Re: [Declude.Virus] Virus name reported as different than what scanner detected.
I predict there will be a fix for this issue at the very beginning of the week. David Franco-Rocha Declude Technical / Engineering - Original Message - From: "Markus Gufler" <[EMAIL PROTECTED]> To: Sent: Friday, October 28, 2005 1:53 PM Subject: RE: [Declude.Virus] Virus name reported as different than what scanner detected. Hmm, looks like there is one single variable containing the last detected virus name and several threads writing to and reading from this variable... Markus -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darrell ([EMAIL PROTECTED]) Sent: Friday, October 28, 2005 6:44 PM To: Declude.Virus@declude.com Subject: Re: [Declude.Virus] Virus name reported as different than what scanner detected. A little more checking and this seems to be happening on any message infected with a virus Possible bug... Running 3.x, AVAFTERJM, with EXITSCANONVIRUSDETECT ON 10/28/2005 00:39:56.359 qab8ff7a40618ffdf.smd File(s) are INFECTED [ W32/[EMAIL PROTECTED]: 3] 10/28/2005 00:41:47.968 qabfaf7c50618004e.smd Virus scanner 1 reports exit code of 3 10/28/2005 00:41:47.968 qabfaf7c50618004e.smd Scanner 1: Virus= W32/[EMAIL PROTECTED] Attachment=email-details.zip [11] O 10/28/2005 00:41:47.984 qabfaf7c50618004e.smd File(s) are INFECTED [ W32/[EMAIL PROTECTED]: 3] 10/28/2005 00:56:05.015 qaf506d06099e03ac.smd Scanner 1: Virus= W32/[EMAIL PROTECTED] Attachment=email-password.zip [11] O 10/28/2005 00:56:05.015 qaf506d06099e03ac.smd File(s) are INFECTED [ W32/[EMAIL PROTECTED]: 3] Darrell ([EMAIL PROTECTED]) writes: > Anyone seen this before? The message (attachment) have the W97M/Thus > Virus and is detected by McAfee as having such, but the final virus > string somehow ends up at Netsky? > > Darrell > > x:\imail\spool>grep -i q41c378d5099ed6c9.smd vir1028.log > 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd Vulnerability flags = 0 > 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd MIME file: HD New Look > list.doc [base64; Length=59 > 904 Checksum=2996157] > 10/28/2005 11:21:10.750 q41c378d5099ed6c9.smd Virus scanner 1 reports > exit code of 0 > 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Virus scanner 2 reports > exit code of 13 > 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Scanner 2: Virus= the > W97M/Thus.gen Attachment=HD New Look List.doc [11] I > 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd File(s) are INFECTED [ > W32/[EMAIL PROTECTED]: 13] > 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Scanned: CONTAINS A > VIRUS > [MIME: 2 60102] > 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd From: > [EMAIL PROTECTED] > To: [EMAIL PROTECTED] [ > incoming from 64.207.161.182] > 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Subject: Here we go > Again - Proposal > > > > -- > -- Check out http://www.invariantsystems.com for utilities for Declude > And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI > integration, MRTG Integration, and Log Parsers. > > -- -- Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Virus name reported as different than what scanner detected.
That's good to hear that others are seeing this as well... Hopefully, we will have a fix soon. Darrell Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Bill Landry writes: Yep, I'm seeing the same thing with Version 3.0.5.12: = 10/28/2005 10:56:04.343 q662b02abbeb9.smd Vulnerability flags = 0 10/28/2005 10:56:04.343 q662b02abbeb9.smd MIME file: [text/html][7bit; Length=714 Checksum=63910] 10/28/2005 10:56:04.390 q662b02abbeb9.smd MIME file: email-details.zip [base64; Length=93976 Checksum=11204045] 10/28/2005 10:56:04.390 q662b02abbeb9.smd Banning .ZIP file with scr extension. 10/28/2005 10:56:06.156 q662b02abbeb9.smd Virus scanner 1 reports exit code of 3 10/28/2005 10:56:06.171 q662b02abbeb9.smd Scanner 1: Virus= W32/[EMAIL PROTECTED] Attachment=email-details.zip [16] I 10/28/2005 10:56:07.109 q662b02abbeb9.smd Virus scanner 2 reports exit code of 1 10/28/2005 10:56:07.109 q662b02abbeb9.smd Scanner 2: Virus= [ WORM_MYTOB.LV](1) in M:\IMail\spool\proc\work\D662B0~1.VIR\0.zip,(email-details.htm .scr) Attachment=email-details.zip [16] I 10/28/2005 10:56:07.109 q662b02abbeb9.smd File(s) are INFECTED [ [ TROJ_GOLDUN.G](1) in M:\IMail\spool\proc\work\D644C0~1.VIR\0.rar,(MsWindowsUpdate.exe): 1] 10/28/2005 10:56:07.109 q662b02abbeb9.smd Scanned: CONTAINS A VIRUS [Prescan OK][MIME: 2 94832] 10/28/2005 10:56:07.109 q662b02abbeb9.smd From: xxx To: xxx [incoming from xxx] 10/28/2005 10:56:07.109 q662b02abbeb9.smd Subject: Important Notification = 10/28/2005 10:56:22.171 q664302abbecd.smd Vulnerability flags = 0 10/28/2005 10:56:23.750 q664302abbecd.smd Virus scanner 1 reports exit code of 3 10/28/2005 10:56:23.750 q664302abbecd.smd Scanner 1: Virus= HTML/[EMAIL PROTECTED] Attachment= [16] I 10/28/2005 10:56:24.625 q664302abbecd.smd Virus scanner 2 reports exit code of 1 10/28/2005 10:56:24.625 q664302abbecd.smd Scanner 2: Virus= [ HTML_Netsky.P](1) in M:\IMail\spool\proc\work\D66430~1.VIR\0,(NONAMEFL) Attachment= [16] I 10/28/2005 10:56:24.625 q664302abbecd.smd File(s) are INFECTED [ [ TROJ_GOLDUN.G](1) in M:\IMail\spool\proc\work\D644C0~1.VIR\0.rar,(MsWindowsUpdate.exe): 1] 10/28/2005 10:56:24.625 q664302abbecd.smd Scanned: CONTAINS A VIRUS 10/28/2005 10:56:24.625 q664302abbecd.smd From: xxx To: xxx [incoming from xxx] 10/28/2005 10:56:24.625 q664302abbecd.smd Subject: Mail delivery failed: returning message to sender = Bill - Original Message - From: "Darrell ([EMAIL PROTECTED])" <[EMAIL PROTECTED]> To: Sent: Friday, October 28, 2005 9:37 AM Subject: [Declude.Virus] Virus name reported as different than what scanner detected. Anyone seen this before? The message (attachment) have the W97M/Thus Virus and is detected by McAfee as having such, but the final virus string somehow ends up at Netsky? Darrell x:\imail\spool>grep -i q41c378d5099ed6c9.smd vir1028.log 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd Vulnerability flags = 0 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd MIME file: HD New Look list.doc [base64; Length=59 904 Checksum=2996157] 10/28/2005 11:21:10.750 q41c378d5099ed6c9.smd Virus scanner 1 reports exit code of 0 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Virus scanner 2 reports exit code of 13 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Scanner 2: Virus= the W97M/Thus.gen Attachment=HD New Look List.doc [11] I 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd File(s) are INFECTED [ W32/[EMAIL PROTECTED]: 13] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Scanned: CONTAINS A VIRUS [MIME: 2 60102] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [ incoming from 64.207.161.182] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Subject: Here we go Again - Proposal Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Virus name reported as different than what scanner detected.
Yep, I'm seeing the same thing with Version 3.0.5.12: = 10/28/2005 10:56:04.343 q662b02abbeb9.smd Vulnerability flags = 0 10/28/2005 10:56:04.343 q662b02abbeb9.smd MIME file: [text/html][7bit; Length=714 Checksum=63910] 10/28/2005 10:56:04.390 q662b02abbeb9.smd MIME file: email-details.zip [base64; Length=93976 Checksum=11204045] 10/28/2005 10:56:04.390 q662b02abbeb9.smd Banning .ZIP file with scr extension. 10/28/2005 10:56:06.156 q662b02abbeb9.smd Virus scanner 1 reports exit code of 3 10/28/2005 10:56:06.171 q662b02abbeb9.smd Scanner 1: Virus= W32/[EMAIL PROTECTED] Attachment=email-details.zip [16] I 10/28/2005 10:56:07.109 q662b02abbeb9.smd Virus scanner 2 reports exit code of 1 10/28/2005 10:56:07.109 q662b02abbeb9.smd Scanner 2: Virus= [ WORM_MYTOB.LV](1) in M:\IMail\spool\proc\work\D662B0~1.VIR\0.zip,(email-details.htm .scr) Attachment=email-details.zip [16] I 10/28/2005 10:56:07.109 q662b02abbeb9.smd File(s) are INFECTED [ [ TROJ_GOLDUN.G](1) in M:\IMail\spool\proc\work\D644C0~1.VIR\0.rar,(MsWindowsUpdate.exe): 1] 10/28/2005 10:56:07.109 q662b02abbeb9.smd Scanned: CONTAINS A VIRUS [Prescan OK][MIME: 2 94832] 10/28/2005 10:56:07.109 q662b02abbeb9.smd From: xxx To: xxx [incoming from xxx] 10/28/2005 10:56:07.109 q662b02abbeb9.smd Subject: Important Notification = 10/28/2005 10:56:22.171 q664302abbecd.smd Vulnerability flags = 0 10/28/2005 10:56:23.750 q664302abbecd.smd Virus scanner 1 reports exit code of 3 10/28/2005 10:56:23.750 q664302abbecd.smd Scanner 1: Virus= HTML/[EMAIL PROTECTED] Attachment= [16] I 10/28/2005 10:56:24.625 q664302abbecd.smd Virus scanner 2 reports exit code of 1 10/28/2005 10:56:24.625 q664302abbecd.smd Scanner 2: Virus= [ HTML_Netsky.P](1) in M:\IMail\spool\proc\work\D66430~1.VIR\0,(NONAMEFL) Attachment= [16] I 10/28/2005 10:56:24.625 q664302abbecd.smd File(s) are INFECTED [ [ TROJ_GOLDUN.G](1) in M:\IMail\spool\proc\work\D644C0~1.VIR\0.rar,(MsWindowsUpdate.exe): 1] 10/28/2005 10:56:24.625 q664302abbecd.smd Scanned: CONTAINS A VIRUS 10/28/2005 10:56:24.625 q664302abbecd.smd From: xxx To: xxx [incoming from xxx] 10/28/2005 10:56:24.625 q664302abbecd.smd Subject: Mail delivery failed: returning message to sender = Bill - Original Message - From: "Darrell ([EMAIL PROTECTED])" <[EMAIL PROTECTED]> To: Sent: Friday, October 28, 2005 9:37 AM Subject: [Declude.Virus] Virus name reported as different than what scanner detected. Anyone seen this before? The message (attachment) have the W97M/Thus Virus and is detected by McAfee as having such, but the final virus string somehow ends up at Netsky? Darrell x:\imail\spool>grep -i q41c378d5099ed6c9.smd vir1028.log 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd Vulnerability flags = 0 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd MIME file: HD New Look list.doc [base64; Length=59 904 Checksum=2996157] 10/28/2005 11:21:10.750 q41c378d5099ed6c9.smd Virus scanner 1 reports exit code of 0 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Virus scanner 2 reports exit code of 13 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Scanner 2: Virus= the W97M/Thus.gen Attachment=HD New Look List.doc [11] I 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd File(s) are INFECTED [ W32/[EMAIL PROTECTED]: 13] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Scanned: CONTAINS A VIRUS [MIME: 2 60102] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [ incoming from 64.207.161.182] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Subject: Here we go Again - Proposal Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] Virus name reported as different than what scanner detected.
Hmm, looks like there is one single variable containing the last detected virus name and several threads writing to and reading from this variable... Markus > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Darrell > ([EMAIL PROTECTED]) > Sent: Friday, October 28, 2005 6:44 PM > To: Declude.Virus@declude.com > Subject: Re: [Declude.Virus] Virus name reported as different > than what scanner detected. > > A little more checking and this seems to be happening on any > message infected with a virus Possible bug... > > Running 3.x, AVAFTERJM, with EXITSCANONVIRUSDETECT ON > > 10/28/2005 00:39:56.359 qab8ff7a40618ffdf.smd File(s) are INFECTED [ > W32/[EMAIL PROTECTED]: 3] > 10/28/2005 00:41:47.968 qabfaf7c50618004e.smd Virus scanner 1 > reports exit code of 3 > 10/28/2005 00:41:47.968 qabfaf7c50618004e.smd Scanner 1: > Virus= W32/[EMAIL PROTECTED] Attachment=email-details.zip [11] O > 10/28/2005 00:41:47.984 qabfaf7c50618004e.smd File(s) are INFECTED [ > W32/[EMAIL PROTECTED]: 3] > 10/28/2005 00:56:05.015 qaf506d06099e03ac.smd Scanner 1: > Virus= W32/[EMAIL PROTECTED] Attachment=email-password.zip [11] O > 10/28/2005 00:56:05.015 qaf506d06099e03ac.smd File(s) are INFECTED [ > W32/[EMAIL PROTECTED]: 3] > > > Darrell ([EMAIL PROTECTED]) writes: > > > Anyone seen this before? The message (attachment) have the > W97M/Thus > > Virus and is detected by McAfee as having such, but the final virus > > string somehow ends up at Netsky? > > > > Darrell > > > > x:\imail\spool>grep -i q41c378d5099ed6c9.smd vir1028.log > > 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd Vulnerability > flags = 0 > > 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd MIME file: HD > New Look > > list.doc [base64; Length=59 > > 904 Checksum=2996157] > > 10/28/2005 11:21:10.750 q41c378d5099ed6c9.smd Virus scanner > 1 reports > > exit code of 0 > > 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Virus scanner > 2 reports > > exit code of 13 > > 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Scanner 2: Virus= the > > W97M/Thus.gen Attachment=HD New Look List.doc [11] I > > 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd File(s) are INFECTED [ > > W32/[EMAIL PROTECTED]: 13] > > 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Scanned: CONTAINS A > > VIRUS > > [MIME: 2 60102] > > 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd From: > > [EMAIL PROTECTED] > > To: [EMAIL PROTECTED] [ > > incoming from 64.207.161.182] > > 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Subject: Here we go > > Again - Proposal > > > > > > > > > -- > > -- Check out http://www.invariantsystems.com for utilities > for Declude > > And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI > > integration, MRTG Integration, and Log Parsers. > > > > > > > > > -- > -- > Check out http://www.invariantsystems.com for utilities for > Declude And Imail. IMail/Declude Overflow Queue Monitoring, > SURBL/URI integration, MRTG Integration, and Log Parsers. > > > --- > This E-mail came from the Declude.Virus mailing list. To > unsubscribe, just send an E-mail to [EMAIL PROTECTED], and > type "unsubscribe Declude.Virus".The archives can be found > at http://www.mail-archive.com. > --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] Virus name reported as different than what scanner detected.
A little more checking and this seems to be happening on any message infected with a virus Possible bug... Running 3.x, AVAFTERJM, with EXITSCANONVIRUSDETECT ON 10/28/2005 00:39:56.359 qab8ff7a40618ffdf.smd File(s) are INFECTED [ W32/[EMAIL PROTECTED]: 3] 10/28/2005 00:41:47.968 qabfaf7c50618004e.smd Virus scanner 1 reports exit code of 3 10/28/2005 00:41:47.968 qabfaf7c50618004e.smd Scanner 1: Virus= W32/[EMAIL PROTECTED] Attachment=email-details.zip [11] O 10/28/2005 00:41:47.984 qabfaf7c50618004e.smd File(s) are INFECTED [ W32/[EMAIL PROTECTED]: 3] 10/28/2005 00:56:05.015 qaf506d06099e03ac.smd Scanner 1: Virus= W32/[EMAIL PROTECTED] Attachment=email-password.zip [11] O 10/28/2005 00:56:05.015 qaf506d06099e03ac.smd File(s) are INFECTED [ W32/[EMAIL PROTECTED]: 3] Darrell ([EMAIL PROTECTED]) writes: Anyone seen this before? The message (attachment) have the W97M/Thus Virus and is detected by McAfee as having such, but the final virus string somehow ends up at Netsky? Darrell x:\imail\spool>grep -i q41c378d5099ed6c9.smd vir1028.log 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd Vulnerability flags = 0 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd MIME file: HD New Look list.doc [base64; Length=59 904 Checksum=2996157] 10/28/2005 11:21:10.750 q41c378d5099ed6c9.smd Virus scanner 1 reports exit code of 0 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Virus scanner 2 reports exit code of 13 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Scanner 2: Virus= the W97M/Thus.gen Attachment=HD New Look List.doc [11] I 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd File(s) are INFECTED [ W32/[EMAIL PROTECTED]: 13] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Scanned: CONTAINS A VIRUS [MIME: 2 60102] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [ incoming from 64.207.161.182] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Subject: Here we go Again - Proposal Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.
[Declude.Virus] Virus name reported as different than what scanner detected.
Anyone seen this before? The message (attachment) have the W97M/Thus Virus and is detected by McAfee as having such, but the final virus string somehow ends up at Netsky? Darrell x:\imail\spool>grep -i q41c378d5099ed6c9.smd vir1028.log 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd Vulnerability flags = 0 10/28/2005 11:21:09.718 q41c378d5099ed6c9.smd MIME file: HD New Look list.doc [base64; Length=59 904 Checksum=2996157] 10/28/2005 11:21:10.750 q41c378d5099ed6c9.smd Virus scanner 1 reports exit code of 0 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Virus scanner 2 reports exit code of 13 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd Scanner 2: Virus= the W97M/Thus.gen Attachment=HD New Look List.doc [11] I 10/28/2005 11:21:11.359 q41c378d5099ed6c9.smd File(s) are INFECTED [ W32/[EMAIL PROTECTED]: 13] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Scanned: CONTAINS A VIRUS [MIME: 2 60102] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] [ incoming from 64.207.161.182] 10/28/2005 11:21:32.796 q41c378d5099ed6c9.smd Subject: Here we go Again - Proposal Check out http://www.invariantsystems.com for utilities for Declude And Imail. IMail/Declude Overflow Queue Monitoring, SURBL/URI integration, MRTG Integration, and Log Parsers. --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com.