Please Change Your Address Book
Thank you for emailing me. Your email has been received, and I will
respond as soon as possible.
We are pleased to announce that Rand Realty has recently affiliated with Better
Homes and Gardens Real Estate. Accordingly, our email addresses have
changed from
Please Change Your Address Book
Thank you for emailing me. Your email has been received, and I will
respond as soon as possible.
We are pleased to announce that Rand Realty has recently affiliated with Better
Homes and Gardens Real Estate. Accordingly, our email addresses have
changed from
Please Change Your Address Book
Thank you for emailing me. Your email has been received, and I will
respond as soon as possible.
We are pleased to announce that Rand Realty has recently affiliated with Better
Homes and Gardens Real Estate. Accordingly, our email addresses have
changed from
For today, 9/19/07, I will be out of the office with limited access to email.
Please contact [EMAIL PROTECTED] or [EMAIL PROTECTED] for urgent computer
issues.
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsu
o the point.
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Marc Catuogno
> Sent: Thursday, July 12, 2007 11:54 AM
> To: Declude Virus
> Subject: [Declude.Virus]
>
>
>
> Marc Catuogno
> MIS Director
> Prude
Marc Catuogno
MIS Director
Prudential Rand Realty
845-825-8025
[EMAIL PROTECTED]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at http:
aded the intelligent updater for NAV 9 (as the live update
button only gave me definitions of the 21st) and am running a scan now.
Remind me not to make so much fun of other people for opening attachments.
Marc
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf O
really rare information about the /AI Switch...
just found this about "Neural network":
http://www.f-prot.com/support/windows/fpwin_faq/17.html
We will not use it, because increases the risk of false alarms.
marc
At 03:55 29.03.2006, you wrote:
>What is the value of the "
SCANFILE C:\Progra~1\FSI\F-Prot\fpcmd.exe /TYPE /SILENT /PACKED /NOMEM
/ARCHIVE=5 /NOBOOT /DUMB /REPORT=report.txt
marc
At 18:46 28.03.2006, you wrote:
>After seeing Matt's response I'm curious what other users are using for
>their F-prot switches. Some of the switches Mat
I didn’t get an e-mail. Don’t
you like me? : )~
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Friday, February 10, 2006
1:47 PM
To: Declude.Virus@declude.com
Subject: [Declude.Virus] Changes @
Declude
In the last 10 days
we have
Behalf Of Matt
Sent: Monday, January 30, 2006
9:10 PM
To: Declude.Virus@declude.com
Subject: Re: [Declude.Virus] Blank
folding vulnerablity help
Marc,
2.0.6.16 is as solid as any release that I have seen, and I can't see how you
would have any issues with upgrading to it, nor are ther
2.0.6.14 and higher. I think it came along somewhere after 2.0.6.0
Matt
Marc Catuogno wrote:
Matt thank you – What version of Declude is needed for
these “allows”?
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
On Behalf Of Matt
Sent: Monday, January 30, 2006
5:09 PM
To
Marc,
It was certainly a vulnerability at one point, but it was discovered years ago
and should be long patched, plus I have never ever seen an exploit; I have
however seen a steady stream of false positives with it.
You can turn this off by using the following line in your Virus.cfg so long as
you
Somebody is sending e-mail that must get
through (of course) and it is failing the blank folding Vulnerability test.
What can I tell this person they should do to not have this e-mail get
caught? I don’t want to allow vulnerabilities through but….
01/20/2006 07:25:44 Qd6c809e500d45890
ober flood two weeks
ago, again all symptoms like your description, also new users was created like
po, post, postma, postmaster, ...
so i am sure this is a declude issue.
Windows 2000 Server
Imail 8.15 HF2
Declude Virus Standard 1.82
F-Prot
Marc
At 18:49 09.12.2005, you wrote:
>What I
ndle filtering
>these out, but that worked well for us.
>
>Darin.
>
>
>- Original Message -
>From: "Marc Catuogno" <[EMAIL PROTECTED]>
>To:
>Sent: Wednesday, November 23, 2005 9:12 AM
>Subject: [Declude.Virus] OT: Virus Backscatter
>
>
&
The latest outbreak has caused me a great deal of backscatter. You sent a
banned file, virus in an attachment sent by you, undeliverables and so. I
am very hesitant to try to create rules in JM to stop all notices like this
because some of them are necessary. I've pretty much told the users to
i
You have a user base that is educated and that you trust enough to click a
link that would send them a potential virus? I so envy you...
I'm scared to let them open and send and receive regular e-mail. I had one
user ready to open an account for someone in Nigera.
-Original Message-
Fro
Here is something we use on the agent machines to help block some common
spyware sites we bought 150 licenses and set up WGET to update it
automatically nightly.
http://www.spywareguide.com/blockfile.php
We also use spyware blaster, spybot, ms Anti-spy and have written some
custom reg blocks that
I've gotten a few:
26KB files named 1.zip, 7.zip and work.zip so far
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darrell
([EMAIL PROTECTED])
Sent: Tuesday, May 31, 2005 11:22 AM
To: Declude.Virus@declude.com
Subject: Re: [Declude.Virus] New virus
John,
Sorry to hear about that – it sucks.
There was something I heard once about
having identical drives mirrored. That if they were from the same vendor
and the same model and lot number they can fail at the same time. The IBM
Deskstar was apparently notorious for this. If I’m bu
? I'm stumped -
Thanks -
Marc
---
[This E-mail scanned for viruses by Declude Virus]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.Virus".The archives can be found
at
a?
Thanks -Marc
---
[This E-mail scanned for viruses by Declude Virus]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscrib
197 as the Advanced Encryption
Standard (AES).
Note: Recipients to whom you send AES-encrypted Zip files must have a
compatible Zip file utility, such as WinZip 9.0, in order to decrypt the
files.
Marc
---
[This E-mail scanned for viruses by Declude Virus]
---
[This E-mail was scanned for
John,
Been there..doing that. My concern is that Customer
#2's email will be incorrectly blocked due to DECCON's "memory". I felt it would
be safer to stop the SMTP service before killing the deccon
instance.
-M---"Problems are only opportunities in work
clothes." -- Henry J. Kaiser
--
Scenario: Dialup ISP using dynamic IP
allocation.
Customer #1 using IP address of 1.2.3.4 trips
threshold #2. Logs off.
Customer #2 logs on and obtains the same IP that
customer #1 had (1.2.3.4)
My understanding is that HiJack will block Customer
#2's outbound email as well. At least until
I also run crap cleaner - it can be set to clean the prefetch, temp Internet
files, C:\Documents and Settings\User\Local Settings\Temp and more. It has
helped me get virus/Trojan files that won't other wise delete. Also the
online scan from Trend Micro is also a great help. It has been a great hel
enter/venc/data/[EMAIL PROTECTED]
>http://vil.mcafeesecurity.com/vil/content/v_130130.htm
>
>
>
>- Original Message -
>From: "marc" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Thursday, November 25, 2004 12:01 AM
>Subject: Re: [Declude.Virus]
i think thats not by a clients PC virus. i got just right the ip using the
imail1.exe to existing and no existing users (217.255.255.100) searching
the log*.txt
itsd using different pc names
sorry about this post, because this is not a declude issue
marc
At 16:45 24.11.2004, you wrote
same here after the update to 8.14 and hf1
marc
At 15:57 24.11.2004, you wrote:
We had same issue, then mysteriously got fixed.
Imail was aware of it as we had opened ticket.
Everytime this would happen, the affected domain registry entry would have
some weird users and entries (dont recall
scott, it is never too late and i think your are right with the 90%
of your customers.
marc
At 13:09 26.10.2004, you wrote:
[Replying to several posts here]
Here's a thought - what about a Declude mail server?
It sounds like a great idea, but it would also be a huge undertaking. By
I couldn't get Clamav to run on mine. May I ask what version of ClamAV you
are using? When I installed it I couldn't figure out if it was in and
Declude kept throwing me an error. What is your Declude config line ?
Thanks -
Marc
-Original Message-
From: [EMAIL PROTECTE
Can we advise anyone sending pictures from a MAC to zip them? Change the
extension? Would either solution bypass the scanning?
Marc
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry
Sent: Thursday, September 30, 2004 7:53 AM
To: [EMAIL
I have found 5 false positives over the last 24 hours. Arrghh! 3 came from a
local photographer sending photos to a local newspaper. FWIW, he was using
an Apple. The other 2 came from a user receiving pic's from
picturecd.kodak.com.
-M
- Original Message -
From: marc catuog
Thanks-
Both jpgs held were sent by the same person - a graphic designer using a
MAC. If that helps you change the code.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry
Sent: Wednesday, September 29, 2004 10:52 AM
To: [EMAIL PROTECTED]
Sub
/10.1.0.2006
Does he need to update his version? Or is it something else?
Marc
---
[This E-mail scanned for viruses by Declude Virus]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe
At 19:58 28.09.2004, you wrote:
>Is it required we run the install program or can we just replace the
>declude.exe as in previous updates?
>
>Doug
it is not required to run the install program, just stop smtp, replace
declude.exe, start smtp works fine here.
marc
[Scanned fo
omatically
detect the JPEG exploit!?
marc
At 14:18 28.09.2004, you wrote:
>Hi Uwe:
>
>I am not sure where you are seeing 3.15A- I downloaded B version last week
>by logging into our account on F-Prot site.
>
>Kami
[Scanned for viruses by Declude Virus]
---
[This E-mail was sc
/ARCHIVE=5
/NOBOOT /DUMB /REPORT=report.txt
# SKIPEXT GIF
# SKIPEXT JPG
SKIPEXT TXT
SKIPEXT MPG
SKIPEXT PNG
A Desktop AV F-Prot 3.15B (same version and updates) detect the JPEG
exploit. any ideas?
marc
At 23:31 27.09.2004, you wrote:
Same here. Is there a way to make f-prot w\Declude catch these?
The
I am with Kris, thats a great solution, we just in planning here.
And of course, deleting all "nobody" aliases...
marc.
At 19:17 21.09.2004, you wrote:
>I had two gateways running declude, both boxes were Dual Xeon 2.8Ghz, 2GB
>Ram, 3x36Gb 15K scsi, 128MB Raid controller and both
Apparently it's another variant of the ubiquitous Bagle worm.
http://www.eweek.com/article2/0,1759,1633739,00.asp
-M
- Original Message -
From: Bob McGregor
To: [EMAIL PROTECTED]
Sent: Monday, August 09, 2004 3:18 PM
Subject: Re: [Declude.Virus] strange zip file
It appears as though
e price
Thanks - Marc
---
[This E-mail scanned for viruses by Declude Virus]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], a
Title: OT: Hello?
Hi
Sharyn.
I
haven't seen anything today either, maybe everyone in the north-east is out
looking at that strange yellow object in the sky (the sun) and trying to dry
out.
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On
Behalf Of Shar
http://www.informationweek.com/story/showArticle.jhtml?articleID=25600493
According to this it is double zipping so the only way I can think of
stopping it is by banning .zip files completely.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Matt
Sent: M
sions can be added to the wish list for
Declude Virus? Maybe even a BANZIPEXT ON (not just e-zip) so that people
can get zipped .JPGs but not zipped .exe's
Thanks - Marc
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry
Sent: Monday, July
Also, I have temporarily blocked all zip files, as I am seeing quite a few
that are not being caught by banned extension or F-Prot or AVG. I am
investigating these.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
> -Original Message-
> From: [EMAIL PROTECTED]
[mailto:[EMAIL
?
CRAP. Maybe I should go back to the last beta...
I am using F-protect and I updated it about noon and I'm using an interim
downloaded about three days ago.
Marc
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of marc catuogno
Sent: Monday, July 26, 2
Sorry - yes Virus defs are up to date. I have blocked .zip files for now.
I think that they are non-viable files that are slipping through, but I need
to stop them as all my users want to know what is going on...
I will remove the erroneous entries from my config file.
Marc
-Original
I am running Declude 1.79 and this is in my CFG file:
BANEZIPEXTS ON
BANEXT com
In desperation I have added:
BANNAME prudentialrand.com
BANNAME prudentialrand.com.zip
BANNAME prudentialrand.zip
BANNAME [EMAIL PROTECTED]
BANNAME *prudentialrand.com.zip
The files are still getting through to my u
They are still getting through to my users. Even though
Anyway to banexten on this one? Something like
BANNAME *prudentialrand.com.zip
Or
BANEXT com.zip
It is creating some confusion and I'm not sure if it's a viable virus that
is getting through or not. I'd like to stop it re
Bonk Bonk on the head... (yes it was Miri)
I'd just like to get more people thinking about securing their systems (as I
have spent the last hour on a new agents machine removing Ncase and all the
other spyware), at least minimally, because it really is scary thinking
about what a determined hacker
ets and duct tape away for the
time being :)
Matt
marc catuogno wrote:
>What do you guys think of this?
>
>http://antivirus.about.com/od/virusdescriptions/a/atakb.htm
>
>I've forwarded it to all my users, maybe they will take their computer
>security more seriously.
&g
What do you guys think of this?
http://antivirus.about.com/od/virusdescriptions/a/atakb.htm
I've forwarded it to all my users, maybe they will take their computer
security more seriously.
Marc
---
[This E-mail scanned for viruses by Declude Virus]
---
[This E-mail was scanned for virus
I checked a few out and figured they weren't dangerous and told everyone
that they were corrupted or "stripped" attachments... but the support calls
and e-mails about the passworded zip files that everyone got, what a waste
of time, sigh.
I did a Baname on what was listed as possible file names f
I am running 1.79 (I don't remember which interim but
I wil D/l the latest)
I have in my global config:
BANEXT EZIP
BANEZIPEXTS ON
I am still getting some e-mails through. They are zip files 67 bytes or so
and don't seem to have anything in them nor are they password protected. Any
way to stop
Start;Programs;Imail;Imail release notes -
I'm really shocked that they don't put this in Imail admin or help or
something...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Scott Hahn
Sent: Wednesday, April 28, 2004 8:40 PM
To: [EMAIL PROTECTED]
Subject:
I believe you are in the same exact situation you were before the trial.
Imail would've passed on the spam and viruses too with out Declude. I would
buy it, really, it is the only thing saving my butt...
Marc
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On B
her e-mail
Marc
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry
Sent: Friday, March 19, 2004 11:00 AM
To: [EMAIL PROTECTED]
Subject: Re: [Declude.Virus] OBJECT CODE vulnerability?
>Am I wrong in assuming that this will only affect pe
TECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nick
Sent: Tuesday, March 16, 2004 6:18 PM
To: [EMAIL PROTECTED]
Subject: Re: [Declude.Virus] NAV 2003 catches passworded virus??
On 16 Mar 2004 at 17:20, marc catuogno wrote:
Marc,
I do not have Norton so I cannot test it - have you sent to y
would be caught, and it was - before it was
opened.
Again, this isn’t really important,
but I’d like to know how it is happening. Any theories???
Marc
-Original Message-
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Tuesday, March
16, 2004 2:54 PM
To: [EMAIL PROTECTED
I think this has been brought up a few times, I think it would be a good
option as well once it is tweaked.
You forgot PDF, txt, bmp, wks, wpd, ppt and maybe .zip : )
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan Shadix
Sent: Tuesday, March 16, 200
If you want I can send it to you, it isn't important but I found it curious.
All I know is it is a virus, it is reported as beagle.j by NAV, it is in a
passworded .Zip file, there in nothing but the word "test" in the body of
the e-mail and it is caught by the e-mail scanning as it goes out.
---
Plain old NAV 2003 on my Win XP workstation that scans e-mail - sorry for
not being specific. BUT the weird thing is there was no e-mail with a PW.
I had saved the file from one that had gotten through and attached it to a
e-mail with the only the word "test" in the body of the e-mail. I don't eve
I was trying to test the latest interim and when I tried to send myself a
copy of the virus, NAV outbound scanning caught it even though it was
passworded. I tried to unzip it to make sure and it does require a password.
I didn't think they could detect it like that...
---
[This E-mail scanned fo
I hate to say it, because it sucks, but I had mentioned it before... A
challenge/response system for attachments. It could cause a bunch of crap,
but since all these viruses forge the return address a user is likely to say
"no, I didn't send that" and that could reduce the number of viruses
expone
had the capability to do this, it is unlikely that I would include
any info that could connect me to the message, just in case
Marc
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of John Tolmachoff
(Lists)
Sent: Thursday, March 04, 2004 7:50 PM
To: [EMA
Does anyone have a way of using doing this? I mean if scumware people and
pornographers can use the windows messenger service why can't I? I know it
wouldn't always work, but most of the IP's I get in my virus notifications
are from Road Runner or Cablevision. I'll bet more than half of those
pe
Scott - you may shoot me for suggesting this, especially if it has been
suggested before. I am not a programmer so I suggest this not knowing how
difficult it may be, but if both Virus and Junkmail use the declude.exe is
it possible to have things like BANEZIP be defined as a test in the global
fil
Thanks Scott!!! I just D/Led i9 and changed my config file to:
#BANEXT EZIP
BANEZIPEXTS ON
I sent myself the virus, twice,and it held it in the /spool/virus directory.
I am also seeing more files start to accumulate there.
Marc
---
[This E-mail scanned for viruses by Declude Virus
D:\IMail>declude -diag
Declude 1.78i8 (C) Copyright 2000-2004 Computerized Horizons.
Diagnostics ON (Declude v1.78i8).
Declude JunkMail: Config file found (D:\IMail\Declude\global.CFG).
Declude Virus: Config file found (D:\IMail\Declude\Virus.CFG).
Declude Hijack:Not installed (no D:\IM
Confirmed. I commented out
# BANEZIPEXTSON
I left in:
BANEXT EZIP
And resent myself the virus and it was blocked.
Marc
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Todd Ryan
Sent: Wednesday, March 03, 2004 11:18 AM
To: [EMAIL PROTECTED
Sorry for my incomplete message what I meant to say is that they are still
getting PASSWORDED zip files.
Even with the addition of BANEXT EZIP
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry
Sent: Wednesday, March 03, 2004 10:48 AM
To: [EM
F.Y.I. I am running the latest interim release: 1.78i.8 and have
BANEZIPEXTS ON
In my config file but several people have complained to me that they are
still getting the zipped files.
I have added
BANEXT EZIP
In the hopes of stopping them all now.
Marc
---
[This E-mail scanned for
number of file
extensions through. After looking through Kami's blocked list I find that
there are enough potentially malicious attachments that I don't know about
or could be developed before I know to block them.
Marc
---
[This E-mail scanned for viruses by Declude Virus]
---
[This
I didn't see your last e-mail? What virus?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kami Razvan
Sent: Wednesday, March 03, 2004 8:32 AM
To: [EMAIL PROTECTED]
Subject: [Declude.Virus] Update- New virus
Hi;
Just to update my last email.
I saw a woefully inadequate report on this virus on Fox 5 NY last night -
don't even get me started, do these reporters even talk to people who deal
with viruses? Love how they report it as "new" yesterday - but anyway, the
reported called it net-ski. I have been inclined to call it that as well.
I am running the latest beta 1.78.
I have the following in my virus.cfg file:
BANEXT scr
BANEXT pif
BANEXT bat
BANEXT exe
DELETEVIRUSES ON
Yet I am still seeing e-mails with .PIF extensions being held in the virus
subfolder. I'm concerned that these are mak
That was a great list. I have the following extensions blocked as well:
BANEXT data
BANEXT link
BANEXT unk
BANEXT uue
I wish I remember why - but I imagine it won't hurt...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
bother to acutally read the statement and
follows the information to deliver the mail whether she remembers it or not
and cousin Fred is infected.
Challenge/Response is ok for end users, but I don't see a real benefit for
it with servers.
Rich
- Original Message -
From: "marc
program though...
I dunno I guess I'm just typing what I'm thinking, maybe I'm just posting
this to start an argument or get flamed.
Marc
---
[This E-mail scanned for viruses by Declude Virus]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
Scott - did you ever find these guys? They still don't get it...
-Original Message-
From: Postmaster [mailto:[EMAIL PROTECTED]
Sent: Friday, January 30, 2004 10:08 AM
To: [EMAIL PROTECTED]
Subject: Your mail server sent us a virus
The Declude Virus software on our mail server detected t
AH! That is a nice feature that I must have missed!
Gratzie!
Marc
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Markus Gufler
Sent: Monday, January 19, 2004 09:42 AM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.Virus] new forging worm: Bagle
> Would
Wouldn't you want to also update your otherpostmater.eml and sender.eml
with:
SKIPIFVIRUSNAMEHAS Bagle
SKIPIFVIRUSNAMEHAS Beagle
To stop the bogus warnings?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Markus Gufler
Sent: Monday, January 19, 2
Is there any way to disable the Partial (Fragmented) Vulnerability check?
Thx.
-Marc
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
How is everyone blocking this virus?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of R. Scott Perry
Sent: Monday, November 03, 2003 1:41 PM
To: [EMAIL PROTECTED]
Subject: Re: [Declude.Virus] Zips are corrupt
>They are regular emails, I just sent you an
I have been doing that, but I have heard that IMAIL's CAL can only
handle 100 IPS and I am running at about 90 now. Most of the offenders
are from Optimum online, I could block their whole IP range, but then I
think my home Optimum users trying to POP or SMTP (maybe even
Webmail)won't be able to c
Last night I got hammered with about 3,000 "sobigs" in the course of
about 2 hours from one infected computer - it seems this particular
computer had almost every address from my domain on it. This morning I
got about 100 from another computer - the strange thing was that all 100
were sent to a si
This maybe a stupid observation so bear with me please.
As I was adding more and more IPs to the control access list something
occurred to me. It seems that most of the offending IPs are from
cablevision companies. If I could get the range of their dynamic IPS I
could block them all, permanently
Scott can you bitch slap this moron? I've sent him three separate
e-mails with detailed instructions (I think I even copied one to the
list) on how to turn this off in Declude and he hasn't replied once.
Maybe you have a better contact e-mail.
Marc
-Original Message-
From:
AMEHAS Vulnerability
SKIPIFVIRUSNAMEHAS Bugbear
SKIPIFVIRUSNAMEHAS Bridex
SKIPIFVIRUSNAMEHAS Braid
SKIPIFVIRUSNAMEHAS Palyh
SKIPIFVIRUSNAMEHAS Fizzer
SKIPIFVIRUSNAMEHAS Ganda
SKIPIFVIRUSNAMEHAS Dumar
Good luck -
Marc
-Original Message-
From:
I had to argue with an IMAIL admin with Declude for two days and had to
e-mail him the damn otherpostmaster and sender eml files before he would
change them.
I hope my change took effect... : )
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of John Tolmach
l access
button
You must stop and restart SMTP for the changes to take effect
Marc
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan Spangenberg
Sent: Saturday, August 30, 2003 1:51 AM
To: [EMAIL PROTECTED]
Subject: RE: [Declude.Virus] SoBig
Where are you den
So if a forged user from my domain sends a message to another IMAIL machine
to a user that doesn't exist and then their Imail Machine rejects the
message. I'm assuming that postmaster gets the entire message (virus
included) based upon the forged domain. So I would get the message, even
though no
But since the subject that you are receiving is "undeliverable : RE:
Details" isn't that his server is just returning the message Unless the
virus has more subjects then the list of subjects that I am aware of.
Looks like the original message had the virus attached and that was
Declude detected wh
Um - I'm not sure, but I think he may be right. The declude virus catch
looks like a bounce from his server, not sent through his server. As
you said the e-mail address is forged - so if an infected computer has a
user from your domain and a bad address from his, once his server can't
deliver the
The Pentagon? REALLY??? That's friggin scary as hell
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of R. Scott Perry
Sent: Wednesday, August 20, 2003 06:32 PM
To: [EMAIL PROTECTED]
Subject: Re: [Declude.Virus] Notifying Postmasters/ISPs etc of viruses
even
if we got a few
Marc
---
[This E-mail scanned for viruses by Declude Virus]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], a
I just ran a manual scan on the spool virus directory with F-protect and it
identified all the held viruses as [EMAIL PROTECTED] - BUT I did run an update
immediately before that even though I ran it this morning.
Marc
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED
I thought BANEXT worked before the scanner? DAMN... maybe my f-protect.exe
is old and not catching viruses?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of R. Scott Perry
Sent: Wednesday, August 20, 2003 04:03 PM
To: [EMAIL PROTECTED]
Subject: Re: [Declude
eted for BANEXT?
Thanks - Marc
---
[This E-mail scanned for viruses by Declude Virus]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
ty
1 - 100 of 104 matches
Mail list logo