On Apr 6, 2004, at 3:23 PM, Diego d'Ambra wrote:
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of jef moskot
Sent: 6. april 2004 19:08
To: [EMAIL PROTECTED]
Subject: Re: [Clamav-users] Virus Names
On Tue, 6 Apr 2004, Eric Rostetter wrote:
If
On Apr 6, 2004, at 4:31 PM, Eric Rostetter wrote:
Quoting jef moskot [EMAIL PROTECTED]:
On Tue, 6 Apr 2004, Eric Rostetter wrote:
But changing the name after the fact would just confuse people more.
I completely disagree. Hardcore Clam users are more likely to
understand
the reality of the
Recent discussions on other names...what about an improved version of
http://www.nfllab.com/projects/cvnr/
Maybe adding an encyclopedia of virus information to each name?
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux
On Apr 15, 2004, at 12:22 PM, Virgo Pärna wrote:
On Thu, 15 Apr 2004 09:55:08 -0400, Bart Silverstrim wrote:
Sooo my question is that at this point, does clamav have the ability
to
pick up the passworded zip file sent by a specific bagle variant,
while
passing others along undetected
On Apr 18, 2004, at 11:00 PM, Wiltshire, Michael wrote:
I'm supposed to set up clamav to scan mail going to our Microsoft
Exchange 5.5 . From the documentation I've seen I don't see how that
can be done. Can someone help me out on how to do this, or point me
in the direction where I can find
On Apr 18, 2004, at 7:07 AM, Ian Armstrong wrote:
I am looking for an SMTP proxy to use with Clamav. Can anyone
recommend one?
I'm not sure what you're trying to configure exactly, but we're using
postfix+amavisd-new and clamav on FreeBSD 4.9 for use as an SMTP
gateway to scan incoming mail
On Apr 21, 2004, at 5:04 PM, Tom Walsh wrote:
I know that Tomasz had mentioned that the clamav developers were
working
on the ICAP (i-cap.org) implementation of clamd back in March. I have
not heard anything about the status of this recently and was curious to
see where this is at.
I am really
On Apr 22, 2004, at 1:03 PM, Jon Roland wrote:
As for Linux and Windows, eventually there can be only one. I prefer
it be Linux or its descendant.
As for Chevy and Ford, eventually there can be only one. I prefer it
be Chevy or its descendant.
Doubtful. There will always be diversity in
On Apr 29, 2004, at 3:03 PM, Jim Maul wrote:
Hi:
I have a question about the setup of clamav and postfix:
Use two instances of postfix is the only way to integrate clamav with
postfix?
Thanks.
I don't know if it's the *only* way, but it's how we use it (first
instance listens for incoming mail
On May 5, 2004, at 10:00 AM, Matthew Myers wrote:
Is there a way to auto delete the temp files created when scanning?
My system (v 0.70) hung yesterday due to the temp files not being
deleted...they tend to grow and grow and grow. Today I already have
over 10,000 temp files, and although it
On May 6, 2004, at 1:54 AM, Cecilia Mtz wrote:
Hello
I noticed that space used on my server went up more than 1 GB in two
days. I
searched for possible causes and found that on the /temp directory
there are
hundreds of folders with names like:
/clamav-32a04d8981dc9029
/clamav-64c3234be1ab21c8
On Jun 14, 2004, at 5:06 AM, Kent Emia wrote:
i just browse thru my pc and found this file and wondered what would be
the use of anti-virus if this won't clean infected file???
snip
when would these be implemented ... btw im using clamav for my windows
and linux pc ...
Many AV today seem to not
On Aug 10, 2004, at 5:57 AM, Jeremy Kitchen wrote:
Mitch (WebCob) wrote:
Just a few ideas...
hey, brainstorming is good, it's just the ideas aren't always ;)
Another stupid idea...how about a mechanism where clam can have updates
pushed to it, so servers controlled by the clam team can distribute
On Aug 10, 2004, at 2:30 PM, Jeremy Kitchen wrote:
On Tuesday 10 August 2004 12:23 pm, Damian Menscher wrote:
The gpg-signature prevents spoofing. And the sequence numbers
keep everyone current. The major problems I see are getting clamd to
recognize a message targeted for it, and the obvious
On Aug 11, 2004, at 10:32 AM, Martin Konold wrote:
Am Mittwoch, 11. August 2004 13:53 schrieb Bart Silverstrim:
Hi Bart,
the idea does become popular, and clam and other programs out there
start taking advantage of it
DNS was developed exactly for this kind of purpose.
Storing non-DNS related
On Aug 11, 2004, at 1:22 PM, Martin Konold wrote:
Am Wednesday 11 August 2004 16:19 schrieb Bart Silverstrim:
Hi Bart,
DNS was developed exactly for this kind of purpose.
Storing non-DNS related information for retrieval? As I understand
the
proposition (and the original lecture that this idea
On Aug 11, 2004, at 10:40 AM, Damian Menscher wrote:
On Wed, 11 Aug 2004, Lionel Bouton wrote:
Since some time I am thinking of a bittorrent approach too. Bittorrent
is quite efficient at distributing files and there are implementations
allowing multiple trackers to distribute the remaining
I'm in the prelim stages of assembling a new mail server with OS X
(using regular OS X Panther, not OS X Panther Server). I'd like to use
the Postfix daemon (already with Panther) and ClamAV (which I can get
installed via Fink). Is there a simple way to get Postfix to hand off
email to
On Aug 18, 2004, at 6:03 AM, Derek Tom wrote:
Hello,
Mac OS X is listed as a supported platform but beyond that, there's no
info on actually getting ClamAV installed on OS X. I looked through
the FAQ, binary packages and ports (OS X not even listed),
documentation, WikiWiki, and did a quick
On Aug 19, 2004, at 9:24 PM, Randall Perry wrote:
on 8/18/04 8:55 AM, Bart Silverstrim at [EMAIL PROTECTED]
wrote:
Best way I've found is to install Fink and install ClamAV using Fink
(Fink Commander). VERY easy to keep updated to the latest ClamAV
using
Fink (although you do need to keep
On Aug 20, 2004, at 7:21 PM, [EMAIL PROTECTED] wrote:
Rajanikanth P wrote:
Hello D.J. Fan,
But i have a problem here. Assume that clam updates are published at
6:10 Pm. I check for new updates at 6:05 so the next time i gonna
check is at 7:05 it just means that after 55 mins i got the updates.
And
On Aug 24, 2004, at 10:39 PM, Ajay wrote:
Hi,
What are some other ways to get clamd support in postfix without using
amavisd-new because I don't need all the features of amavisd-new.
My setup is really basic where everyone has a shell account so in
order for everyone to have their own bayes
Hello,
I'm trying to integrate a clamav with a simple sitewide procmail recipe
to run clamscan-procfilter then take action if the headers contain the
virus tag (X-CLAMAV). The first part of the recipe in the script makes
sense...
*
# :0fw: virus1.lock
On Sep 22, 2004, at 5:33 AM, Ralph Angenendt wrote:
He has to link the database *somehow* into his program. Look up what
the GPL has to say about that.
And: Hey, if you do not like the license of a program - do not use it.
It is simple as that. If you want to use it - fulfill the license.
I think
On Sep 22, 2004, at 12:01 PM, Brian Bruns wrote:
Security through obsecurity... How comforting.
Misguided yet implemented by so many...
Either use the DB as the authors tell you you can use it, or don't use
it at all. It is very simple to understand. How would you like it if
you were the ones
On Sep 24, 2004, at 7:55 AM, Joël Brogniart wrote:
Hi there.
I'm trying to install clamav on an Apple XServer with Mac OS X 10.3.5
(and all updates today).
My first try is with september 2003 dev tools installer. A second try
with XCode Tools 1.5 gave the same result. The third gave better
On Sep 30, 2004, at 3:26 AM, Damian Menscher wrote:
On Wed, 29 Sep 2004 [EMAIL PROTECTED] wrote:
... It's interesting that viruses are finally starting to implement
what
we were joking about in 1995 at high school...
I'm impressed with how far we've come. Less than a year ago, I could
most
On Sep 30, 2004, at 1:08 PM, ralf bosz wrote:
I have just upgraded to the latest version of ClamAV that is said to
be able
to detect the new JPEG vulnerability. I'm using ClamAV with
MailScanner to
scan e-mail. How can I test to see if ClamAV is indeed detecting the
JPEG
exploit?
Download an
On Oct 5, 2004, at 6:08 AM, gillian wrote:
Thank you so much for your response, but boy, now I am confused. Are
you
saying I should be using amavis not clamav? This is the 2nd response
with an amavis url in it.
Amavis is a program that can work in conjunction with ClamAV.
Most UNIX systems work
On Oct 24, 2004, at 3:29 PM, Mark Adams wrote:
Matt wrote:
What's the worst that can happen? It fails to compile, and you still
need
to find a packaged version. You'll be no worse off than you are now.
The worst that can happen? I descend once again into dependency hell
and spend hours
On Nov 14, 2004, at 9:26 AM, Steve Basford wrote:
since ClamAV reached v0.80, I am using it to scan and reject e-mail
messages. Today I noticed that ClamAV also detects phishing attacks.
Phishing is pure social engineering and poses no threat whatsoever in
a
technical sense.
I'm certainly
On Nov 14, 2004, at 9:32 AM, Joe Maimon wrote:
Steve Basford wrote:
since ClamAV reached v0.80, I am using it to scan and reject e-mail
messages. Today I noticed that ClamAV also detects phishing attacks.
Phishing is pure social engineering and poses no threat whatsoever
in a
technical sense.
On Nov 14, 2004, at 10:01 AM, John Jolet wrote:
On the issue of manually reviewing the mails to submitisn't this
the
purpose of the quarantine directory? When it detects a phishing
malware,
look at the file in the quarantine directory.
I think he's thinking that this is more time and labor
On Nov 15, 2004, at 8:26 AM, jef moskot wrote:
On Mon, 15 Nov 2004, Trog wrote:
For example, the last Bagle (or Bofra) outbreak simply sent an email
to
it's target victims, who then have to click on a link to download the
Worm. According to your definition, that is a 'social' attack, and
should
On Nov 15, 2004, at 10:40 AM, Dennis Skinner wrote:
Julian Mehnle wrote:
Besides, if mail servers started
using SPF (or similar authentication techniques) to verify envelope
sender
addresses, whoever publishes SPF records for his domains would be
Not to start another flame war, but I find it
On Nov 15, 2004, at 11:14 AM, jef moskot wrote:
On Mon, 15 Nov 2004, Bart Silverstrim wrote:
I'd say leave it to the antispammers to hammer out, and to the people
who focus on bayes filters...
In my case, if Clam has a chance to see the phishing e-mail, the
anti-spam
tactics have already failed
On Nov 15, 2004, at 11:48 AM, Julian Mehnle wrote:
Matt [EMAIL PROTECTED] wrote:
The problem is that, as yourself and others have mentioned, the
distinction between the different categories are dependant upon
personal
interpretation. What one classes as social engineering, someone else
may
class
On Nov 15, 2004, at 11:48 AM, Trog wrote:
Not one of the Clam developers have proposed adding general spam
detection to ClamAV.
You're right. This was an idea being proposed, I thought...a
suggestion. Isn't this something worth going over on a users list as
discussion?
Sorry if not... :-/
On Nov 15, 2004, at 11:54 AM, Brian Morrison wrote:
On Mon, 15 Nov 2004 17:48:35 +0100 in
[EMAIL PROTECTED] Julian Mehnle
[EMAIL PROTECTED] wrote:
But there definitely is a distinction between technical attacks and
social engineering attacks, even though they're somewhat overlapping.
I can't see
On Nov 15, 2004, at 12:25 PM, Chris Meadors wrote:
On Mon, 2004-11-15 at 12:12 -0500, Bart Silverstrim wrote:
If it's a bunch of flashy graphics telling you to visit a website for
fantastic deals on hiding money from third world countries while
getting fantastic mortgage rates on your pen1s
On Nov 15, 2004, at 12:29 PM, Daniel J McDonald wrote:
clamav kills bad things - that's good, and I'd like it to be able to
continue to kill bad things in the same expedient manner that it has in
the past.
That's not entirely true. There are people who installed it on Windows
and Windows still
On Nov 15, 2004, at 12:32 PM, Dennis Skinner wrote:
How little user interaction is required before it is considered a
technical enough? Require the user to open the attachment? Require
the user to pop their mail?
Technically, most viruses these days are social engineered in some
way. Unlike
On Nov 15, 2004, at 12:43 PM, Matt wrote:
If the standard database was segregated, some people would inevitably
cock up their configs and run with partial protection. This can cause
problems not only for themselves, but others, in the case of
propogation.
Whitelist all traffic you want to allow!
On Nov 15, 2004, at 2:02 PM, jef moskot wrote:
On Mon, 15 Nov 2004, Bart Silverstrim wrote:
...if you're going to start moving it into another direction, it may
be
best to fork that and leave the original recipe alone until the new
direction...
I think you're overstating what the ClamAV team
On Nov 15, 2004, at 2:41 PM, Ken Jones wrote:
Phising poses a threat to your users. The line between malware and
virus'
is a very grey one.
Phishing is a threat if they supply information. How do you stop
people from voluntarily giving information over? Scan every mail for
text or formatting
On Nov 15, 2004, at 4:27 PM, Dennis Skinner wrote:
Dave Goodrich wrote:
My preference has been stated. I would prefer SpamAssassin do the
puzzle solving of message bodies, headers, URI lookups, message
obfuscation, etc and let ClamAV do the signature matching of
attachments.
SA uses many more
On Nov 15, 2004, at 4:39 PM, Kevin W. Gagel wrote:
If I could use a single package to virus scan, spam scan and
protect my users and company against phishing attacks then I
would gladly use it (provided of course it was reliable).
If I could use one operating system free from most bugs and
On Nov 15, 2004, at 4:41 PM, [EMAIL PROTECTED] wrote:
Bart Silverstrim wrote:
I find it interesting though that I've yet to hear from anyone
commenting on my proposal to create a filter that will extract and
convert all emails into pure text, or reformat it so only certain
things can get through
On Nov 15, 2004, at 5:35 PM, Nigel Horne wrote:
On Monday 15 Nov 2004 9:23 pm, Bart Silverstrim wrote:
Since I don't know any of the developers
You can find our names in .../AUTHORS.
-Bart
-Nigel
Well...I still don't *KNOW* you :-)
Nice to kinda sorta meet you though. You and the rest
On Nov 15, 2004, at 4:44 PM, Dave Goodrich wrote:
Bart Silverstrim wrote:
I find it interesting though that I've yet to hear from anyone
commenting on my proposal to create a filter that will extract and
convert all emails into pure text, or reformat it so only certain
things can get through
On Nov 16, 2004, at 12:52 PM, Minica, Nelson (EDS) wrote:
1024 viruses blocked in the last month (after 152,000 emails blocked
by RBL's,etc)
68 were phishing attacks my users appreciated not seeing
Then SpamAssassin flagged 1500 and Mimedefang removed 1300
attachments
Overlapping products and
On Jan 27, 2005, at 10:25 AM, Damian Menscher wrote:
There was a discussion about this several months ago. Unfortunately,
many people (including part of the signature-generation team) are too
dogmatic about their feelings that phishing is bad, so we should
block it to look at it logically.
Can
On Jan 27, 2005, at 10:33 AM, Tomasz Kojm wrote:
No problem. As a bonus we will create a signature for your domain name
;-)
Just kidding! Honest! I'd NEVER think of having Windows thought of as
a virus... :-)
___
On Jan 27, 2005, at 11:29 AM, Tomasz Kojm wrote:
On Thu, 27 Jan 2005 11:27:00 -0500
Adam Tauno Williams [EMAIL PROTECTED] wrote:
Just my two cents - I agree with the other guy. CLAM should blocks
virii and worms, and leave SPAM to something else. Just think of the
Phishing IS NOT spam! Is that
On Jan 31, 2005, at 1:35 PM, Sam wrote:
Came across this and thought many of you may enjoy it.
http://www.eweek.com/article2/0,1759,1756636,00.asp?
kc=ewnws013105dtx1k599
Is it better than the previous one I didn't think we'd ever see as
working?
Write virus
email to random people with
I'm running clamscan / ClamAV version 0.67-1 on FreeBSD 4.9 (clamav
from ports collection), using clamd to scan incoming email for viruses.
I have seen some people on the list say that clamd will stop working
if the maximum logfile size is hit?
Is there anyone using newsyslog to rotate the
On Mar 16, 2004, at 12:55 AM, Odhiambo Washington wrote:
I have seen some people on the list say that clamd will stop working
if the maximum logfile size is hit?
Well, that was discussed, but they also gave solutions with the use of
logrotate.
I was hoping not to add another rotation system to
On Mar 16, 2004, at 10:13 PM, Steven P. Donegan wrote:
Fajar A. Nugraha wrote:
Steven P. Donegan wrote:
Hmmm, I just do a freshclam from chron rather than let it run as a
daemon - as a new user (I just downloaded, installed, integrated
with my anti-spam/anti-virus proxy - home built, today).
On Mar 24, 2004, at 12:01 PM, Lars Kristiansen wrote:
Could it be an idea to request possibility to list an alias in the
output.
For example if one is running both f-prot and clamav, and want one
statistic. Then you might want to tell clamav to list the f-prot alias
in
log.
If it were a vote,
On Mar 26, 2004, at 11:10 AM, Jesse Guardiani wrote:
Dilip M wrote:
[...]
Only improvement is Test # 12 was detected ?
Where as all other Viruses,ie
Test # 19,21,23,25
came through :(
That is exactly what I'm getting with qmail-scanner-1.21 and
clamav0.70-rc
(and the CVS version from
On Mar 26, 2004, at 2:35 PM, Trog wrote:
On Fri, 2004-03-26 at 18:35, Bart Silverstrim wrote:
Hmm...when I just tested it (postfix, clamav, amavisd-new) tests 8,
12,
24, and 25 got through. Am I missing something in my config?
How worried should I be about those viruses getting through
On Mar 30, 2004, at 9:51 AM, Antony Stone wrote:
On Tuesday 30 March 2004 3:34 pm, Bart Silverstrim wrote:
Was there a drop in the number of signatures in the database recently?
After what seemed like a slow update, the number of viruses appears to
be only near 20,600...I thought
On Nov 7, 2006, at 6:48 PM, Jim Redman wrote:
Chris,
Christopher X. Candreva wrote:
On Tue, 7 Nov 2006, Jim Redman wrote:
Your opinions, seem to be the prevalent attitude of the vocal
members of this
list - if you don't suffer, it wasn't worth it.
I would disagree, in that I don't see
On Nov 7, 2006, at 6:16 PM, Jim Redman wrote:
Steve,
Steve Holdoway wrote:
You really do need to get out of the mindset that you don't
actually need to know what you're doing to administer a server. It
is *NOT* a trivial task, requires skills to support it, and years
of experience to
On Nov 9, 2006, at 2:09 PM, Jim Redman wrote:
Folks,
I have to say, of all the lists I subscribe to, the vocal members
of this list are the most arrogant and insulting. However, I
consider comments such as Luca Gibelli's, bandwidth wasting, We
are happy to suffer this loss. and Dennis
On Nov 9, 2006, at 2:40 PM, Daniel J McDonald wrote:
On Thu, 2006-11-09 at 10:24 -0500, Bart Silverstrim wrote:
On Nov 7, 2006, at 6:48 PM, Jim Redman wrote:
Chris,
Christopher X. Candreva wrote:
On Tue, 7 Nov 2006, Jim Redman wrote:
My observation is that of all the modern packages
On Nov 9, 2006, at 7:23 PM, Tom Metro wrote:
Dennis Peterson wrote:
Jim Redman wrote:
Your opinions, seem to be the prevalent attitude of the vocal
members of this list - if you don't suffer, it wasn't worth it.
His specific problem is he lacks the skill to install and manage
the product.
On Nov 10, 2006, at 9:45 AM, Jim Maul wrote:
Bart Silverstrim wrote:
On Nov 9, 2006, at 2:09 PM, Jim Redman wrote:
Folks,
I have to say, of all the lists I subscribe to, the vocal members
of this list are the most arrogant and insulting. However, I
consider comments such as Luca
On Nov 10, 2006, at 4:10 PM, jef moskot wrote:
On Fri, 10 Nov 2006, Bart Silverstrim wrote:
On Nov 10, 2006, at 11:07 AM, jef moskot wrote:
If some packages install without difficulty and others do not, then
how about we work together to bring the less efficient packages
in line
On Nov 10, 2006, at 6:28 PM, Gary V wrote:
Hmm, I wonder how many of the people who responded in one way or
another is actually familiar with the package in question. I
have been using Linux for a couple years now and have installed
thousands of packages. In general, I have not had any
On Feb 16, 2005, at 3:13 PM, vaida bogdan wrote:
Hy, I use postfix+mailscanner on my mail server to block a lot of
virii comming from my internal network. I would like to implement a
solution to block virii traffic on the internal gateway. The network
looks like this:
WIN-
WIN- GW1-
On Feb 16, 2005, at 7:04 PM, John Madden wrote:
In any case, Clam is a user supported project. ALL viruses are
submitted
by
end users. So, the only way response will get any better is if you
submit
new viruses you receive that get by clam.
It's not going to 'improve' any other way.
Well,
On Mar 21, 2005, at 5:10 PM, Brian Morrison wrote:
On Mon, 21 Mar 2005 20:06:02 +0100 in
[EMAIL PROTECTED] Julian Mehnle
[EMAIL PROTECTED] wrote:
Brian Morrison wrote:
Julian Mehnle wrote:
Probably more like: can we have 'technical-threats.cvd' and
'non-technical-threats.cvd' instead of
On Mar 22, 2005, at 6:35 AM, Dennis Davis wrote:
On Tue, 22 Mar 2005, Rob MacGregor wrote:
From: Rob MacGregor [EMAIL PROTECTED]
To: ClamAV users ML clamav-users@lists.clamav.net
Date: Tue, 22 Mar 2005 09:58:17 +
Subject: Re: [Clamav-users] Report Phishing attacks?
Reply-To: ClamAV users ML
On Mar 22, 2005, at 4:58 AM, Rob MacGregor wrote:
On Mon, 21 Mar 2005 17:01:48 -0400, Samuel Benzaquen
[EMAIL PROTECTED] wrote:
I can also say that they don't want to compete against commercial AV
vendors
as I have read here 2^32 times that we should use not _only_ clamav,
but a
list of AVs to
On Mar 22, 2005, at 8:05 AM, Dennis Davis wrote:
On Tue, 22 Mar 2005, Bart Silverstrim wrote:
From: Bart Silverstrim [EMAIL PROTECTED]
To: ClamAV users ML clamav-users@lists.clamav.net
Date: Tue, 22 Mar 2005 07:40:18 -0500
Subject: Re: [Clamav-users] Report Phishing attacks?
...
I believe
On Mar 22, 2005, at 9:43 AM, BitFuzzy wrote:
Bart Silverstrim wrote:
Personally, my gripe is that the product is called ClamAV. If it's
expanding it's mission to protect people from everything called
malware, I'd change the name to something that indicates it's a
malware detector
On Apr 15, 2005, at 9:39 AM, Joanna Roman wrote:
Can phishing be considered one kind of spam ?
Please no...please please no
___
http://lurker.clamav.net/list/clamav-users.html
Hello all...
Question...I recently tried booting up with the Ultimate Boot CD that
included INSERT Linux as one of the images. I booted to INSERT, ran
freshclam, then proceeded to scan a hard disk on which Windows 98 was
installed. I had a number of hits showing up within the Windows/system
On Apr 15, 2005, at 10:45 AM, BitFuzzy wrote:
Bart Silverstrim wrote:
I had a number of hits showing up within the Windows/system directory.
Heh, didn't Norton detect windows as a virus at one time?
I remember there was something that reported Windows as a virus. I
thought it was some old AV
On Apr 15, 2005, at 12:54 PM, Tomasz Kojm wrote:
On Fri, 15 Apr 2005 09:53:11 -0400
Bart Silverstrim [EMAIL PROTECTED] wrote:
Hello all...
Question...I recently tried booting up with the Ultimate Boot CD that
included INSERT Linux as one of the images. I booted to INSERT, ran
freshclam
On Apr 19, 2005, at 1:56 PM, Daniel J McDonald wrote:
On Tue, 2005-04-19 at 11:52 -0600, lists wrote:
How should I submit this to see if it is a virus?
Make certain detectbrokenexecutable is enabled.
Stupid question but I thought I might as well ask anyway...going in on
my own system to enable
On Apr 19, 2005, at 2:24 PM, Kelson wrote:
Bart Silverstrim wrote:
Do I want to remove the hash before DisableDefaultScanOptions in
order to get the
snip
sections to work?
No. This was discussed yesterday. There are options that are enabled
by default, and DisableDefaultOptions wipes those
On May 4, 2005, at 11:12 AM, Nigel Horne wrote:
On Wednesday 04 May 2005 16:02, [EMAIL PROTECTED] wrote:
. If you have received this
communication in error, please notify me immediately by telephone or
fax
But you haven't given your telephone and fax number, so how can you
expect
anyone to do
On May 5, 2005, at 8:02 AM, Matt Fretwell wrote:
Daniel J McDonald wrote:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should be
able to cope with all types of mail, irrelevant of
(creation|submission)
method.
But...if they're
On May 5, 2005, at 9:40 AM, Dennis Peterson wrote:
Bart Silverstrim said:
On May 5, 2005, at 8:02 AM, Matt Fretwell wrote:
Daniel J McDonald wrote:
as it is harder to scan those messages for viruses
Nonsense. Mail is mail. If you are running a mailserver, it should
be
able to cope with all types
On May 5, 2005, at 10:45 AM, Matt Fretwell wrote:
Bart Silverstrim wrote:
My webmail is configured to use our standard smtp servers for all
inbound/outbound mail. It really isn't all that difficult.
My understanding was that we were talking about people accessing Yahoo
or Hotmail from work
On May 5, 2005, at 2:38 PM, Matt Fretwell wrote:
Bart Silverstrim wrote:
This is actually two separate scenarios.
That was Daniel's fault instigated by his being vague :)
Now, a clever man would put the poison into his own goblet, because he
would know that only a great fool would reach for what
What is the current database version from freshclam for people out
there? I've been getting a huge number of bounces with german
subjects, addressed to people with usernames beginning with 3d (just
starting to investigate what is going on with this...) but the past few
freshclam runs have
Some more info...
I see in our amavis logs on our ClamAV system (postfix pre-filter
FreeBSD for email) this kind of listing...
/usr/local/sbin/amavisd[35705]: (35705-10) Blocked INFECTED
(Worm.Sober.P), [EMAIL PROTECTED] -
f-Ge2_bV@address snipped, Hits: -, tag=0, tag2=4, kill=4, L/0/0/0
That
On May 16, 2005, at 9:00 AM, Mike Blonder wrote:
I am also getting inundated with German gibberish spam. Would you mind
explaining the significance (if any) of the email address that you
posted? I
am finding that the German Gibberish garbage is spoofing a different
email
address with each
On May 16, 2005, at 9:59 AM, Mike Blonder wrote:
OK.
I think I get it. You had identified the oncbuv.com
http://oncbuv.comaddress as a source for the
sober.p garbage earlier and now it is showing up with the German
gibberish
garbage.
Sort of. I can't find oncbuv.com so it's spoofed. The IP
On May 16, 2005, at 10:52 AM, Rainer Zocholl wrote:
[EMAIL PROTECTED](Bart Silverstrim) 16.05.05 08:51
Maybe you should have simply entered it into google?
I'm quite sure that google would have lead you to the right place.
Yes, google can search for german strings too! IMOH ;-)
I did enter
On May 16, 2005, at 10:51 AM, Rainer Zocholl wrote:
[EMAIL PROTECTED](Bart Silverstrim) 16.05.05 08:27
What is the current database version from freshclam for people out
there?
It's always shown in the bottom line of
http://www.clamav.net/
Latest database release is: main.cvd 31 daily.cvd 879
On May 16, 2005, at 11:08 AM, Randal, Phil wrote:
It's easy to block.
Check the handler's Diary at http://isc.sans.org/ and follow the links.
Thank you, that's my next task when I get a block of time today.
Thanks again!
___
On May 16, 2005, at 11:06 AM, Thomas Hochstein wrote:
Bart Silverstrim schrieb:
That address had been hammering us over and over for awhile with
sober.p. Now it's become quiet.
Yes. Now the infected hosts are sending out spam containing (very)
right-wing political propaganda.
Don't read German
On May 16, 2005, at 1:41 PM, John Jolet wrote:
This email, for instance was sent from a properly configured mta
running antispam and antivirus scanning in BOTH directions, from a
dynamic ip. If my wife sends email from her computer, it goes to the
isp's mta, which does inbound only scanning.
On May 16, 2005, at 1:54 PM, Rainer Zocholl wrote:
[EMAIL PROTECTED](Bart Silverstrim) 16.05.05 11:05
I did enter it in when I first discovered it, but there were no hits.
Ok, next time mention it ;-)
Here I thought it was common sense now! :-)
Apparently it will be very hard to block if it's
On May 16, 2005, at 5:43 PM, Dennis Peterson wrote:
Most of the spam I've gotten the last three days is from comcast.net.
Apparently they allow their customers to send out to port 25. They
should
lock that down so that spam goes out through their own servers so they
can
feel the pain when they
On May 17, 2005, at 2:17 AM, Alan Premselaar wrote:
Jef Poskanzer wrote:
..snip...
And finally, if you want to run a check on the HELO string, I find
that just rejecting outside connections that claim a HELO of your own
hostname gets rid of a very high proportion of crapmail. This
very simple
1 - 100 of 130 matches
Mail list logo