http://securityresponse.symantec.com/avcenter/venc/data/[EMAIL PROTECTED]
Sheesh! That's nice.
What really gets me on these bugs, is that you're supposed to disable System
Restore in ME/XP You would think that compressed backup data would be
immune to this sort of thing. What's the point of
If I where you and the infected machine connected directly to your
mailserver I would create a BAN in Imail for this ip to prevent it to
even connect and send anything to your server.
/ Eje
Monday, September 8, 2003, 5:28:14 AM, you wrote:
JP I have sort of resigned myself to just continue
I'm tired of doing that
- Original Message -
From: Eje Gustafsson [EMAIL PROTECTED]
To: Jeff Pereira [EMAIL PROTECTED]
Sent: Monday, September 08, 2003 10:42 AM
Subject: Re[2]: [Declude.Virus] SoBig more prolific now?
If I where you and the infected machine connected directly to
Curious is there any way to disable/prevent double extensions as
attachments ?
With one of the last new viruses this weekend one virus managed to
slip through between my automated updates to at least myself.
And this was a double extension .JPG.exe there are no reasons what
soever in my opinion
I have been doing that, but I have heard that IMAIL's CAL can only
handle 100 IPS and I am running at about 90 now. Most of the offenders
are from Optimum online, I could block their whole IP range, but then I
think my home Optimum users trying to POP or SMTP (maybe even
Webmail)won't be able to
Thanks Scott.
Sorry for the first direct mail. Was supposed to been to the mailing list.
Would it be possible to spec what double extensions you wouldn't
allow?
Say
BANEXT TXT.EXE
BANEXT JPG.EXE
BANEXT GIF.EXE
Where you assume there always is a . infront of the first
extension ?
That would
We have blocked .exe since the day we could block it.
If anyone wants to send a .exe he/she is intelligent enough to be able to
zip it. Accepting .exe is asking for trouble.
Outlook Express by default will block .exe .. I am not sure about Outlook
but I don't think it does.
We have an
a.. Microsoft Outlook 2002 does block most file extensions by default, here
is a list of what it blocks and info on how to change its default behavior
http://support.microsoft.com/default.aspx?scid=kb;en-us;290497
Sincerely,
William J. Baumbach II [EMAIL PROTECTED]
9975 Pennsylvania Ave.
Thanks Kami.
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.Virus-
[EMAIL PROTECTED] On Behalf Of Kami Razvan
Sent: Saturday, September 06, 2003 1:12 PM
To: [EMAIL PROTECTED]
What really gets me on these bugs, is that you're supposed to disable
System
Restore in ME/XP You would think that compressed backup data would be
immune to this sort of thing. What's the point of having sys restore if
everytime you MAY have a virus you need to wipe ALL the restore data?
Would it be possible to spec what double extensions you wouldn't
allow?
Say
BANEXT TXT.EXE
BANEXT JPG.EXE
BANEXT GIF.EXE
Where you assume there always is a . infront of the first
extension ?
That's something that we can probably add.
-Scott
Hi all,
hopefully someone can give us some insight to a problem related to BSOD we
have been encountering on our Imail server
Server is running Imail 8.02 with Declude Virus with scanners below and
Declude Junkmail. Nothing else is running on the server. Declude Virus
Config appears at end of
hopefully someone can give us some insight to a problem related to BSOD we
have been encountering on our Imail server
I'm guessing that it is one of the 3 virus scanners. AV programs often
access memory and hard drives at a low level, and are a bit more prone to
issues like this than most
I hate to hijack the thread but...
Why run so many scanners? We only run one scanner and have never had a
problem... Are we missing something by not running more than one?
Greg
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of R. Scott Perry
Sent: Monday,
Thanks Scott,
I have a feeling it is F-Prot because when this first started happening, we
did not have Netshield or AVG on the server.
So we've disabled both F-prot and AVG for now and let's see what happens.
If anyone else has seen similar issues please reply!
Peter
- Original Message
Well, yes. We only used Fprot till Mimail came out. At that time it took
Fprot 4 days to update their definitions. So many customers started getting
Mimail and complaining. To avoid the problem we decided to use multiple
scanners to lower possibility of a virus slipping thru.
However I don't
If it's worth $245 to you, I have had some success with Microsoft support
being able to pinpoint the culprit using the memory dumps.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mailing Lists
Sent: Monday, September 08, 2003 1:08 PM
To: [EMAIL
Right, I got that, but if you have 3 months of CLEAN restore points, you
only just got infected today, for example, you shouldn't have to trash
every
restore point, only today's, or even yesterday's, or even a month back.
for
that matter.. If that's the only way, why have restore points at
Are you using the DOS version or Windows version of F-Prot?
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:Declude.Virus-
[EMAIL PROTECTED] On Behalf Of Mailing Lists
Sent: Monday, September
Windows version,
Peter
- Original Message -
From: John Tolmachoff (Lists) [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, September 08, 2003 3:26 PM
Subject: RE: [Declude.Virus] Blue Screen on Imail with Declude Virus and
Declude Junkmail and Declude Junkmail
Are you using the
So right now, you only have Gristoft running, correct?
Exactly when did this start?
Have you run any performance monitors to see what is happening just before
the BSOD?
Any other AV software installed?
What AV is protecting the server itself?
John Tolmachoff MCSE CSSA
Engineer/Consultant
John,
right now only Netshield 2000 SP1 is running, hasn't crashed yet but too
early to tell.
No, we haven't run any performance monitors yet - but the common thing in
the BSOD is 100+ emails being processed by Imail/Declude. This will
generally happen during peak hrs, we can actually duplicate
Sorry if this is real obvious but I haven't upgrade my declude in a long
time and I can't remember where to get the latest version.
Can someone point me in the right direction?
Thanks
Timothy C. Bohen
CMSInter.Net LLC / Crystal MicroSystems LLC
===
web
Sorry if this is real obvious but I haven't upgrade my declude in a long
time and I can't remember where to get the latest version.
Can someone point me in the right direction?
If it has been over a year, the first step is to order a Service Agreement
at http://www.declude.com/order.htm .
Uhh sorry another dumb question, but other than digging through old files
can I find out if mine is expired??
Timothy C. Bohen
CMSInter.Net LLC / Crystal MicroSystems LLC
===
web : www.cmsinter.net
email: [EMAIL PROTECTED]
phone: 989.235.5100 x222
fax :
Uhh sorry another dumb question, but other than digging through old files
can I find out if mine is expired??
Unfortunately, that's the only way, aside from contacting us.
I'll check our records and let you know off-list.
-Scott
---
Declude
26 matches
Mail list logo