Re: [Declude.Virus] Virus bypassing newer MX records

At 12:17 PM 6/15/2004, Matt wrote: This domain was recently moved to our DNS and I suspect that someone at their old DNS hosting provider is infected and using their old unremoved DNS entries and that is why they are bypassing us. Note though that some spammers are definitely caching old

Re: [Declude.Virus] Virus notifications

At 01:23 PM 6/15/2004, David Fletcher wrote: Hi all, I know I should have stayed on top of this all along, but we need to make some adjustments now. What is the current recommendation as far as virus notification setting goes? We need to make sure we aren't doing more harm than good in this

Re: [Declude.Virus] [OT] Possible Virus that has arrived

At 07:51 AM 5/20/2004, Jeff Maze wrote: Just writing the list to let Declude know that I've forwarded a suspicious file (report.zip). It was a zip file that contains a PIF file. Neither F-Prot on mail server nor NAV2k4 on client machine hit on this file. BANFILE EZIP is enabled within Declude.

[Declude.Virus] IPBypass and notifications

Just set up a gateway mailserver, and I realized that if a virus comes through the gateway, the notification that gets sent out sees the gateway mailservers IP address. Is there a way to hook the IPBypass functionality into Declude Virus? Thanks, Russ --- Russ Uhte, CCNA, MCP, A+ Network

[Declude.Virus] Forging Virus

I'm running Declude v1.76i14, and it is my understanding that this version will lookup the virus name via DNS to see if it's forging or not. It appears that the below virus is forging, but I believe my logs show it trying to send a notification to the sender. Is this common behavior on

Re: [Declude.Virus] W32_Webb_Worm Policy - Is this a new hoax

At 10:40 AM 10/7/2003, William Baumbach wrote: I received one today. the email had NAV32.zip and in the zip file was NAV32.exe it was NOT detected as a virus by EITHER F-Prot or AVG I can't believe this wouldn't be caught... gez... Looks like Declude to the rescue... BANNAME NAV32.zip. As a

RE: [Declude.Virus] W32_Webb_Worm Policy - Is this a new hoax

At 11:07 AM 10/7/2003, Greg Foulks wrote: How do you ban a file by name? The manual only shows how to ban by extension. I believe it's only available in the Beta version. Here is the Release Notes that introduced it. http://www.declude.com/relnotes.htm. Thanks, Russ --- [This E-mail scanned

[Declude.Virus] Forging Swen

Maybe I'm mistaken, but this appears to be a Swen that was forged... First one of seen. Declude Virus v1.75 caught the W32/[EMAIL PROTECTED] virus !!! in cgzkcu.exe from [EMAIL PROTECTED] to: [EMAIL PROTECTED] *** Date: 10/02/2003 12:12:02 Subject:Error Advice Spool File: