Hi Scott,
Could you add the link to the page explaining about
the vulnerabilities ( http://www.declude.com/virus/vulnerability.htm)
to the virus manual page at the relevant place? I needed that link and was
unable to find it on the site via any other link.
Searching for vulnerability did
Hi,I thought with 1.79i6 I would have gotten rid
of these unkown virus inunknow file messages.Here is the log snippet
from Declude:05/02/2004 19:09:50 Q2b5d083f02240435 MIME
file:[message/delivery-status][*DEFAULT*; Length=1879
Checksum=156911]05/02/2004 19:09:50 Q2b5d083f02240435 Warning:
I thought with 1.79i6 I would have gotten rid of these unkown virus in
unknow file messages.
This will be fixed in the next release (this issue just affects the
Unknown ??? file vulnerabilities when the extension that is detected is
also banned).
Could you add the link to the page explaining about the vulnerabilities (
http://www.declude.com/virus/vulnerability.htmhttp://www.declude.com/virus/vulnerability.htm
) to the virus manual page at the relevant place? I needed that link and
was unable to find it on the site via any other link.
My machine keeps sending out viruses notices for the Swen virus.
I have:
SKIPIFVIRUSNAMEHAS Swen
in the top of my otherpostmaster.eml file.
I also have:
FORGINGVIRUS Swen
In my virus.cfg file.
Am I missing something why the notices are still sent out?
David
---
[This E-mail was
My machine keeps sending out viruses notices for the Swen virus.
I have:
SKIPIFVIRUSNAMEHAS Swen
in the top of my otherpostmaster.eml file.
The problem is that that line can only have one space or tab on it. If you
change it to:
SKIPIFVIRUSNAMEHAS Swen
then it will work.
The last part of the Sophos description:
Sophos researchers have also discovered that hidden inside the code of
Netsky-AC is the following text, directed towards anti-virus companies:
Hey, av firms, do you know that we have programmed the sasser virus?!?. Yeah
thats true! Why do you have named
Hello David,
BANEZIPEXTS ON
Sorry to jump in but just a couple of thoughts.
Are you running the Pro version of Declude? I don't think BANEZIPEXTS
works on the Standard version. Secondly, I believe, in special
circumstances, some admins configure Declude Junkmail to run before
Declude AV. I
Create a txt file, rename to cpl, then send to your self.
It should be in the spool\virus folder.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
On Behalf Of Robert Grosshandler
Sent: Monday, May 03,
Make sure Imail didn't reset the Delivery Application. Imail
Administrator
Click Localhost Services SMTP Advanced
Should be Declude.exe in the Imail directory (ex. C:\Imail\Declude.exe)
John
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of John
You should/need to be able to figure out from the logs the spool file name.
One thing to try is search the logs for your incoming e-mail address in the
time frame you got it.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-Original Message-
From: [EMAIL PROTECTED]
Ah, if were that easy. It actually went to a support e-mail box, which gets
dozens of emails a minute sometimes, under all sorts of different aliases.
---
[This E-mail scanned for viruses by Declude Virus]
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
Upgraded to 8.11 - no apparent issues. Did a reboot just in case.
About 1.5 hours later, a bagle virus, in a .cpl file, found it's way to my
computer. McAfee alerted me.
Unfortunately, McAfee completely wiped out any trace of said virus, so I'm
unable to go back to logs on server to confirm
RSP That may mean that you have a problem. Are you running v1.79 (with
BANEXT
RSP EZIP in the virus.cfg file), the latest .exe of your virus scanner, and
RSP latest definitions?
Yep, yep and yep.
Could you E-mail one of the .smd files to our virustrap@ address? We can
then run some tests on
Hello R.,
Friday, April 30, 2004, 9:30:44 PM, you wrote:
RSP Note the directory P:\SPROTECT\Virus\ -- Trend is finding a virus that
RSP Declude Virus already found. :)
P:\SPROTECT\Virus\ is where Trend puts a virus after it finds one.
My default file for Declude to put viruses is L:\VirusTrap
15 matches
Mail list logo