RE: [Declude.Virus] server-based encryption
We actually can offer this service at this time. Contact me off list. [EMAIL PROTECTED] I apologize for the blatant sales plug. Doug McKee -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Declude Forum Sent: Thursday, January 23, 2003 10:27 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] server-based encryption Keep in mind, it would only apply for certain destination addresses, not all outgoing messages. My company is very interested in this ability. What would it take to get this done? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan Sent: Wednesday, January 22, 2003 5:28 PM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] server-based encryption I actually don't think it'd be too bad .. the keys would be stored on the mail server, the program you call would find the body, encrypt it, pass declude a return true, or however it's handled, and away it goes out to the world. You are, of course, assuming that the user isn't using webmail, and that they're using the imail box to send mail (relay). The other catch would be decryption .. maybe not so difficult either. Jonathan At 04:56 PM 1/22/2003 -0500, you wrote: >That would be ideal. But is it feasible? >If so, don't forget to include me on the royalties! :) >-Scott > > >-Original Message- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan >Sent: Wednesday, January 22, 2003 12:37 PM >To: [EMAIL PROTECTED] >Subject: RE: [Declude.Virus] server-based encryption > >Maybe something could be scripted and called via declude .. an external >.. >might not be so difficult .. > >Jonathan > >At 09:10 AM 1/22/2003 -0500, you wrote: > >I was initially going to implement PGP, but I have about 10 internal > >users (that would each need a digital certificate) sending to two or > >three external users (that would need to install the public keys from > >all of my internal users). That's a lot of administration. > > > >I even tried setting up a computer running MS Outlook 2002 with the > >following... > > > >Receive mail on Account A > >Setup a rule to forward all messages from Account A out on Account B > >Setup PGP on Account B > > > >Therefore internal users send mail to Account A. The rule forwards the > >mail to external users via encrypted Account B. > > > >It seems logical enough, but Outlook 2002 would default to sending out > >on Account A rather than B, because the mail was originally received on > >Account A. I even tried changing the default account, but it never > >worked correctly. > > > >-Scott > > > > > > > >-Original Message- > >From: [EMAIL PROTECTED] > >[mailto:[EMAIL PROTECTED]] On Behalf Of Jeff Maze - > >Hostmaster > >Sent: Wednesday, January 22, 2003 8:48 AM > >To: [EMAIL PROTECTED] > >Subject: RE: [Declude.Virus] server-based encryption > > > >Have you tried PGP on the client side? > > > >I've used it before, but the only problem is that you have to >distribute > >your public key to everyone that you're sending messages to. Then they > >have > >to install PGP on their machine, create a public key for them, and then > >install your public key to read your message. > > > >Also, there was a big security hole discovered in PGP a few months ago. > >I > >haven't heard anything about it recently as to whether they've fixed it > >or > >not. > > > >-Original Message- > >From: [EMAIL PROTECTED] > >[mailto:[EMAIL PROTECTED]] On Behalf Of Declude Forum > >Sent: Wednesday, January 22, 2003 8:35 AM > >To: [EMAIL PROTECTED] > >Subject: RE: [Declude.Virus] server-based encryption > > > > > >I tried a VPN between the sites, but the IT staff at the other site > >(different company) couldn't get their act together. I use a VPN for >my > >own > >remote sites without any problems. > > > >I currently use SSL on the webmail interface, but for this instance the > >external users would need internal mail accounts. > > > >It would be nice if there was a simple app, like declude, that would > >encrypt > >outgoing emails. A suggestion for a future release ;-) > > > >-Scott > > > > > > > >-Original Message- > >From: [EMAIL PROTECTED] > >[mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan > >Sent: Tuesday, January 21, 2003 10:28 PM > >To: [EMAIL PROTECTED] > >Subject: Re: [Declude.Virus] server-based encryption > > > >In our case, its a many to many, and not all the sites will be on our > >mail > >servers. I'd rather not have all those sites tunneling into our >server, > > > >just for management overhead. But mostly, we need a way to let > >end-users > >send secure messages to people on a variety of ISPs etc. One being AOL! > >ick > >.. hence my self-extracting file, or client pgp. > > > >Jonathan > > > >At 03:50 PM 1/21/2003 -0800, you wrote: > > >If you are looking at just 2 primary sites, why not use a site to >site > >vpn > > >to encrypt date between your locations. > > > > > >Jim > > >- Original Message -
[Declude.Virus] Mozilla email client
Has anyone experimented with the new Mozilla 1.3 alpha email client that does Bayesian filtering? http://www.mozilla.org/mailnews/spam.html Please let us know your experiences. Thanks. === Leonard Jacobs Shambhala Publications 300 Massachusetts Avenue Boston, MA 02115 http://www.shambhala.com (617) 424-6277, ext. 235 voice (617) 236-1563 fax --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Conflicting Encoding Vulnerability
hmm ok, thanks for the information. Now I'm wondering how I can explain THAT to the client :) Steve -Original Message- From: R. Scott Perry [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 11:02 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] Conflicting Encoding Vulnerability >Sure - should of thought to give that on the first shot... Actually, I should have caught this without looking at the logs -- for some reason, I was thinking of a different issue. The problem is: --=_NextPart_000_0005_01C2045D.33A4E770 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: quoted-printable Here, the encoding is shown as both "7bit" and "quoted-printable." Because of this, this MIME segment can be handled two different ways, and as a result, a virus could appear where no virus really is (if that makes any sense). In this case, it appears that someone at AOL received an E-mail with a vulnerability and then forwarded it on to someone else. So the problem here really lies with the sender of the original E-mail (onlinerecommerce.com). -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Postmaster notice sent to postmaster@copyall_ accountaccount
Thanks Scott - man your on it! Steve -Original Message- From: R. Scott Perry [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 11:19 AM To: [EMAIL PROTECTED] Subject: Re: [Declude.Virus] Postmaster notice sent to postmaster@copyall_account >I am noticing that on domains that are not local on Imail, but the server is >acting as a gateway for, that when viruses are found, the Postmaster.eml is >sent to postmaster@copyall_account. (The copy all mail option in Imail is >enabled.) As that is not a valid account that Imail recognizes, it is listed >as being undeliverable. There is a new interim release (at http://www.declude.com/release/166i/declude.exe ) that should take care of this. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] server-based encryption
Keep in mind, it would only apply for certain destination addresses, not all outgoing messages. My company is very interested in this ability. What would it take to get this done? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan Sent: Wednesday, January 22, 2003 5:28 PM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] server-based encryption I actually don't think it'd be too bad .. the keys would be stored on the mail server, the program you call would find the body, encrypt it, pass declude a return true, or however it's handled, and away it goes out to the world. You are, of course, assuming that the user isn't using webmail, and that they're using the imail box to send mail (relay). The other catch would be decryption .. maybe not so difficult either. Jonathan At 04:56 PM 1/22/2003 -0500, you wrote: >That would be ideal. But is it feasible? >If so, don't forget to include me on the royalties! :) >-Scott > > >-Original Message- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan >Sent: Wednesday, January 22, 2003 12:37 PM >To: [EMAIL PROTECTED] >Subject: RE: [Declude.Virus] server-based encryption > >Maybe something could be scripted and called via declude .. an external >.. >might not be so difficult .. > >Jonathan > >At 09:10 AM 1/22/2003 -0500, you wrote: > >I was initially going to implement PGP, but I have about 10 internal > >users (that would each need a digital certificate) sending to two or > >three external users (that would need to install the public keys from > >all of my internal users). That's a lot of administration. > > > >I even tried setting up a computer running MS Outlook 2002 with the > >following... > > > >Receive mail on Account A > >Setup a rule to forward all messages from Account A out on Account B > >Setup PGP on Account B > > > >Therefore internal users send mail to Account A. The rule forwards the > >mail to external users via encrypted Account B. > > > >It seems logical enough, but Outlook 2002 would default to sending out > >on Account A rather than B, because the mail was originally received on > >Account A. I even tried changing the default account, but it never > >worked correctly. > > > >-Scott > > > > > > > >-Original Message- > >From: [EMAIL PROTECTED] > >[mailto:[EMAIL PROTECTED]] On Behalf Of Jeff Maze - > >Hostmaster > >Sent: Wednesday, January 22, 2003 8:48 AM > >To: [EMAIL PROTECTED] > >Subject: RE: [Declude.Virus] server-based encryption > > > >Have you tried PGP on the client side? > > > >I've used it before, but the only problem is that you have to >distribute > >your public key to everyone that you're sending messages to. Then they > >have > >to install PGP on their machine, create a public key for them, and then > >install your public key to read your message. > > > >Also, there was a big security hole discovered in PGP a few months ago. > >I > >haven't heard anything about it recently as to whether they've fixed it > >or > >not. > > > >-Original Message- > >From: [EMAIL PROTECTED] > >[mailto:[EMAIL PROTECTED]] On Behalf Of Declude Forum > >Sent: Wednesday, January 22, 2003 8:35 AM > >To: [EMAIL PROTECTED] > >Subject: RE: [Declude.Virus] server-based encryption > > > > > >I tried a VPN between the sites, but the IT staff at the other site > >(different company) couldn't get their act together. I use a VPN for >my > >own > >remote sites without any problems. > > > >I currently use SSL on the webmail interface, but for this instance the > >external users would need internal mail accounts. > > > >It would be nice if there was a simple app, like declude, that would > >encrypt > >outgoing emails. A suggestion for a future release ;-) > > > >-Scott > > > > > > > >-Original Message- > >From: [EMAIL PROTECTED] > >[mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan > >Sent: Tuesday, January 21, 2003 10:28 PM > >To: [EMAIL PROTECTED] > >Subject: Re: [Declude.Virus] server-based encryption > > > >In our case, its a many to many, and not all the sites will be on our > >mail > >servers. I'd rather not have all those sites tunneling into our >server, > > > >just for management overhead. But mostly, we need a way to let > >end-users > >send secure messages to people on a variety of ISPs etc. One being AOL! > >ick > >.. hence my self-extracting file, or client pgp. > > > >Jonathan > > > >At 03:50 PM 1/21/2003 -0800, you wrote: > > >If you are looking at just 2 primary sites, why not use a site to >site > >vpn > > >to encrypt date between your locations. > > > > > >Jim > > >- Original Message - > > >From: "Jonathan" <[EMAIL PROTECTED]> > > >To: <[EMAIL PROTECTED]> > > >Sent: Tuesday, January 21, 2003 3:47 PM > > >Subject: RE: [Declude.Virus] server-based encryption > > > > > > > > > > oops .. responded too quickly. I guess that wouldn't be > >server-side, > > >would > > > > it? :) Sorry .. > > > > > > > > We've been using webmail in secure
Re: [Declude.Virus] Postmaster notice sent topostmaster@copyall_account
I am noticing that on domains that are not local on Imail, but the server is acting as a gateway for, that when viruses are found, the Postmaster.eml is sent to postmaster@copyall_account. (The copy all mail option in Imail is enabled.) As that is not a valid account that Imail recognizes, it is listed as being undeliverable. There is a new interim release (at http://www.declude.com/release/166i/declude.exe ) that should take care of this. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Conflicting Encoding Vulnerability
Sure - should of thought to give that on the first shot... Actually, I should have caught this without looking at the logs -- for some reason, I was thinking of a different issue. The problem is: --=_NextPart_000_0005_01C2045D.33A4E770 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: quoted-printable Here, the encoding is shown as both "7bit" and "quoted-printable." Because of this, this MIME segment can be handled two different ways, and as a result, a virus could appear where no virus really is (if that makes any sense). In this case, it appears that someone at AOL received an E-mail with a vulnerability and then forwarded it on to someone else. So the problem here really lies with the sender of the original E-mail (onlinerecommerce.com). -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Conflicting Encoding Vulnerability
Sure - should of thought to give that on the first shot... My log level was set to MID. I have set the log level to HIGH now for the time being. Here is 2 of them that were sent back to back. 01/23/2003 09:35:18 Qfda5036201b8bde7 Conflicting Encoding vulnerability in [7bit]. 01/23/2003 09:35:18 Qfda5036201b8bde7 Scanned: CONTAINS A VIRUS [Prescan OK][MIME: 3 30313] 01/23/2003 09:35:18 Qfda5036201b8bde7 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] 01/23/2003 09:35:18 Qfda5036201b8bde7 Subject: Fwd: gmt Super Bowl Report 01/21/2003 01/23/2003 09:35:18 Qfda608aa016abf6e Conflicting Encoding vulnerability in [7bit]. 01/23/2003 09:35:18 Qfda608aa016abf6e Scanned: CONTAINS A VIRUS [Prescan OK][MIME: 3 30315] 01/23/2003 09:35:18 Qfda608aa016abf6e From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] 01/23/2003 09:35:18 Qfda608aa016abf6e Subject: Fwd: gmt Super Bowl Report 01/21/2003 Steve -Original Message- From: John Tolmachoff [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 10:05 AM To: [EMAIL PROTECTED] Subject: RE: [Declude.Virus] Conflicting Encoding Vulnerability In case Scott does not answer right away, can you post a log snippet? John Tolmachoff MCSE, CSSA IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com > -Original Message- > From: [EMAIL PROTECTED] [mailto:Declude.Virus- > [EMAIL PROTECTED]] On Behalf Of Steve Flook > Sent: Thursday, January 23, 2003 6:46 AM > To: Declude mailing list (E-mail) > Subject: [Declude.Virus] Conflicting Encoding Vulnerability > > Scott / list, > > I'm wondering if I can somehow disable this test, or possibly weaken it etc > as I'm getting a couple of false positives from a particular client that is > sending emails to herself from her AOL address. A declude -diag shows I'm > running v1.65. > > The headers are below. I can send more info regarding that email if useful. > > Thanks, > Steve > > Received: from imo-d03.mx.aol.com [205.188.157.35] by webster.270net.com > with ESMTP > (SMTPD32-7.13) id ADA68AA016A; Thu, 23 Jan 2003 09:35:18 -0500 > Received: from [EMAIL PROTECTED] > by imo-d03.mx.aol.com (mail_out_v34.13.) id 3.139.19f1c555 (18707) >for <[EMAIL PROTECTED]>; Thu, 23 Jan 2003 09:37:26 -0500 (EST) > From: [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > Date: Thu, 23 Jan 2003 09:37:26 EST > Subject: Fwd: gmt Super Bowl Report 01/21/2003 > To: [EMAIL PROTECTED] > MIME-Version: 1.0 > Content-Type: multipart/mixed; > boundary="part1_139.19f1c555.2b615826_boundary" > X-Mailer: AOL 7.0 for Windows US sub 10634 > X-Country-Chain: > X-Note: RDNS Real-Origin: [205.188.157.35] > X-Note: SMTP Real-From: [EMAIL PROTECTED] > X-Note: SMTP Real-To: (1) [EMAIL PROTECTED] > X-Note: Tests Failed, If Any: None > X-Note: WEIGHT, If Any: 0 > > > --part1_139.19f1c555.2b615826_boundary > Content-Type: text/plain; charset="US-ASCII" > Content-Transfer-Encoding: 7bit > > > > --part1_139.19f1c555.2b615826_boundary > Content-Type: message/rfc822 > Content-Disposition: inline > > Return-Path: <[EMAIL PROTECTED]> > Received: from rly-xb04.mx.aol.com (rly-xb04.mail.aol.com [172.20.105.105]) > by air-xb02.mail.aol.com (v90.10) with ESMTP id MAILINXB21-0121171850; Tue, > 21 Jan 2003 17:18:50 -0500 > Received: from recomm1.onlinerecommerce.com ([66.109.35.141]) by > rly-xb04.mx.aol.com (v90_r1.1) with ESMTP id MAILRELAYINXB43-0121171810; > Tue, 21 Jan 2003 17:18:10 -0500 > Received: by recomm1.onlinerecommerce.com (Postfix, from userid 33) > id A934945775; Tue, 21 Jan 2003 15:32:15 -0500 (EST) > To: [EMAIL PROTECTED] > From: "" <[EMAIL PROTECTED]> > Subject: Re: gmt Super Bowl Report 01/21/2003 > MIME-Version: 1.0 > Content-Type: multipart/alternative; > boundary="=_NextPart_000_0005_01C2045D.33A4E770" > Message-Id: <[EMAIL PROTECTED]> > Date: Tue, 21 Jan 2003 15:32:15 -0500 (EST) > X-Mailer: Unknown (No Version) > > > --=_NextPart_000_0005_01C2045D.33A4E770 > Content-Type: text/plain; > charset="US-ASCII" > Content-Transfer-Encoding: 7bit > Content-Transfer-Encoding: quoted-printable > --- > [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > > --- > This E-mail came from the Declude.Virus mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.Virus".The archives can be found > at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at htt
Re: [Declude.Virus] Conflicting Encoding Vulnerability
I'm wondering if I can somehow disable this test, or possibly weaken it etc Your only option is to disable vulnerability detection completely, which will almost certainly allow future viruses through. When it comes to vulnerabilities, it is best to just fix the problem. The headers are below. I can send more info regarding that email if useful. Do you have the log file entries for this E-mail? That should provide some very useful information. -Scott --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Conflicting Encoding Vulnerability
In case Scott does not answer right away, can you post a log snippet? John Tolmachoff MCSE, CSSA IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com > -Original Message- > From: [EMAIL PROTECTED] [mailto:Declude.Virus- > [EMAIL PROTECTED]] On Behalf Of Steve Flook > Sent: Thursday, January 23, 2003 6:46 AM > To: Declude mailing list (E-mail) > Subject: [Declude.Virus] Conflicting Encoding Vulnerability > > Scott / list, > > I'm wondering if I can somehow disable this test, or possibly weaken it etc > as I'm getting a couple of false positives from a particular client that is > sending emails to herself from her AOL address. A declude -diag shows I'm > running v1.65. > > The headers are below. I can send more info regarding that email if useful. > > Thanks, > Steve > > Received: from imo-d03.mx.aol.com [205.188.157.35] by webster.270net.com > with ESMTP > (SMTPD32-7.13) id ADA68AA016A; Thu, 23 Jan 2003 09:35:18 -0500 > Received: from [EMAIL PROTECTED] > by imo-d03.mx.aol.com (mail_out_v34.13.) id 3.139.19f1c555 (18707) >for <[EMAIL PROTECTED]>; Thu, 23 Jan 2003 09:37:26 -0500 (EST) > From: [EMAIL PROTECTED] > Message-ID: <[EMAIL PROTECTED]> > Date: Thu, 23 Jan 2003 09:37:26 EST > Subject: Fwd: gmt Super Bowl Report 01/21/2003 > To: [EMAIL PROTECTED] > MIME-Version: 1.0 > Content-Type: multipart/mixed; > boundary="part1_139.19f1c555.2b615826_boundary" > X-Mailer: AOL 7.0 for Windows US sub 10634 > X-Country-Chain: > X-Note: RDNS Real-Origin: [205.188.157.35] > X-Note: SMTP Real-From: [EMAIL PROTECTED] > X-Note: SMTP Real-To: (1) [EMAIL PROTECTED] > X-Note: Tests Failed, If Any: None > X-Note: WEIGHT, If Any: 0 > > > --part1_139.19f1c555.2b615826_boundary > Content-Type: text/plain; charset="US-ASCII" > Content-Transfer-Encoding: 7bit > > > > --part1_139.19f1c555.2b615826_boundary > Content-Type: message/rfc822 > Content-Disposition: inline > > Return-Path: <[EMAIL PROTECTED]> > Received: from rly-xb04.mx.aol.com (rly-xb04.mail.aol.com [172.20.105.105]) > by air-xb02.mail.aol.com (v90.10) with ESMTP id MAILINXB21-0121171850; Tue, > 21 Jan 2003 17:18:50 -0500 > Received: from recomm1.onlinerecommerce.com ([66.109.35.141]) by > rly-xb04.mx.aol.com (v90_r1.1) with ESMTP id MAILRELAYINXB43-0121171810; > Tue, 21 Jan 2003 17:18:10 -0500 > Received: by recomm1.onlinerecommerce.com (Postfix, from userid 33) > id A934945775; Tue, 21 Jan 2003 15:32:15 -0500 (EST) > To: [EMAIL PROTECTED] > From: "" <[EMAIL PROTECTED]> > Subject: Re: gmt Super Bowl Report 01/21/2003 > MIME-Version: 1.0 > Content-Type: multipart/alternative; > boundary="=_NextPart_000_0005_01C2045D.33A4E770" > Message-Id: <[EMAIL PROTECTED]> > Date: Tue, 21 Jan 2003 15:32:15 -0500 (EST) > X-Mailer: Unknown (No Version) > > > --=_NextPart_000_0005_01C2045D.33A4E770 > Content-Type: text/plain; > charset="US-ASCII" > Content-Transfer-Encoding: 7bit > Content-Transfer-Encoding: quoted-printable > --- > [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > > --- > This E-mail came from the Declude.Virus mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.Virus".The archives can be found > at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Conflicting Encoding Vulnerability
Scott / list, I'm wondering if I can somehow disable this test, or possibly weaken it etc as I'm getting a couple of false positives from a particular client that is sending emails to herself from her AOL address. A declude -diag shows I'm running v1.65. The headers are below. I can send more info regarding that email if useful. Thanks, Steve Received: from imo-d03.mx.aol.com [205.188.157.35] by webster.270net.com with ESMTP (SMTPD32-7.13) id ADA68AA016A; Thu, 23 Jan 2003 09:35:18 -0500 Received: from [EMAIL PROTECTED] by imo-d03.mx.aol.com (mail_out_v34.13.) id 3.139.19f1c555 (18707) for <[EMAIL PROTECTED]>; Thu, 23 Jan 2003 09:37:26 -0500 (EST) From: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> Date: Thu, 23 Jan 2003 09:37:26 EST Subject: Fwd: gmt Super Bowl Report 01/21/2003 To: [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="part1_139.19f1c555.2b615826_boundary" X-Mailer: AOL 7.0 for Windows US sub 10634 X-Country-Chain: X-Note: RDNS Real-Origin: [205.188.157.35] X-Note: SMTP Real-From: [EMAIL PROTECTED] X-Note: SMTP Real-To: (1) [EMAIL PROTECTED] X-Note: Tests Failed, If Any: None X-Note: WEIGHT, If Any: 0 --part1_139.19f1c555.2b615826_boundary Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit --part1_139.19f1c555.2b615826_boundary Content-Type: message/rfc822 Content-Disposition: inline Return-Path: <[EMAIL PROTECTED]> Received: from rly-xb04.mx.aol.com (rly-xb04.mail.aol.com [172.20.105.105]) by air-xb02.mail.aol.com (v90.10) with ESMTP id MAILINXB21-0121171850; Tue, 21 Jan 2003 17:18:50 -0500 Received: from recomm1.onlinerecommerce.com ([66.109.35.141]) by rly-xb04.mx.aol.com (v90_r1.1) with ESMTP id MAILRELAYINXB43-0121171810; Tue, 21 Jan 2003 17:18:10 -0500 Received: by recomm1.onlinerecommerce.com (Postfix, from userid 33) id A934945775; Tue, 21 Jan 2003 15:32:15 -0500 (EST) To: [EMAIL PROTECTED] From: "" <[EMAIL PROTECTED]> Subject: Re: gmt Super Bowl Report 01/21/2003 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="=_NextPart_000_0005_01C2045D.33A4E770" Message-Id: <[EMAIL PROTECTED]> Date: Tue, 21 Jan 2003 15:32:15 -0500 (EST) X-Mailer: Unknown (No Version) --=_NextPart_000_0005_01C2045D.33A4E770 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Content-Transfer-Encoding: quoted-printable --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Postmaster notice sent to postmaster@copyall_account
I am noticing that on domains that are not local on Imail, but the server is acting as a gateway for, that when viruses are found, the Postmaster.eml is sent to postmaster@copyall_account. (The copy all mail option in Imail is enabled.) As that is not a valid account that Imail recognizes, it is listed as being undeliverable. Is it possible to change the behavior so that if the domain is not hosted locally, the notice is sent to postmaster at the Declude registered domain name, in this case, mail.reliance.net? I did have the idea of adding copyall_account as an alias to the official host name of mail.reliance.net. It seems that may work. Comments? John Tolmachoff MCSE, CSSA IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.