Re: Re[6]: [Declude.Virus] testvirus.org #17
But the Mcafee DOES detect the Virus string in the SMD file., But declude reports no virus. (This is for test #17) - Original Message - From: R. Scott Perry [EMAIL PROTECTED] To: Declude.Virus@declude.com Sent: Monday, December 20, 2004 3:08 PM Subject: RE: Re[6]: [Declude.Virus] testvirus.org #22 I turned if off and it still got through. This test message contains: Test #17: Eicar virus hidden using the CR Vulnerability (attachment can be opened by all versions of Microsoft Outlook and Outlook Express) ... I just checked this one, and it got through here, too. I examined the raw source of the E-mail, and there doesn't appear to be a lone CR character in it, so it doesn't appear to actually contain the Outlook CR Vulnerability. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: Re[6]: [Declude.Virus] testvirus.org #17
But the Mcafee DOES detect the Virus string in the SMD file., But declude reports no virus. (This is for test #17) Declude Virus doesn't detect a virus, because there are no vulnerabilities in the E-mail (despite what the test description says). McAfee does not detect it when called by Declude Virus, because Declude Virus only sends MIME segments, attachments, and other such files to McAfee. Since the eicar.com file appears in the headers, where mail clients should be unable to see an attachment, the eicar.com file isn't sent to McAfee. As to why McAfee detects it, it is most likely due to differences in the way that the E-mail is scanned. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: Re[6]: [Declude.Virus] testvirus.org #17
Ahhh.. So Declude doesn't actually Send the SMD file to the Scanner.. It takes the Message Body, wirtes it to a Tmp File, and then scans it? Why not just scan the SMD file , Headers and All ? - Original Message - From: R. Scott Perry [EMAIL PROTECTED] To: Declude.Virus@declude.com Sent: Monday, December 20, 2004 4:41 PM Subject: Re: Re[6]: [Declude.Virus] testvirus.org #17 But the Mcafee DOES detect the Virus string in the SMD file., But declude reports no virus. (This is for test #17) Declude Virus doesn't detect a virus, because there are no vulnerabilities in the E-mail (despite what the test description says). McAfee does not detect it when called by Declude Virus, because Declude Virus only sends MIME segments, attachments, and other such files to McAfee. Since the eicar.com file appears in the headers, where mail clients should be unable to see an attachment, the eicar.com file isn't sent to McAfee. As to why McAfee detects it, it is most likely due to differences in the way that the E-mail is scanned. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: Re[6]: [Declude.Virus] testvirus.org #17
So Declude doesn't actually Send the SMD file to the Scanner.. Correct. It takes the Message Body, wirtes it to a Tmp File, and then scans it? Why not just scan the SMD file , Headers and All ? Because very few AV programs can read a .SMD file. They make their big bucks by selling mailserver virus scanners ($1,000s), as opposed to desktop scanners ($10s), so they don't want the deskstop scanners to scan .SMD files. -Scott --- Declude JunkMail: The advanced anti-spam solution for IMail mailservers since 2000. Declude Virus: Ultra reliable virus detection and the leader in mailserver vulnerability detection. Find out what you've been missing: Ask for a free 30-day evaluation. This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: Re[6]: [Declude.Virus] testvirus.org #17
- Original Message - From: R. Scott Perry [EMAIL PROTECTED] So Declude doesn't actually Send the SMD file to the Scanner.. Correct. It takes the Message Body, wirtes it to a Tmp File, and then scans it? Why not just scan the SMD file , Headers and All ? Because very few AV programs can read a .SMD file. They make their big bucks by selling mailserver virus scanners ($1,000s), as opposed to desktop scanners ($10s), so they don't want the deskstop scanners to scan .SMD files. Many, if not most, desktop command-line scanners today have support for mail/mime encoded files: === F-Prot: -server Turns on heuristics that are suitable when scanning mail messages on a mail server. McAfee: --mime Option tells the VirusScan Command Line application to detect infections within archives converted to UUEncode, XXEncode, Base64, and BinHex formats. ClamAV: ScanMail Enable internal e-mail scanner (Default: enabled) BitDefender: --mail Scan mail databases Sophos: -mime Scan files encoded in MIME format === Bill --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
[Declude.Virus] testvirus.org #17
Hello list, I'm running 1.81, and caught all but #17, the CR Vulnerability. Yet, earlier in the morning, Declude caught the 'Outlook CR Vulnerability' in an email from outside. Is this just due to a difference in the way they send the test, or do I have something configured wrong? Thanks, -Jeff --- [This E-mail scanned for viruses by Declude Anti-Virus] DISCLAIMER This transmission is intended only for the individual or entity to which it is addressed and it contains information that is confidential. If you have received this communication in error, please destroy these materials and contact the sender immediately at the phone number/email address listed above. This information has been disclosed to you from confidential records and is protected by federal and state law. This information may include confidential mental health, substance abuse, and/or alcohol abuse related information. Federal and state law prohibits you from making any further disclosure of this information without the specific written consent of the person to whom it pertains, or as otherwise permitted by law. Any unauthorized further disclosure in violation of the law may result in a fine or jail sentence or both. A general authorization for the release of this information may not be sufficient authorization for further disclosure. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] testvirus.org #17
I failed 16 17 How do i get mcafee to scan the html? - Original Message - From: Jeff Lancton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 17, 2004 8:20 AM Subject: [Declude.Virus] testvirus.org #17 Hello list, I'm running 1.81, and caught all but #17, the CR Vulnerability. Yet, earlier in the morning, Declude caught the 'Outlook CR Vulnerability' in an email from outside. Is this just due to a difference in the way they send the test, or do I have something configured wrong? Thanks, -Jeff --- [This E-mail scanned for viruses by Declude Anti-Virus] DISCLAIMER This transmission is intended only for the individual or entity to which it is addressed and it contains information that is confidential. If you have received this communication in error, please destroy these materials and contact the sender immediately at the phone number/email address listed above. This information has been disclosed to you from confidential records and is protected by federal and state law. This information may include confidential mental health, substance abuse, and/or alcohol abuse related information. Federal and state law prohibits you from making any further disclosure of this information without the specific written consent of the person to whom it pertains, or as otherwise permitted by law. Any unauthorized further disclosure in violation of the law may result in a fine or jail sentence or both. A general authorization for the release of this information may not be sufficient authorization for further disclosure. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] testvirus.org #17
fixed #16 PRESCAN OFF #17 goes thru, - Original Message - From: William Stillwell [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 17, 2004 8:59 AM Subject: Re: [Declude.Virus] testvirus.org #17 I failed 16 17 How do i get mcafee to scan the html? - Original Message - From: Jeff Lancton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 17, 2004 8:20 AM Subject: [Declude.Virus] testvirus.org #17 Hello list, I'm running 1.81, and caught all but #17, the CR Vulnerability. Yet, earlier in the morning, Declude caught the 'Outlook CR Vulnerability' in an email from outside. Is this just due to a difference in the way they send the test, or do I have something configured wrong? Thanks, -Jeff --- [This E-mail scanned for viruses by Declude Anti-Virus] DISCLAIMER This transmission is intended only for the individual or entity to which it is addressed and it contains information that is confidential. If you have received this communication in error, please destroy these materials and contact the sender immediately at the phone number/email address listed above. This information has been disclosed to you from confidential records and is protected by federal and state law. This information may include confidential mental health, substance abuse, and/or alcohol abuse related information. Federal and state law prohibits you from making any further disclosure of this information without the specific written consent of the person to whom it pertains, or as otherwise permitted by law. Any unauthorized further disclosure in violation of the law may result in a fine or jail sentence or both. A general authorization for the release of this information may not be sufficient authorization for further disclosure. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] testvirus.org #17
William, I don't think that you want to do that because of this test. Declude's prescanning will save a server line mine running both F-Prot and McAfee over 40% processor utilization. PRESCAN looks for exploitable code and only sends the HTML to the scanner if it finds something such as JavaScript. The test that is on this site doesn't seem to be sending an exploit, just the eicar string in the middle of an HTML segment, and that can't be executed as far as I can tell (though I didn't run the test). Take note of the marketing aspects of tests like this in addition to the utility they offer. This one was designed by a Declude customer around their own capabilities, or potential capabilities using the product (maybe it's also been extended since I last checked), but my own experience on a Declude competitor's site resulted in a comparably poor showing for my system. Every such site will likely have tests that will not get captured by your system, but that doesn't mean that you are necessarily vulnerable or exposed to an unreasonable degree of risk. I'm not sure what is going on with #17. Personally I have never seen something exploit this vulnerability and maybe there's a detection issue created by the eicar code in this way? Matt William Stillwell wrote: fixed #16 PRESCAN OFF #17 goes thru, - Original Message - From: William Stillwell [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 17, 2004 8:59 AM Subject: Re: [Declude.Virus] testvirus.org #17 I failed 16 17 How do i get mcafee to scan the html? - Original Message - From: Jeff Lancton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 17, 2004 8:20 AM Subject: [Declude.Virus] testvirus.org #17 Hello list, I'm running 1.81, and caught all but #17, the CR Vulnerability. Yet, earlier in the morning, Declude caught the 'Outlook CR Vulnerability' in an email from outside. Is this just due to a difference in the way they send the test, or do I have something configured wrong? Thanks, -Jeff --- [This E-mail scanned for viruses by Declude Anti-Virus] DISCLAIMER This transmission is intended only for the individual or entity to which it is addressed and it contains information that is confidential. If you have received this communication in error, please destroy these materials and contact the sender immediately at the phone number/email address listed above. This information has been disclosed to you from confidential records and is protected by federal and state law. This information may include confidential mental health, substance abuse, and/or alcohol abuse related information. Federal and state law prohibits you from making any further disclosure of this information without the specific written consent of the person to whom it pertains, or as otherwise permitted by law. Any unauthorized further disclosure in violation of the law may result in a fine or jail sentence or both. A general authorization for the release of this information may not be sufficient authorization for further disclosure. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ = --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus
Re: [Declude.Virus] testvirus.org #17
Well, I been goofing with #17 I stopped my Quee Manager, Found the SMD files for the test. and manually ran Mcafee against it.. Finds Virus? But Decluded says that mcafee reported no virus.. Report.Txt to follow: - 12/17/2004 10:07:58 Options: /LOAD SCANOPT.TXT .\DF1F901860D8F.SMD Scanning C: [] Scanning C:\virus\DF1F901860D8F.SMD C:\virus\Df1f901860d8f.SMD\eicar.com ... Found: EICAR test file NOT a virus. Summary report on C:\virus\DF1F901860D8F.SMD File(s) Total files: ... 2 Clean: . 1 Possibly Infected: . 1 Time: 00:00.00 - Now, I see Found: There, but it not cuaght ? I dunno, me confused. - Original Message - From: Matt [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 17, 2004 9:48 AM Subject: Re: [Declude.Virus] testvirus.org #17 William, I don't think that you want to do that because of this test. Declude's prescanning will save a server line mine running both F-Prot and McAfee over 40% processor utilization. PRESCAN looks for exploitable code and only sends the HTML to the scanner if it finds something such as JavaScript. The test that is on this site doesn't seem to be sending an exploit, just the eicar string in the middle of an HTML segment, and that can't be executed as far as I can tell (though I didn't run the test). Take note of the marketing aspects of tests like this in addition to the utility they offer. This one was designed by a Declude customer around their own capabilities, or potential capabilities using the product (maybe it's also been extended since I last checked), but my own experience on a Declude competitor's site resulted in a comparably poor showing for my system. Every such site will likely have tests that will not get captured by your system, but that doesn't mean that you are necessarily vulnerable or exposed to an unreasonable degree of risk. I'm not sure what is going on with #17. Personally I have never seen something exploit this vulnerability and maybe there's a detection issue created by the eicar code in this way? Matt William Stillwell wrote: fixed #16 PRESCAN OFF #17 goes thru, - Original Message - From: William Stillwell [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 17, 2004 8:59 AM Subject: Re: [Declude.Virus] testvirus.org #17 I failed 16 17 How do i get mcafee to scan the html? - Original Message - From: Jeff Lancton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 17, 2004 8:20 AM Subject: [Declude.Virus] testvirus.org #17 Hello list, I'm running 1.81, and caught all but #17, the CR Vulnerability. Yet, earlier in the morning, Declude caught the 'Outlook CR Vulnerability' in an email from outside. Is this just due to a difference in the way they send the test, or do I have something configured wrong? Thanks, -Jeff --- [This E-mail scanned for viruses by Declude Anti-Virus] DISCLAIMER This transmission is intended only for the individual or entity to which it is addressed and it contains information that is confidential. If you have received this communication in error, please destroy these materials and contact the sender immediately at the phone number/email address listed above. This information has been disclosed to you from confidential records and is protected by federal and state law. This information may include confidential mental health, substance abuse, and/or alcohol abuse related information. Federal and state law prohibits you from making any further disclosure of this information without the specific written consent of the person to whom it pertains, or as otherwise permitted by law. Any unauthorized further disclosure in violation of the law may result in a fine or jail sentence or both. A general authorization for the release of this information may not be sufficient authorization for further disclosure. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- This email has been scanned for possible viruses by Declude Antivirus. For more information on Declude Antivirus, Visit www.declude.com --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- This email has been
Re: [Declude.Virus] testvirus.org #17
William, You should probably re-read my original message again regarding this. Declude's PRESCAN will only launch the scanner if it finds code that is capable of being exploited. Standard HTML is not exploitable, but JavaScript is, so standard HTML doesn't get scanned, and HTML with JavaScript will get scanned. Putting the eicar string in the middle of HTML will trigger your scanner if scanned, but I'm not convinced that it is exploitable in this format. Furthermore, turning PRESCAN OFF can result in +40% extra processor utilization on a system running two scanners. Matt William Stillwell wrote: Well, I been goofing with #17 I stopped my Quee Manager, Found the SMD files for the test. and manually ran Mcafee against it.. Finds Virus? But Decluded says that mcafee reported no virus.. Report.Txt to follow: - 12/17/2004 10:07:58 Options: /LOAD SCANOPT.TXT .\DF1F901860D8F.SMD Scanning C: [] Scanning C:\virus\DF1F901860D8F.SMD C:\virus\Df1f901860d8f.SMD\eicar.com ... Found: EICAR test file NOT a virus. Summary report on C:\virus\DF1F901860D8F.SMD File(s) Total files: ... 2 Clean: . 1 Possibly Infected: . 1 Time: 00:00.00 - Now, I see Found: There, but it not cuaght ? I dunno, me confused. - Original Message - From: Matt [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 17, 2004 9:48 AM Subject: Re: [Declude.Virus] testvirus.org #17 William, I don't think that you want to do that because of this test. Declude's prescanning will save a server line mine running both F-Prot and McAfee over 40% processor utilization. PRESCAN looks for exploitable code and only sends the HTML to the scanner if it finds something such as JavaScript. The test that is on this site doesn't seem to be sending an exploit, just the eicar string in the middle of an HTML segment, and that can't be executed as far as I can tell (though I didn't run the test). Take note of the marketing aspects of tests like this in addition to the utility they offer. This one was designed by a Declude customer around their own capabilities, or potential capabilities using the product (maybe it's also been extended since I last checked), but my own experience on a Declude competitor's site resulted in a comparably poor showing for my system. Every such site will likely have tests that will not get captured by your system, but that doesn't mean that you are necessarily vulnerable or exposed to an unreasonable degree of risk. I'm not sure what is going on with #17. Personally I have never seen something exploit this vulnerability and maybe there's a detection issue created by the eicar code in this way? Matt William Stillwell wrote: fixed #16 PRESCAN OFF #17 goes thru, - Original Message - From: William Stillwell [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 17, 2004 8:59 AM Subject: Re: [Declude.Virus] testvirus.org #17 I failed 16 17 How do i get mcafee to scan the html? - Original Message - From: Jeff Lancton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 17, 2004 8:20 AM Subject: [Declude.Virus] testvirus.org #17 Hello list, I'm running 1.81, and caught all but #17, the CR Vulnerability. Yet, earlier in the morning, Declude caught the 'Outlook CR Vulnerability' in an email from outside. Is this just due to a difference in the way they send the test, or do I have something configured wrong? Thanks, -Jeff --- [This E-mail scanned for viruses by Declude Anti-Virus] DISCLAIMER This transmission is intended only for the individual or entity to which it is addressed and it contains information that is confidential. If you have received this communication in error, please destroy these materials and contact the sender immediately at the phone number/email address listed above. This information has been disclosed to you from confidential records and is protected by federal and state law. This information may include confidential mental health, substance abuse, and/or alcohol abuse related information. Federal and state law prohibits you from making any further disclosure of this information without the specific written consent of the person to whom it pertains, or as otherwise permitted by law. Any unauthorized further disclosure in violation of the law may result in a fine or jail sentence or both. A general authorization for the release of this information may not be sufficient authorization for further disclosure. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail