystery he
>Anyone her can who can explain how to get the virus name in the mail sent
>to the user ???
That depends on the virus scanner that you are using. If you are using
F-Prot, you need to have " /REPORT=report.txt" in the SCANFILE line, and
"REPORT Infection" on a separate line. With McAfee, you
>I see this type of log entry in my declude logs about 2 or 3 times a day.
>Can someone shed some light on it for me?
>
>11/30/2001 10:55:36 Qba0820e Warning: EOF in middle of MIME segment []
>[--2108ef124501dfae7a3ee072572b7fcf]
That occurs when there is a malformed E-mail. Specifi
>I have been trying to get the Log File Analyzer to work and after sending a
>copy of a log file to Stu, have determined that my version of Declude isn't
>putting the ":" after the phrase "Virus=". Is it possible that I have an
>older version of Declude that generated this text in the log files?
>I just downloaded the files from F-Prot and they are what we already had.
>F-Prot must either already catch it or has not updated the info yet.
You can verify it by going to a command prompt, going to the directory
F-Prot is in, and typing:
F-Prot /virlist | find "goner" /i
This sho
>Is there a way to kill all incoming .scr attachments? using declude or
>something else?
You can add a line "BANEXT scr" to your \IMail\Deculde\virus.cfg file,
which will ban files with .scr attachments. Note, however, that no
notifications will go out if you do this.
>what version do i have to be running to use this feature?
It is in v1.24 and higher (you can type "Declude -diag" from a command
prompt to see the version number).
-Scott
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
Th
>and will it scan first and if no virus isfound will it then ban it? thereby
>sending the notification if it is known to be infected?
That is correct -- the E-mail will still be scanned, and the notifications
will be sent out if it contains a virus.
-Sco
>Does anyone know if McAfee is catching the w32/Goner-A virus?
Yes. McAfee, F-Prot, Sophos, and others have new virus definitions that
are catching it.
-Scott
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
This E-mail c
>So if you use the banext, the mail is not delivered if the attachment
>matches the extension but there is no notification at all?
That is correct. The E-mail will be quarantined, but no virus
notifications will go out.
>example
>banext scr
>
>I get a message that has an scr attachment but n
>We're having trouble recently with virus scanning with Declude. Several
>times lately the *.vir directories that Declude creates as temporary scan
>areas will fill up in our imail\spool folder. These directories contain a
>simple report.txt file saying no virus's had been found, but the direct
>Looks like there are d*.smd and t*.smd files.
The D*.SMD files are either E-mails waiting to go out (if there is an
associated Q*.SMD file), or are the "leftover" E-mails that IMail couldn't
deliver or bounce (if there is no associated Q*.SMD file).
The T*.SMD files are the E-mails that IMai
>Does anybody know if Norton Antivirus Enterprise works with Declude and are
>there any hang ups with it?
Norton AntiVirus doesn't allow their command line scanner (the piece that
Declude uses) to be used by automated programs. They have it set up so
that if run in an automated environment, i
>Anyone still getting the Goner virus alot? That first day I got a bunch but
>now I'm not. I'm worried they are getting through but maybe they just died
>down.
It seems to be almost gone. It was well named!
-Scott
---
[This E-mail was scanned for viruses b
>I have a client who just said they received the Goner yesterday. When I do a
>F-Prot /virlist | find "goner" /i
>
>it does show the goner. I looked up the email message the client said they
>got the virus from and it showed no virus.
>
>I wonder if I need to re-install F-PROT. I show I have no
We have just released Declude Virus v1.29.
Notable new features include:
o The ability to send a "bounce" message to people sending banned files
(BANEXT),
o A new DELETEVIRUSES configuration option to delete viruses rather than
quarantine them,
o A FOOTER option to add a footer to the bottom o
>Any chance of a way to filter who doens't get virus notifications yet? I
>still want it to scan everything, just not send the notifications out to
>mailing lists. It'd be nice if we could add a list of addresses not to
>notify. I know that checking if it's a list or not would get messy, as
>Clarification please on DELETEVIRUSES. I assume it doesn't try to remove the
>attachment, but deletes the queue files.
That's correct. It deletes the queue files, but does not attempt to remove
the attachment.
-Scott
---
[This E-mail was scanned for viruse
>Regarding the footer option:
>
>We run multiple domains on our iMail server, and only scan certain domains
>for viruses.
>
>Does the footer option add the footer to all emails that go through the
>server or just the ones where we have virus scanning turned on for the
>domain?
It will be added t
>If the attachment has a banned extension and a virus, which email
>notification will be sent? Thanks.
Good question!
In that case, the virus notifications will go out, and the ban notification
will not go out.
For example, if you have "BANEXT com", and send the eicar.com file, the
virus not
>is the "ONLYSENDIFLOCALRECIPIENT" option now tested and operational ? or
>still a work in progress ?
It's operational in 1.29, but it hasn't been thoroughly tested yet.
-Scott
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.
>The REASON why FULLMSG was NOT included in Declude/Virus was, that you
>usually do NOT want to forward a mail that YOU suspect contains a virus.
FYI, it looks like we will not be adding the %FULLMSG% to Declude Virus for
this very reason. Instead, we will change the default BANnotify.eml to u
>http://www.declude.com/tools/header.php?code=c0400202 claims:
>Code: c0400202. The E-mail (code c0400202) didn't fail either the BADHEADERS
>or SPAMHEADERS tests.
Thanks for pointing that out. The script was apparently only working if
the "C" was capitalized. It is fixed now.
>If I send a message via the IMail web messaging way with an infected
>attachment from my school account to an outside account it goes through -
>declude doesn't catch it.
IMail often uses an internal mechanism to deliver E-mail sent from web
messaging, which can bypass Declude. Few viruses ar
>Whoops, I didn't mean to send to the whole list! Sorry, I'm REALLY new at
>this.
Don't worry about it -- a lot of people join the list so that they can find
out all the intricate details of Declude.
-Scott
---
[This E-mail was scanned for viruses by Declude
>Does BANnotify.EML get sent to the intended recipients or to the sender.
The default one will get sent to the sender. But, you can change that if
you like.
>The example of BANnotify.EML doesn't show a from or to address. Are these
>addresses configurable, like with the other templates?
If
>Question I am trying to setup the BANEXT and everything works except for
>1. The BANnotify email does not include the original message.
That's a known issue -- the %FULLMSG% variable will not work with Declude
Virus, to ensure that if there is a virus, it is not re-transmitted. You
can use t
>>>2. I would like to Bcc my self as postmaster to know when some receives a
>>>banned email and send one to the sender. Can this be done?
>>
>>No, that can not be done; only one E-mail notification can go out
>>(although you can choose who it goes to).
>
>Can you put more than one recipient sep
> >> >Can you put more than one recipient separated by a comma, on the "to"
> line?
> >>
> >> No, that isn't possible, sorry.
> >It works with the other notifications. Why is the BANNotify restricted?
If it is possible with other notifications, then it is also possible with
BANnotify.eml. We
>Hey it doe work. All get same message but that's ok. This is what I did
>
>To: %ALLRECIPS%,%MAILFROM%,[EMAIL PROTECTED]
Good work -- I didn't realize that could be done.
-Scott
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)
>Ummwhat happens to the email does it get deleted or is it sitting in
>file somewhere? I am assumeing it is in the \Imail\spool\virus(just looked
>it is)
Yes, the banned E-mails are quarantined to the \IMail\spool\virus directory.
>If this is the case then could still some how if need get t
>Am I missing something? In the past I thought that the
>vir.log actually listed the names of the viruses found - but I
>am not seeing this. All I am seeing are generic messages such
>as '12/09/2001 21:57:49 Q249e036 File(s) are INFECTED [3]'
>
>Is this a result of using the PRESCAN, or is
>If you know there was HTML in the message why couldn't you just add
>additional html tags around the footer? You can certainly do that in an
>html page (that is have multiple html head, body, etc).
Actually, it isn't that easy. The problem is that if the E-mail has
multiple segments (IE both
>Is there someone who has tried to run IMAIL & DECLUDE with a load of
>over 50.000 msg./day?
That is a heavy load, but we do have a number of customers using such a
configuration. Which virus scanner are you using? Note that McAfee may
have troubles dealing with such a volume.
>There is a I
> > Which virus scanner are you using?
> > Note that McAfee may
> > have troubles dealing with such a volume.
>
>At the moment there is no scan engine.
OK, I thought that you were saying that the ISP was running Declude, and
was having troubles. Now I understand -- the troubles they are having
601 - 700 of 1618 matches
Mail list logo