Re: Rogue emails on this TBUDL
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Mark, @23-Aug-2003, 07:57 Mark said to Jonathan: ... What happened was that the download just stopped on previous Angliss emails, and required killing the Bat from the task list. I guess it might be an AV problem rather than a BAT problem. It is. When the AV spots a suspected virus, it's locking the file which leaves TB high and dry - it was in the middle of using that file and didn't expect to have the rug pulled quite so firmly from under its feet. - -- Cheers -- .\\arck D Pearlstone -- List moderator TB! v2.0 Beta/3 on Windows XP 5.1.2600 Service Pack 1 -BEGIN PGP SIGNATURE- Version: PGPsdk version 1.7.1 (C) 1997-1999 Network Associates, Inc. and its affiliated companies. iQA/AwUBP0c3KDnkJKuSnc2gEQKU+ACg5jyKtFkwaqe3QqyD4BMJvi6Aev4AnRHs VlWIOs5lDBFRlMGqwvTtrQdD =43Cj -END PGP SIGNATURE- Current version is 1.62r | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Rogue emails on this TBUDL
Dear Bats For rome reason email messages from Jonathan Angliss Kill the bat stone cold on downloading (requiring a rest). Deleted from server, and then the next from Jonathan does the same. Any idea why?? - I can't get one of his emails to see if the headers are strange or anything. Mark Current version is 1.62r | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Rogue emails on this TBUDL
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 M Any idea why?? - I can't get one of his emails to see if the M headers are strange or anything. All OK here. Here's the headers from one of his messages received today... ,- [ ] | Received: from ngfire.ngcomms.ecs.uk ([10.10.100.1]) by mercury.estatecomputers.co.uk with Microsoft | SMTPSVC(5.0.2195.6713); | Fri, 22 Aug 2003 04:31:36 +0100 | Received: from mail pickup service by ngfire.ngcomms.ecs.uk with Microsoft SMTPSVC; | Fri, 22 Aug 2003 04:31:47 +0100 | Received: from draenor.its-toasted.org ([127.0.0.1]) by ngfire.ngcomms.ecs.uk with Microsoft | SMTPSVC(5.0.2195.6713); | Fri, 22 Aug 2003 04:31:45 +0100 | Received: from localhost ([127.0.0.1] helo=draenor.its-toasted.org) | by draenor.its-toasted.org with esmtp (Exim 3.36 #1) | id 19q2f9-0005PX-00; Fri, 22 Aug 2003 05:32:31 +0200 | Received: from netdork.net ([66.137.233.211] helo=vampire.netdork.net) | by draenor.its-toasted.org with esmtp (Exim 3.36 #1) | id 19q2et-0005M9-00 | for [EMAIL PROTECTED]; Fri, 22 Aug 2003 05:32:15 +0200 | Received: from localhost (localhost.localdomain [127.0.0.1]) | by vampire.netdork.net (Postfix) with ESMTP id 3AEF6A816A | for [EMAIL PROTECTED]; Thu, 21 Aug 2003 22:32:12 -0500 (CDT) | Received: from vampire.netdork.net ([127.0.0.1]) | by localhost (vampire.netdork.net [127.0.0.1]) (amavisd-new, port 10024) | with ESMTP id 08362-07 for [EMAIL PROTECTED]; | Thu, 21 Aug 2003 22:32:10 -0500 (CDT) | Received: from valcor.corp.local (c-67-166-207-248.client.comcast.net | [67.166.207.248]) | by vampire.netdork.net (Postfix) with ESMTP id D3FE5A8169 | for [EMAIL PROTECTED]; Thu, 21 Aug 2003 22:32:10 -0500 (CDT) | Date: Thu, 21 Aug 2003 22:34:32 -0500 | From: Jonathan Angliss [EMAIL PROTECTED] | X-Mailer: The Bat! (v2.0 Beta/3) | Organization: Netdork Inc | X-Priority: 3 (Normal) | Message-ID: [EMAIL PROTECTED] | To: Nick OHare [EMAIL PROTECTED] | In-Reply-To: [EMAIL PROTECTED] | References: [EMAIL PROTECTED] | MIME-Version: 1.0 | Content-Type: text/plain; charset=us-ascii | Content-Transfer-Encoding: 7bit | X-Virus-Scanned: by amavisd-new at netdork.net | Subject: Re: Sobig.f filtering | X-BeenThere: [EMAIL PROTECTED] | X-Mailman-Version: 2.1.2 | Precedence: list | Reply-To: [EMAIL PROTECTED] | List-Id: tbudl.thebat.dutaint.com | List-Unsubscribe: http://stromgrade.its-toasted.org/mailman/listinfo/tbudl, | mailto:[EMAIL PROTECTED] | List-Post: mailto:[EMAIL PROTECTED] | List-Help: mailto:[EMAIL PROTECTED] | List-Subscribe: http://stromgrade.its-toasted.org/mailman/listinfo/tbudl, | mailto:[EMAIL PROTECTED] | Sender: [EMAIL PROTECTED] | Errors-To: [EMAIL PROTECTED] | Return-Path: [EMAIL PROTECTED] | X-OriginalArrivalTime: 22 Aug 2003 03:31:45.0339 (UTC) FILETIME=[E963E0B0:01C3685D] `- - -- Stuart Using The Bat! v1.63 Beta/11 on Windows XP 5.1 Build 2600 Service Pack 1 PGP Key available from ldap://keyserver.pgp.com ... As I said before, I never repeat myself. -BEGIN PGP SIGNATURE- Version: PGP SDK 3.0 iQA/AwUBP0YH19ttnLhkydF1EQLJ0gCgt8WVYm1I6xblKWj3LYZ4rQqHT7EAoMxt iDSWe9XJdJQ5m6YkOAb15sPI =C+MM -END PGP SIGNATURE- Estate Computer Systems Limited Westgate House, Westgate, Sleaford, Lincolnshire, NG34 7RJ Registered in England No 1604453. VAT No. 416 2922 63 ECS are members of the following trade organisations: The Microsoft Certified Partner Programme, The Borland User Group, and PISCES (Property Information System Common Exchange Standard) To find out more about ECS why not visit our website http://www.estatecomputers.com The information in this email (and any attachment) may be for the intended recipient only. If you know you are not the intended recipient, please do not use or disclose the information in any way and please delete this email (and any attachment from your system). See http://www.estatecomputers.co.uk/email.htm for our full E-mail communication conditions. (If the above URLs do not appear as links you may need to copy the details into your browser address line to access these pages). Current version is 1.62r | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Rogue emails on this TBUDL
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Mark, @22-Aug-2003, 12:51 Mark [M] in mid:[EMAIL PROTECTED] said: M For rome reason email messages from Jonathan Angliss Kill the bat M stone cold on downloading (requiring a rest). Deleted from M server, and then the next from Jonathan does the same. M Any idea why?? - I can't get one of his emails to see if the M headers are strange or anything. This was mentioned earlier. His mails carry the 'SOBIG' marker of X-MailScanner: Found to be clean. If you are filtering on that, add a Sender: Angliss ... No filter. If you have a live mail scanner, then you'd be better off using a TB friendly AV program with a plug-in to let TB scan the mails rather than have the IP data stream suddenly vanish mid-mail. The AV you're using sounds like it could be a bit overzealous. - -- Cheers -- .\\arck D Pearlstone -- List moderator TB! v2.0 Beta/3 on Windows XP 5.1.2600 Service Pack 1 -BEGIN PGP SIGNATURE- Version: PGPsdk version 1.7.1 (C) 1997-1999 Network Associates, Inc. and its affiliated companies. iQA/AwUBP0YTEjnkJKuSnc2gEQK5VQCgxdIP8J7njRojOJMegYxza/p1nzcAoIq1 wSP/0Y6aGn/jUq06Inox/+Wy =dD4k -END PGP SIGNATURE- Current version is 1.62r | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Rogue emails on this TBUDL
On Friday, August 22, 2003, Marck D Pearlstone wrote... This was mentioned earlier. His mails carry the 'SOBIG' marker of X-MailScanner: Found to be clean. If you are filtering on that, add a Sender: Angliss ... No filter. It shouldn't be any more... I changed mail server and the new mail scanner uses a different header. If it's still picking up that one, then I've probably messed up a setting somewhere. However, if a filter on X-Mailscanner can kill TB dead, might that be considered a big bug? -- Jonathan Angliss ([EMAIL PROTECTED]) Remember, to a computer 1 + 1 = 10. Current version is 1.62r | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html
Re: Rogue emails on this TBUDL
On Friday, August 22, 2003, Marck D Pearlstone wrote... This was mentioned earlier. His mails carry the 'SOBIG' marker of X-MailScanner: Found to be clean. If you are filtering on that, add a Sender: Angliss ... No filter. Just because I'm nice, and don't want to kill anybody, nor get false positives from silly admins... I've updated my server, it now reports a different string when sending mail through my old work server. My own mail server reports a completely different string anyway, so I've not updated that one. -- Jonathan Angliss ([EMAIL PROTECTED]) Ensign Walnut approaches Dr. Crusher with caution Current version is 1.62r | Using TBUDL information: http://www.silverstones.com/thebat/TBUDLInfo.html