BANEXT EZIP
BANEZIPEXT ON
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.Virus-
[EMAIL PROTECTED] On Behalf Of Bennie
Sent: Sunday, March 07, 2004 4:03 PM
To: [EMAIL PROTECTED]
Subject: Re:
SWEN is not known to be forging. Every one
that I have seen came from the sender that was indeed infected.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt
Sent: Sunday,
No such thing as BANEXT EZIP??
Taken from one of Scott's posts:
Gary
From: R. Scott Perry
Subject: RE: [Declude.Virus] Scan Password Protected Zip's
Date: Tue, 02 Mar 2004 12:44:39 -0800
Do you think
No such thing as BANEXT EZIP??
I believe he meant There is no such thing as BANEZIP ON (because there
isn't one of those). But Don re-posted the summary that I had sent out
last week, which has all the details in it.
-Scott
---
Declude
Tis what I get for trying to think at such an hour. :S
Rereading your posts, yes, I meant BANEZIP ON does not exist.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.Virus-
[EMAIL PROTECTED] On Behalf Of R. Scott
Swen does forge. Sometimes it sends a fake bounce message to spread
which is different from the primary payload. The message also will
forge the From address while using the Mail From of the infected
computer.
I'm thinking this is more so the difference between what we consider
forging, and
Yes, Swen forges.
I don't send any auto-notice to sender or recipient on forging viruses.
You don't know who the "real" sender is and it does nothing useful for
the recipient to hear "an unknown PC Sent you a virus, but it was
blocked by the server".
For most of the Macro viruses (and some
Yes, Swen forges.
FWIW, we haven't yet seen a single copy of Swen that forges.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers
since 2000.
Declude Virus: Catches known viruses and is the leader in mailserver
Just to clarify. Swen forges the From address, but not the Mail From
address.
I'm reevaluating my choice to only send recipient notices. I may just
change to sender notifications only with SKIPIFFORGING.
Matt
R. Scott Perry wrote:
Yes, Swen forges.
FWIW, we haven't yet seen a single
I'm not seeing both a From and a Mail from listed in the headers that
come back from Declude.
So, it must be in some detail that not in %headers%.
I take it that Declude will send it to the Mail from. Looks like I'll be
testing with Swen Not forging.
You'll see the return address in the
John,
My apologies as I completely missed your first message.
Yes this is somthing will look into adding.
Stu
Any comments?
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-Original Message-
Feature request:
List number by extension messages held for banned
I have added
BANEXT EZIP
BANEZIPEXT ON
To my virus.cfg file and tested it. No doubt that the passworded .zip files
are not getting thru, but also normal .zip files are not either.
I am getting a little confused (but hey that's easy for me) about it all now
Is there something else I
12 matches
Mail list logo
