- Original Message -
From: "John Tolmachoff (Lists)" <[EMAIL PROTECTED]>
> So, if I am banning ZIPEXT, this should be caught since rar is treated
same
> as zip in Declude, correct?
Don't know...
> What is the file in the rar?
The "MsWindowsUpdate.rar" archive contains a single file cal
Thomas,
I am going to assume that
this message passed Declude JunkMail, and if logged there it also
passed Declude Virus if you have that installed in standard
configuration.
If you want to see what happened to the message, look in your IMail log
file for "850dc49c00d6246c"
if you are using I
Thomas,
The line you are looking for is the "Last Action"
line. The line you posted means the message triggered the ipnotinmx test
which normally is not used to punish messages. This message had a total
weight of -5. From the information provided Declude did not toss that
message. You
So, if I am banning ZIPEXT, this should be caught since rar is treated same
as zip in Declude, correct?
What is the file in the rar?
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
> -Original Message-
> From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
> On Behalf Of Andy Sc
Hi
all,
We had some problems
with a spam assassin box filling up over the past weekend and, needless to say,
it caused some grief with mail delivery. The problem I'm having presently is
that there are a few legitimate emails that got logged in Imail and declude, but
didn't get delivered p
Hi,
McAfee calls this one:
- Generic!rar
- PWS-Goldun.dr
An "Extra.dat" is available.
Best Regards
Andy
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.Virus mailing list. To
unsubscribe, just send an E-mail to [EMAIL
>> * Kind of like that popular email joke Mac|*nix|OS/2 self-inflicted virus
(please install this virus manually). <<
I know this as the Amish Virus - where you are prompted to please copy the
virus to diskette and walk it over to a neighbor's mailbox.
Best Regards
Andy
---
[This E-mail was sc
I believe that any file type that is handled by the interpreters
containing potential JPG exploits can in fact itself be infected. In
other words, take an infected JPG and rename it to TIFF and double
clicking on it should produce the same result with an unpatched program.
For some reason JPG
Interesting.
On the one hand, using RAR compression is likely to get the trojan
message past antivirus scanners to lots of users.
On the other hand, I hope that anyone who has taken the step to install
the free unrar or actually bought RAR has enough of a clue to discard
this email as an obvious
- Original Message -
From: "Andy Schmidt" <[EMAIL PROTECTED]>
> Just got that one - attached was a WindowsUpdate.rar, 43 KB.
On a Linux test server we run, I tested one of these messages and of the 7
virus scanners we have running on this test server (AVG, Sophos, TrendMicro,
McAfee, F-
Just got that one - attached was a WindowsUpdate.rar, 43 KB.
-Original Message-
From: Microsoft INC [mailto:[EMAIL PROTECTED]
Sent: Wednesday, January 26, 2005 09:15 PM
To: [EMAIL PROTECTED]
Subject: MS Windows/Critical Error
Dear Sir/Madam,
We kindly ask you to install this update to y
Does anyone know a reason why .tiff should not be excluded from
scanning? I was going to add .tiff to my don't scan list. Didn't see
any know exploits using .tiff but thought it'd be a good idea to see
what everyone here thought.
--
Best regards,
David mailto:[EMAIL PROT
12 matches
Mail list logo