RE: [Declude.Virus] HiJack Question
First, you should be actively monitoring the HOLD2 directory. There are some scripts on the Declude Tools sight that can be used for this. Second, you do not need to cycle the SMTP service. However, you will have to rename the HOLD2 files if you want to release them and then manually move them. John Tolmachoff Engineer/Consultant/Owner eServices For You -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marc Sent: Sunday, February 06, 2005 11:12 PM To: declude.virus@declude.com Subject: [Declude.Virus] HiJack Question Scenario: Dialup ISP using dynamic IP allocation. Customer#1 using IP address of 1.2.3.4 trips threshold #2. Logs off. Customer #2 logs on and obtains the same IP that customer #1 had (1.2.3.4) My understanding is that HiJack will block Customer #2's outbound email as well. At leastuntil the Declude Console (DECCON.EXE) is closed. Question: If this is true, is it acceptable practice to cleanup HOLD2, stop the SMTP service, kill the DECCON PID and restart the SMTP service? Thx. -M --- The toughest part of getting to the top of the ladder, is getting through the crowd at the bottom. -- unknown
Re: [Declude.Virus] HiJack Question
John, Been there..doing that. My concern is that Customer #2's email will be incorrectly blocked due to DECCON's "memory". I felt it would be safer to stop the SMTP service before killing the deccon instance. -M---"Problems are only opportunities in work clothes." -- Henry J. Kaiser - Original Message - From: John Tolmachoff (Lists) To: Declude.Virus@declude.com Sent: Monday, February 07, 2005 2:53 AM Subject: RE: [Declude.Virus] HiJack Question First, you should be actively monitoring the HOLD2 directory. There are some scripts on the Declude Tools sight that can be used for this. Second, you do not need to cycle the SMTP service. However, you will have to rename the HOLD2 files if you want to release them and then manually move them. John Tolmachoff Engineer/Consultant/Owner eServices For You -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of MarcSent: Sunday, February 06, 2005 11:12 PMTo: declude.virus@declude.comSubject: [Declude.Virus] HiJack Question Scenario: Dialup ISP using dynamic IP allocation. Customer#1 using IP address of 1.2.3.4 trips threshold #2. Logs off. Customer #2 logs on and obtains the same IP that customer #1 had (1.2.3.4) My understanding is that HiJack will block Customer #2's outbound email as well. At leastuntil the Declude Console (DECCON.EXE) is closed. Question: If this is true, is it acceptable practice to cleanup HOLD2, stop the SMTP service, kill the DECCON PID and restart the SMTP service? Thx. -M---"The toughest part of getting to the top of the ladder, is getting through the crowd at the bottom." -- unknown
[Declude.Virus] McAfee and POP3 service crash
I've never seen this before, but beginning on Saturday morning, I started getting appearances of "Application Error" in my Event Log about McAfee: Faulting application Scan.exe, version 4.3.2.0, faulting module mcscan32.dll, version 4.3.2.0, fault address 0x0001cfd0. Then this morning the POP3 service started also giving errors in addition to McAfee: Faulting application POP3d32.exe, version 12.11.9.8, faulting module POP3d32.exe, version 12.11.9.8, fault address 0x00010bcb. The POP3 service had in fact crashed and it needed to be restarted (I rebooted just to be safe). I believe that this is the first time that I have ever seen the POP3 service crash. Although I don't believe that POP3 has anything direct relationship to McAfee on my server since that app is only used as a command line scanner, I'm quite suspicious of this causing the issue. Has anyone else seen either one of these errors on their systems? Thanks, Matt -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ =
Re: [Declude.Virus] McAfee and POP3 service crash
Although I cannot explain the cause of the issues you've seen, I would suggest that you upgrade your scan engine: http://www.mcafeesecurity.com/us/downloads/default.asp?wt.mc_n=us_updateswt.mc_t=ext_li_concid=10373. Download and run the SuperDat, file which contains the latest dat and engine updates (version 4400\4426). Bill - Original Message - From: Matt [EMAIL PROTECTED] To: Declude.Virus@declude.com Sent: Monday, February 07, 2005 6:27 AM Subject: [Declude.Virus] McAfee and POP3 service crash I've never seen this before, but beginning on Saturday morning, I started getting appearances of Application Error in my Event Log about McAfee: Faulting application Scan.exe, version 4.3.2.0, faulting module mcscan32.dll, version 4.3.2.0, fault address 0x0001cfd0. Then this morning the POP3 service started also giving errors in addition to McAfee: Faulting application POP3d32.exe, version 12.11.9.8, faulting module POP3d32.exe, version 12.11.9.8, fault address 0x00010bcb. The POP3 service had in fact crashed and it needed to be restarted (I rebooted just to be safe). I believe that this is the first time that I have ever seen the POP3 service crash. Although I don't believe that POP3 has anything direct relationship to McAfee on my server since that app is only used as a command line scanner, I'm quite suspicious of this causing the issue. Has anyone else seen either one of these errors on their systems? Thanks, Matt -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ http://www.mailpure.com/software/ = --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
RE: [Declude.Virus] McAfee and POP3 service crash
FWIW, I recently ran into a weirdness with McAfee; I use the daily dat download (engine plus dats), and have so for some months. What I do is for reporting completeness, I do a nightly scan of my spam folder to find out how many viruses were caught as spam. January didn't work, and I didn't notice for most of the month. What was happening was that the script was taking forever, and not completing for the script ran again the next night. I copied my spam folder to my local machine and ran the script again, with much the same result. I ran SystInternals.com's FileMon and found that McAfee's scan.exe was reading the current folder and the root of the drive bazillions of times. With a small-ish corpus, these extraneous reads made no difference to the scan time. With a large number of files in a directory with a very large number of files, the scan wasn't worth running. So just at the end of last week, I modified the script to use F-Prot instead of McAfee, and that has been working fine. Andrew 8) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bill Landry Sent: Monday, February 07, 2005 7:04 AM To: Declude.Virus@declude.com Subject: Re: [Declude.Virus] McAfee and POP3 service crash Although I cannot explain the cause of the issues you've seen, I would suggest that you upgrade your scan engine: http://www.mcafeesecurity.com/us/downloads/default.asp?wt.mc_n=us_update swt.mc_t=ext_li_concid=10373. Download and run the SuperDat, file which contains the latest dat and engine updates (version 4400\4426). Bill - Original Message - From: Matt [EMAIL PROTECTED] To: Declude.Virus@declude.com Sent: Monday, February 07, 2005 6:27 AM Subject: [Declude.Virus] McAfee and POP3 service crash I've never seen this before, but beginning on Saturday morning, I started getting appearances of Application Error in my Event Log about McAfee: Faulting application Scan.exe, version 4.3.2.0, faulting module mcscan32.dll, version 4.3.2.0, fault address 0x0001cfd0. Then this morning the POP3 service started also giving errors in addition to McAfee: Faulting application POP3d32.exe, version 12.11.9.8, faulting module POP3d32.exe, version 12.11.9.8, fault address 0x00010bcb. The POP3 service had in fact crashed and it needed to be restarted (I rebooted just to be safe). I believe that this is the first time that I have ever seen the POP3 service crash. Although I don't believe that POP3 has anything direct relationship to McAfee on my server since that app is only used as a command line scanner, I'm quite suspicious of this causing the issue. Has anyone else seen either one of these errors on their systems? Thanks, Matt -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ http://www.mailpure.com/software/ = --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type unsubscribe Declude.Virus.The archives can be found at http://www.mail-archive.com.
Re: [Declude.Virus] McAfee and POP3 service crash
Andrew, When you say "reading the root of the drive" do you mean the boot sector, or the files contained in the root of C: or the drive that was defined in the command line? And also just to clarify, "reading" in this case meaning "scanning", correct? Seems like being able to turn that off, or at least remove files from the root might make a big performance difference when you have high volume. Thanks, Matt Colbeck, Andrew wrote: FWIW, I recently ran into a weirdness with McAfee; I use the daily dat download (engine plus dats), and have so for some months. What I do is for reporting completeness, I do a nightly scan of my spam folder to find out how many viruses were caught as spam. January didn't work, and I didn't notice for most of the month. What was happening was that the script was taking forever, and not completing for the script ran again the next night. I copied my spam folder to my local machine and ran the script again, with much the same result. I ran SystInternals.com's FileMon and found that McAfee's scan.exe was reading the current folder and the root of the drive bazillions of times. With a small-ish corpus, these extraneous reads made no difference to the scan time. With a large number of files in a directory with a very large number of files, the scan wasn't worth running. So just at the end of last week, I modified the script to use F-Prot instead of McAfee, and that has been working fine. Andrew 8) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bill Landry Sent: Monday, February 07, 2005 7:04 AM To: Declude.Virus@declude.com Subject: Re: [Declude.Virus] McAfee and POP3 service crash Although I cannot explain the cause of the issues you've seen, I would suggest that you upgrade your scan engine: http://www.mcafeesecurity.com/us/downloads/default.asp?wt.mc_n=us_update swt.mc_t=ext_li_concid=10373. Download and run the SuperDat, file which contains the latest dat and engine updates (version 4400\4426). Bill - Original Message - From: "Matt" [EMAIL PROTECTED] To: Declude.Virus@declude.com Sent: Monday, February 07, 2005 6:27 AM Subject: [Declude.Virus] McAfee and POP3 service crash I've never seen this before, but beginning on Saturday morning, I started getting appearances of "Application Error" in my Event Log about McAfee: Faulting application Scan.exe, version 4.3.2.0, faulting module mcscan32.dll, version 4.3.2.0, fault address 0x0001cfd0. Then this morning the POP3 service started also giving errors in addition to McAfee: Faulting application POP3d32.exe, version 12.11.9.8, faulting module POP3d32.exe, version 12.11.9.8, fault address 0x00010bcb. The POP3 service had in fact crashed and it needed to be restarted (I rebooted just to be safe). I believe that this is the first time that I have ever seen the POP3 service crash. Although I don't believe that POP3 has anything direct relationship to McAfee on my server since that app is only used as a command line scanner, I'm quite suspicious of this causing the issue. Has anyone else seen either one of these errors on their systems? Thanks, Matt -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ http://www.mailpure.com/software/ = --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ =
RE: [Declude.Virus] McAfee and POP3 service crash
Title: Message I don't mean scanning the files in the root repetitively. In particular, FileMon was showing me that scan.exe was READing D:\ (as opposed to OPEN, CLOSE, QUERY INFORMATION, or SET INFORMATION - all of which are other request types that FileMon can log). Actually, it might have been D: instead of D:\ ... I'm not sure now.My conclusionwas thatit was re-reading the contents of the directory over and over. As you suggest, using the /exclude parameter to excerpt the root of the drive may have helped. The scan.exe file is dated October 2004, and my script was certainly working before and after that date, so it is also possible that a hotfix applied in late December or early January changed the behaviour of some API that scan.exe uses; I really don't know how much a DAT file can control the scanning behaviour, but the DATs are the only part of the McAfee client that changed! Andrew 8) -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of MattSent: Monday, February 07, 2005 10:35 AMTo: Declude.Virus@declude.comSubject: Re: [Declude.Virus] McAfee and POP3 service crashAndrew,When you say "reading the root of the drive" do you mean the boot sector, or the files contained in the root of C: or the drive that was defined in the command line? And also just to clarify, "reading" in this case meaning "scanning", correct?Seems like being able to turn that off, or at least remove files from the root might make a big performance difference when you have high volume.Thanks,MattColbeck, Andrew wrote: FWIW, I recently ran into a weirdness with McAfee; I use the daily dat download (engine plus dats), and have so for some months. What I do is for reporting completeness, I do a nightly scan of my spam folder to find out how many viruses were caught as spam. January didn't work, and I didn't notice for most of the month. What was happening was that the script was taking forever, and not completing for the script ran again the next night. I copied my spam folder to my local machine and ran the script again, with much the same result. I ran SystInternals.com's FileMon and found that McAfee's scan.exe was reading the current folder and the root of the drive bazillions of times. With a small-ish corpus, these extraneous reads made no difference to the scan time. With a large number of files in a directory with a very large number of files, the scan wasn't worth running. So just at the end of last week, I modified the script to use F-Prot instead of McAfee, and that has been working fine. Andrew 8) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bill Landry Sent: Monday, February 07, 2005 7:04 AM To: Declude.Virus@declude.com Subject: Re: [Declude.Virus] McAfee and POP3 service crash Although I cannot explain the cause of the issues you've seen, I would suggest that you upgrade your scan engine: http://www.mcafeesecurity.com/us/downloads/default.asp?wt.mc_n=us_update swt.mc_t=ext_li_concid=10373. Download and run the SuperDat, file which contains the latest dat and engine updates (version 4400\4426). Bill - Original Message - From: "Matt" [EMAIL PROTECTED] To: Declude.Virus@declude.com Sent: Monday, February 07, 2005 6:27 AM Subject: [Declude.Virus] McAfee and POP3 service crash I've never seen this before, but beginning on Saturday morning, I started getting appearances of "Application Error" in my Event Log about McAfee: Faulting application Scan.exe, version 4.3.2.0, faulting module mcscan32.dll, version 4.3.2.0, fault address 0x0001cfd0. Then this morning the POP3 service started also giving errors in addition to McAfee: Faulting application POP3d32.exe, version 12.11.9.8, faulting module POP3d32.exe, version 12.11.9.8, fault address 0x00010bcb. The POP3 service had in fact crashed and it needed to be restarted (I rebooted just to be safe). I believe that this is the first time that I have ever seen the POP3 service crash. Although I don't believe that POP3 has anything direct relationship to McAfee on my server since that app is only used as a command line scanner, I'm quite suspicious of this causing the issue. Has anyone else seen either one of these errors on their systems? Thanks, Matt -- = MailPure custom filters for Declude JunkMail Pro. http://www.mailpure.com/software/ http://www.mailpure.com/software/ = --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.Virus mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.Virus".The archives can be found at http://www.mail-archive.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This
RE: [Declude.Virus] McAfee and POP3 service crash
Title: Message I should have also mentioned that the script first makes a list of the files to scan, then tells scan.exe to scan the files in the list. I don't just tell scan.exe to scan the folder (if I had, I could buy the behaviour of reading the directory over and over again). Andrew 8) -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Colbeck, AndrewSent: Monday, February 07, 2005 10:54 AMTo: Declude.Virus@declude.comSubject: RE: [Declude.Virus] McAfee and POP3 service crash I don't mean scanning the files in the root repetitively. In particular, FileMon was showing me that scan.exe was READing D:\ (as opposed to OPEN, CLOSE, QUERY INFORMATION, or SET INFORMATION - all of which are other request types that FileMon can log). Actually, it might have been D: instead of D:\ ... I'm not sure now.My conclusionwas thatit was re-reading the contents of the directory over and over. As you suggest, using the /exclude parameter to excerpt the root of the drive may have helped. The scan.exe file is dated October 2004, and my script was certainly working before and after that date, so it is also possible that a hotfix applied in late December or early January changed the behaviour of some API that scan.exe uses; I really don't know how much a DAT file can control the scanning behaviour, but the DATs are the only part of the McAfee client that changed! Andrew 8) -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of MattSent: Monday, February 07, 2005 10:35 AMTo: Declude.Virus@declude.comSubject: Re: [Declude.Virus] McAfee and POP3 service crashAndrew,When you say "reading the root of the drive" do you mean the boot sector, or the files contained in the root of C: or the drive that was defined in the command line? And also just to clarify, "reading" in this case meaning "scanning", correct?Seems like being able to turn that off, or at least remove files from the root might make a big performance difference when you have high volume.Thanks,MattColbeck, Andrew wrote: FWIW, I recently ran into a weirdness with McAfee; I use the daily dat download (engine plus dats), and have so for some months. What I do is for reporting completeness, I do a nightly scan of my spam folder to find out how many viruses were caught as spam. January didn't work, and I didn't notice for most of the month. What was happening was that the script was taking forever, and not completing for the script ran again the next night. I copied my spam folder to my local machine and ran the script again, with much the same result. I ran SystInternals.com's FileMon and found that McAfee's scan.exe was reading the current folder and the root of the drive bazillions of times. With a small-ish corpus, these extraneous reads made no difference to the scan time. With a large number of files in a directory with a very large number of files, the scan wasn't worth running. So just at the end of last week, I modified the script to use F-Prot instead of McAfee, and that has been working fine. Andrew 8) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bill Landry Sent: Monday, February 07, 2005 7:04 AM To: Declude.Virus@declude.com Subject: Re: [Declude.Virus] McAfee and POP3 service crash Although I cannot explain the cause of the issues you've seen, I would suggest that you upgrade your scan engine: http://www.mcafeesecurity.com/us/downloads/default.asp?wt.mc_n=us_update swt.mc_t=ext_li_concid=10373. Download and run the SuperDat, file which contains the latest dat and engine updates (version 4400\4426). Bill - Original Message - From: "Matt" [EMAIL PROTECTED] To: Declude.Virus@declude.com Sent: Monday, February 07, 2005 6:27 AM Subject: [Declude.Virus] McAfee and POP3 service crash I've never seen this before, but beginning on Saturday morning, I started getting appearances of "Application Error" in my Event Log about McAfee: Faulting application Scan.exe, version 4.3.2.0, faulting module mcscan32.dll, version 4.3.2.0, fault address 0x0001cfd0. Then this morning the POP3 service started also giving errors in addition to McAfee: Faulting application POP3d32.exe, version 12.11.9.8, faulting module POP3d32.exe, version 12.11.9.8, fault address 0x00010bcb. The POP3 service had in fact crashed and it needed to be restarted (I rebooted just to be safe). I believe that this is the first time that I have ever seen the POP3 service crash. Although I don't believe that POP3 has anything direct relationship to McAfee on my server since that app is only used as a command line scanner, I'm quite suspicious of this causing the issue. Has anyone else seen either one of these errors on their systems? Thanks, Matt --
Re: [Declude.Virus] McAfee and POP3 service crash
Title: Message Sounds like it's worth a test and some monitoring just to see if there is a measurable difference in mail scanning activities. Thanks for sharing. Matt Colbeck, Andrew wrote: I should have also mentioned that the script first makes a list of the files to scan, then tells scan.exe to scan the files in the list. I don't just tell scan.exe to scan the folder (if I had, I could buy the behaviour of reading the directory over and over again). Andrew 8) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Colbeck, Andrew Sent: Monday, February 07, 2005 10:54 AM To: Declude.Virus@declude.com Subject: RE: [Declude.Virus] McAfee and POP3 service crash I don't mean scanning the files in the root repetitively. In particular, FileMon was showing me that scan.exe was READing D:\ (as opposed to OPEN, CLOSE, QUERY INFORMATION, or SET INFORMATION - all of which are other request types that FileMon can log). Actually, it might have been D: instead of D:\ ... I'm not sure now.My conclusionwas thatit was re-reading the contents of the directory over and over. As you suggest, using the /exclude parameter to excerpt the root of the drive may have helped. The scan.exe file is dated October 2004, and my script was certainly working before and after that date, so it is also possible that a hotfix applied in late December or early January changed the behaviour of some API that scan.exe uses; I really don't know how much a DAT file can control the scanning behaviour, but the DATs are the only part of the McAfee client that changed! Andrew 8) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Matt Sent: Monday, February 07, 2005 10:35 AM To: Declude.Virus@declude.com Subject: Re: [Declude.Virus] McAfee and POP3 service crash Andrew, When you say "reading the root of the drive" do you mean the boot sector, or the files contained in the root of C: or the drive that was defined in the command line? And also just to clarify, "reading" in this case meaning "scanning", correct? Seems like being able to turn that off, or at least remove files from the root might make a big performance difference when you have high volume. Thanks, Matt Colbeck, Andrew wrote: FWIW, I recently ran into a weirdness with McAfee; I use the daily dat download (engine plus dats), and have so for some months. What I do is for reporting completeness, I do a nightly scan of my spam folder to find out how many viruses were caught as spam. January didn't work, and I didn't notice for most of the month. What was happening was that the script was taking forever, and not completing for the script ran again the next night. I copied my spam folder to my local machine and ran the script again, with much the same result. I ran SystInternals.com's FileMon and found that McAfee's scan.exe was reading the current folder and the root of the drive bazillions of times. With a small-ish corpus, these extraneous reads made no difference to the scan time. With a large number of files in a directory with a very large number of files, the scan wasn't worth running. So just at the end of last week, I modified the script to use F-Prot instead of McAfee, and that has been working fine. Andrew 8) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bill Landry Sent: Monday, February 07, 2005 7:04 AM To: Declude.Virus@declude.com Subject: Re: [Declude.Virus] McAfee and POP3 service crash Although I cannot explain the cause of the issues you've seen, I would suggest that you upgrade your scan engine: http://www.mcafeesecurity.com/us/downloads/default.asp?wt.mc_n=us_update swt.mc_t=ext_li_concid=10373. Download and run the SuperDat, file which contains the latest dat and engine updates (version 4400\4426). Bill - Original Message - From: "Matt" [EMAIL PROTECTED] To: Declude.Virus@declude.com Sent: Monday, February 07, 2005 6:27 AM Subject: [Declude.Virus] McAfee and POP3 service crash I've never seen this before, but beginning on Saturday morning, I started getting appearances of "Application Error" in my Event Log about McAfee: Faulting application Scan.exe, version 4.3.2.0, faulting module mcscan32.dll, version 4.3.2.0, fault address 0x0001cfd0. Then this morning the POP3 service started also giving errors in addition to McAfee: Faulting application POP3d32.exe, version 12.11.9.8, faulting module POP3d32.exe, version 12.11.9.8, fault address 0x00010bcb. The POP3 service had in fact crashed and it needed to be restarted (I rebooted just to be safe). I believe that this is the first time that I have ever seen the POP3 service crash. Although I don't
